[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Minutes of SS TC Concall June 19, 2007
With attendance data ... -- Steve Anderson BMC Software -----Original Message----- From: Hal Lockhart [mailto:hlockhar@bea.com] Sent: Tuesday, June 19, 2007 2:46 PM To: security-services@lists.oasis-open.org Subject: [security-services] Minutes of SS TC Concall June 19, 2007 > Roll Call & Agenda Review Eric Tiffany to take minutes. Attendance of Voting Members Steve Anderson BMC Software Abbie Barbir Nortel Conor P. Cahill Intel Brian Campbell Ping Identity Carolina Canales-Valenzuela Ericsson Peter Davis NeuStar Frederick Hirsch Nokia Jeff Hodges NeuStar Ari Kermaier Oracle Hal Lockhart BEA Systems, Inc Paul Madsen NTT Corporation Eve Maler Sun Microsystems Prateek Mishra Oracle Rob Philpott EMC Corporation Anil Saldhana Red Hat Tom Scavo National Center for Supercomputing Applications David Staggs Veteran's Health Admin Eric Tiffany IEEE Industry Standards Greg Whitehead Hewlett-Packard Company Emily Xu Sun Microsystems Attendance of Non-Voting Members Jeff Bohren BMC Software Bob Morgan Internet2 Anthony Nadalin IBM Kent Spaulding Tripod Technology Group Attendance of Observers Ron Jacobson CA Membership Status Changes Kent Spaulding Tripod Technology Group - Granted membership 6/6/2007 Jeff Bohren BMC Software - Granted voting status after 6/19/2007 call Heather Hinton IBM - Lost voting status after 6/19/2007 19 of 23 in attendance, quorum achieved > > 1. Approve minutes from June 5 > http://lists.oasis-open.org/archives/security-services/200706/msg00029.h tml Link above msg 29 has corrected attendence Approved by unanimous consent > > 2. Administrative > > 2.1 Five Specifications sent to TC Admin for Public Review (6/12) > > SAML v2.0 Technical Overview > SAMLv2.0 HTTP POST "SimpleSign" Binding IdP Discovery SAML V2.0 > Deployment Profiles for X.509 Subjects SAML V2.0 Attribute Sharing > Profile for X.509 Authentication-Based Systems On June 12th amended request for public review was submitted, duration is 60 days. > > > 2.2 Errata sent to TC Admin for Public Review (6/18) 15 day public review should start in several days. > > > 2.3 Attestations Tracking > http://wiki.oasis-open.org/security/CommitteeSpecAttestations > > 4 - Metadata Profile > > 3 - Metadata Extension for Query Requesters > > Should we ask for a Special Majority Vote to Submit for OASIS Member > Vote? 4 attesting to metadata profile 3 attesting to metadata extensions for Attr Requestors Conor moves to hold a vote to submit metadata profile and metadata extensions specs for Attr Requestors for OASIS member vote Tom Scavo seconds Approved by unanimous consent 2.4 Next meeting? 4th of July is a holiday, and 3rd thus becomes difficult. So the 7/3 meeting is canceled and the next meeting is 7/17 > > 3. SAML 2.0 Profile of SPML 2.0 Submission > > http://www.oasis-open.org/archives/security-services/200706/msg00001.h > tm > l Jeff Boren joins to discuss submission. This profile is designed to normatively specify how you would use SPML to pre-provision accounts for future (potential) use in a federation. Bob Morgan asks why SPML2.0 is insufficient Jeff says there is no specific SPML format profile that maps the SAML assertion elements. Eve notes it is similar to XACML SAML profile. Prateek asks how does it layer onto generic SPML implementations. Jeff responds that the provisioning TC originally initiated this work, which includes most of the prov vendors, but they didn't feel they had the federation expertise. Jeff reviews submission Question about Optional Capabilities and how these are identified. Jeff responds that anything not in the Core Capabilities list defined by SPML is optional. Question about the filtering mechanism which will need to be defined. Jeff notes that SPML provides a filtering framework, but the details are profile-specific. Question about Updates Capability. IDP mentioned twice in discussion of request (Jeff thinks this is a typo, should be "IDP" and "SP"). Second question about which direction the requests should flow. Jeff notes that it might go in both directions If the IDP is supposed to be the identity authority, so how can it reconcile updates occuring at various SPs? Jeff responds that the IDP would periodically access the SPs to query about updates. What is the next step? What is left to do? Jeff notes these things need normative language: 1. Search filtering mechanism 2. Provisioning Schema 3. What part of SAML Assertion should be used Scope depends on how many attribute types you want to take into account. NEW ACTION ITEM: Investigation of IPR policy regarding submission Owner: Hal Jeff Hodges notes a couple of things. Rational (answer to Bob Morgan question) should be included in the document. Discussion about whether this should be taken up as a work item. Jeff H makes supportive statement, no dissenters. Jeff H moves that SSTC take up the SPML / SAML profiling work Eve seconds Approved by unanimous consent Jeff Bohren volunteers to be the Editor of the document. > > > 4. Other Business > > > 5. AIs > > #0282: AuthnContextDecl and AuthnContextDeclRef Confusion > Owner: Eric Tiffany > Status: Open > Assigned: 2007-03-27 > Due: --- Continuing > > #0283: Change final arrows to solid in Tech Overview diagrams > throughout. > Owner: Paul Madsen > Status: Open > Assigned: 2007-03-27 > Due: --- Continuing > > #0286: Research the use of LDAP language tags > Owner: Bob Morgan > Status: Open > Assigned: 2007-04-11 > Due: 2007-04-24 > Still Open > #0291: Request Public Review of Errata Document > Owner: Hal Lockhart > Status: Open > Assigned: 2007-04-11 > Due: 2007-04-24 completed
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]