[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Draft Minutes SSTC Call - May 23, 2006
Attendance inserted below. -- Steve Anderson BMC Software -----Original Message----- From: Paul Madsen [mailto:paulmadsen@rogers.com] Sent: Tuesday, May 23, 2006 4:29 PM To: security-services@lists.oasis-open.org Subject: [security-services] Draft Minutes SSTC Call - May 23, 2006 OASIS SSTC conference call minutes, 2006-05-23 By: Paul Madsen 1. Roll Call & Agenda Review Quorum achieved Attendance of Voting Members Steve Anderson BMC Software Bhavna Bhatnagar Sun Microsystems Brian Campbell Ping Identity Carolina Canales-Valenzuela Ericsson Scott Cantor Internet2 Frederick Hirsch Nokia Ari Kermaier Oracle Hal Lockhart BEA Systems, Inc Paul Madsen NTT Corporation Prateek Mishra Oracle Jahan Moreh Sigaba Anthony Nadalin IBM Ashish Patel France Telecom Rob Philpott RSA Security Nick Ragouzis Enosis Group David Staggs Veteran's Health Admin Greg Whitehead Hewlett-Packard Company Thomas Wisniewski Entrust Emily Xu Sun Microsystems Attendance of Non-Voting Members Peter Davis NeuStar Jeff Hodges NeuStar John Hughes PA Consulting Membership Status Changes Heather Hinton IBM - Lost voting status after 5/23/2006 call Cameron Morris Novell - Lost voting status after 5/23/2006 call Jeff Hodges NeuStar - Granted voting status after 5/23/2006 call John Hughes PA Consulting - Granted voting status after 5/23/2006 call 2. Approve minutes from May 9 con-call http://lists.oasis-open.org/archives/security-services/200605/msg00023.h tml Jeff: Move to approve Rob: Seconded Approved 3. Informational a. Five CD drafts in public review - http://lists.oasis-open.org/archives/security-services/200605/msg00013.h tml Hal:Broadacst in various lists. Chairs will update web page Call for disclosure http://lists.oasis-open.org/archives/security-services/200605/msg00017.h tml Hal:Anybody with IPR should disclose b. "Lightweight" SAML & Liberty Session http://lists.oasis-open.org/archives/security-services/200605/msg00011.h tml Hal: What does lightweight SAML mean? Scott: IETF lists heating up, heading towards another BOF at next meeting (Montreal) Nick: Area Director indicated that this will become a Working Group c: Status of Technical Overview John: No explicit action from last minutes for taking Technical Overview forward Hal:What is status? Rob: in my hands, Eve, Nick, and I have been working on Draft 09. Trying to get it to point for posting in next week or so AI: Rob to get v09 out for next week d. Google use of SAML for search appliance Hal: details and link available on SAML Dev 4. Active Threads a. Shared Credentials http://lists.oasis-open.org/archives/security-services/200605/msg00021.h tml Ashish: we submitted updated version adter feedback. Updated RAC protocol extension, schema and discussion document to reflect feedback from Scott. The AuthnContext extension was not impacted. We are wondering how to move forward. What steps? Prateek: Just ask for CD vote Scott: yup, we just need to schedule a vote so that people know when to review Hal: June 6th? Jeff: Sure Hal: comment on list as well AI: Chairs to add agenda item for vote for next call b. Options for correction of LDAP/X.500 attr profile http://lists.oasis-open.org/archives/security-services/200605/msg00022.h tml Hal: Scott posted on LDAP X.509 attribute item? Scott: fulfilling an action item, attempt at a comprehensive list of options Prateek: issue is? Scott: if you say type is string, then you can't have attributes. I presented 5 different approaches, none are really errata \ but the profile is broken so what is the process? Rob: should be a new release. Scott: overkill Hal: errata meant to bring things back to original intent, not Greg: if we had known this before going final, what would we have done? Scott: recommending #3, move encoding attribute up to the attribute element, where it is permitted through wildcarding. Other attribute