Minutes for April 11 Conference Call (with attendance)

[Prateek Mishra <prateek.mishra@oracle.com>]

Minutes of SSTC conference call on April 11, 2006

1. Roll Call & Agenda Review

Members:

Abbie Barbir
Brian Campbell
Carolina Canales-Valenzuela
Scott Cantor
Frederick Hirsch
Dana Kaufman
Arie Kermaier
Hal Lockhart
Paul Madsen
Eve Maler
Prateek Mishra
Jahan Moreh
Bob Morgan
Ashish Patel
Rob Philpott
Iriving Reid
Eric Tiffany
Tom Wisniewski
Emily Xu


Observers:
Cameron Morris
Nick Ragouzis

Quorum achieved (19 members present, 16 required)

2. Approve minutes from 28-Mar con-call
http://www.oasis-open.org/archives/security-services/200603/msg00033.html

Prateek Mishra [PM]: the link points to a version of the minute without attendance. 
Hal: Steve has sent a message with the attendance. The message number is 0005. 
No objections. Minutes approved.


3. Errata Review
http://www.oasis-open.org/apps/org/workgroup/security/download.php/17618/sstc-saml-errata-2.0-draft-26.pdf

PE43: remains open.
PE46: Scott will propose a slightly modified text for next call.
PE48: Scott: Two separate issues. The encoding discussion is straightforward and errata can be recorded as is (lines 1155-1158 of errata). The second issue regarding attribute format is not as straightforward. 
Jahan will divide PE48 into two separate errata.

*
a. **X509 Authn Attribute Profile  <msg00000.html>errata http://www.oasis-open.org/archives/security-services/200604/msg00000.html
PM: We will collect comments and when public review process ends we will make a consolidated document.
PM: The document has not been sent to OAISIS though the TC has voted on it.
Scott: Notes that he had observed the same problem and was told this was intentional for auditing purposes.
Rob: Has sent an email suggesting changes to the intro. 
ACTION ITEM: Rob will follow up with Rick Randall regarding Authn Attribute Profile.


b. *AI 245*
*
http://www.oasis-open.org/archives/security-services/200603/msg00034.html
Captured in PE48 (will be split into to errata).

4. Open AIs
#0258: Remains open. Eve will try to get the files up by end of today.



*#0257*: authentication context and shared credentials
CLOSED. Paul and Ashish have posted five documents.
Paul: Based on Scott’s recommendation Asish and Paul have recommended two extensions:  one on Protocol and one on AutN Context. Paul is convinced that the proposal satisfies their requirement and hopes that it will be useful in general. Paul has uploaded 5 documents, including schema extension documents. Paul invites TC to review and comment.

PM: Is the ultimate goal to make this a CD?
Paul: Yes.
Scott: Looks like the extension will create a bit of a “nested calculation”.
Asish: Yes, this is required to account for cases for IdP needing to (re)authenticate the principal. 
------------------------------------------------------------------------
*#0256*: Ciphersuite selection
Remains open.
------------------------------------------------------------------------
*#0250*: PE 43
Remains open
------------------------------------------------------------------------
*#0248*: Provide draft of IBM's SAML 2.0 research report
Remains open. Prateek will follow up with Tony N.
------------------------------------------------------------------------
*#0245*: Per 17-Jan con-call: Greg W. to propose some clarifying text for the attribute profile section re: the issues discussed on the call.
Closed (resulted in PE 48)------------------------------------------------------------------------
*#0240*: Status of SAML 2.0 submission to ITU T
*Remains open.
Hal: The work on SAML is probably done. He has no reason to believe that the ITU will not approve.

------------------------------------------------------------------------
*#0238*: Plan for red-line versions of SAML 2.0
*Owner*: Eve Maler
Remains open
------------------------------------------------------------------------
Meeting adjourned at 12:36 PM EDT.