OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes for conference call of December 5, 2006

Voting Members:
19/31 (quorum)

Bhavna Bhatnagar
Sharon Boeyen
Brian Campbell
Carolina Canales-Valenzuela
Scott Cantor
Peter Davis
Frederick Hirsch
Guy Denton
Dana Kaufman
Ari Kermaier
Chris Lazowski
Paul Madsen
Prateek Mishra
Jahan Moreh
Rob Philpott
Tom Scavo
David Staggs
Greg Whitehead
Thomas Wisniewski

Non-voting members:

Alessandro Triglia
Greg Desmarais

> Dial in info: +1 865 673 6950;
> Access code: 270-9441#
> 1. Roll Call & Agenda Review,
> We need a secretary to record minutes

Tom Scavo selected by lottery.

> 2. Approve minutes from October 24 con-call
> http://www.oasis-open.org/archives/security-services/200611/msg00010.html

Minutes from previous SSTC meeting anonymously approved.

> 3. Security Services TC IPR Ballot
> http://www.oasis-open.org/archives/security-services/200611/msg00048.html
> Closes December 10th ! Please remind your company representative

TC members should have received e-mail notification re this Ballot.
Please exercise your privilege to vote for this important Ballot!
(Make special note of the Dec 10 closing date.)

> 4.Public Review of SAML Profiles and Extensions - 15 day review
> http://www.oasis-open.org/archives/security-services/200611/msg00017.html
> Review period has now closed - no new comments have been received.

Since no  new comments were received, these Working Drafts may now be
considered as possible Committee Drafts.

> 4a)
> MOTION: Move to committee specification
> http://www.oasis-open.org/committees/process.php#3.3

Scott Cantor makes a motion to move these documents to Committee Draft
status.  Greg Whitehead seconds the motion.  No discussion.  Motion is
anonymously approved.

> 5. Pending 60-day reviews - waiting on minor
> doc edits from authors

Revised documents "Shared Credentials Authentication Context
Extension" and "Requested Authentication Context Protocol Extension"
were uploaded to the repository today (2006-12-05).  The
"Acknowledgments" pages in these documents need to be updated (but
this should not hinder the forthcoming 60-day review process).

General issues regarding HTML versions of documents were raised.
Images, in particular, are a problem.  ZIP archives are one possible
solution.  This issue needs to be resolved.

> 6. New threads
> 6a) IdP Discovery
> http://www.oasis-open.org/archives/security-services/200611/msg00018.html

Greg Whitehead has raised the issue of interoperability with respect
to the Common Domain Cookie defined in the SAML V2.0 IdP Discovery
Profile.  One solution is to explicitly call out the requirement for a
persistent cookie (which is believed to be the original intent of the
Profile as inherited from Liberty ID-FF).  Alternatively, a potential
interoperability issue can simply be noted in errata, leaving the
choice of persistent vs. session cookie open as a deployment detail.
In any event, errata re the IdP Discovery Profile is needed.  Scott
Cantor takes this as an Action Item

The Shibboleth Project is willing to submit a draft of an alternative
approach to IdP Discovery.  Scott accepts this as an Action Item.  See
the following wiki page for some background material:


> 6b) Errata around TLS keys in metadata
> http://www.oasis-open.org/archives/security-services/200611/msg00049.html

Jahan Moreh accepts an Action Item to write this up as errata.

> 7.
> Report created 05 December 2006 01:15am EST
> #0269: CDize errata based on draft 35
> Owner: Eve Maler
> Status: Open
> Assigned: 2006-09-25
> Due: ---

Still open.

> #0266: New deployment profile
> Owner: Tom Scavo*
> Status: Open
> Assigned: 2006-09-25
> Due: ---

Still open.  Draft will be submitted prior to next SSTC meeting 

> #0265: Updated draft of X.500 attribute sharing deployment profile
> Owner: Ari Kermaier
> Status: Open
> Assigned: 2006-09-25
> Due: ---

Still open.

New Business

The "SAML V2.0 X.500/LDAP Attribute Profile" should be added to next
agenda.  A vote re Committee Draft status will be sought.

SSTC minutes submitted 2006-12-05.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]