profiles do this. People had originally thought of doing $4 which is DCE profile, implication is that we'd need anotehr schema doc (not part o 2.0 ZIP). Other reasons not to like this as well Prateek: do other profiles add attributes? Scott: yes, XACML. Hal: conflict between desire to leave 2.0 alone and need to fix this Greg: is anybody using it? Scott: somewhat, this is the one that shouldn't be left broken. #5 is effectively 'leave things alone'. Shib has referenced this from some community docs and this is untenable Hal: does this have an errata number?, - 53 RL Bob: can't ignore this - lots of interest in this Hal: especially as SAML 2 being picked up by ITU-T John: UK government as well Scott: resolve by next call, people need to review Greg: viable option to just drop the encoding? Scott: That would be #2, the names would have to imply the encoding rules. Dicey to depend on absence of attribute RL Bob: idea of multiple encodings is speculative .... Hal: ITU-T cares about X.500. Need to come to conclusion soon. Eggs will be broken .. Greg: maybe eveybody can rank Scott's options as to preference Hal: or Eve's Quaker pole, e.g. what's your favourite and what can you live with Greg: another alternative to solving the issue would be a) remove the x500:Encoding attribute and document that the LDAP encoding uses xsi:type string and base64Binary b) document that other encodings should define new types Scott: I think this is #2 Greg: we could drop the attribute and just document that how the LDAP encoding is signified Scott: yes, this would be clarification for #2 Hal: lets move to list 5. Errata review http://lists.oasis-open.org/archives/security-services/200605/msg00024.h tml PE53 - is the X.500 error discussed above, has the wrong name, cut and paste error PE43 - is what Scott just posted, encryption profile changes, Scott made minor changes, Text hasn't changed. Like to get this voted in. Scott: move to approve Greg: Second approved PE49 - has been open for a while. Scott feels not ready for a vote. Scott will ahve something for next call PE50 - Conformance doc and clarification on SSL Cipher Suite is Eric on the call? Been here for a while. Greg: move to approve Scott: second approved PE52 - following thread with Rob and Scott? Scott: I wrote the text so I think its Rob's call on clarifications Rob: Yup, haven't been able to get to it AI; Rob to propose text for PE52 6. Open AIs #0250: PE 43 Owner: Heather Hinton Status: Open Assigned: 2006-02-13 Due: --- closed #0238: Plan for red-line versions of SAML 2.0 Owner: Eve Maler Status: Open Assigned: 2005-11-08 Due: --- open #0240: Status of SAML 2.0 submission to ITU T Owner: Abbie Barbir Status: Open Assigned: 2005-11-08 Due: --- open pending word from ITU-T #0257: authentication context and shared credentials Owner: Paul Madsen Status: Open Assigned: 2006-04-10 Due: 2006-04-30 closed #0259: Propose text to resolve PE 49 - Clarification on attribute name format (The relationship between an attribute's NameFormat and its syntax is not clear.) Owner: Scott Cantor Status: Open Assigned: 2006-04-26 Due: 2006-05-15 open #0260: Create document of requested enhancements Owner: Eve Maler Status: Open Assigned: 2006-05-23 Due: 2006-06-15 Eve on vacation open 7. AOB 7a: New attribute issue, possible RFE Some objections for language in Core about the limitation in core that says all AttributeValue elements have to share the same xsi:type, if any. CUrrently baked into core Two options - put it into RFE list (scott's view - errata Scott will start a thread on list 7b: Additional item on X.500 LDAP support, RL Bob: option tags are LDAP feature, wanted to use 'language tags' but no support in the LDAP profile. Hal: Likely an RFE Next call scheduled on June 6 Close -- Paul Madsen e:paulmadsen @ ntt-at.com NTT p:613-482-0432 m:613-302-1428 aim:PaulMdsn5 web:connectid.blogspot.com --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]