OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Updated w/ Attendance: SSTC Concall, July 31, 2007 Draft Minutes

SSTC Concall, July 31, 2007, Draft Minutes

Roll Call & Agenda Review

Frederick Hirsch volunteered to take minutes today.

Paul Madsen will do minutes next time.

Attendance of Voting Members  
  Conor P. Cahill
  Brian Campbell
  Carolina Canales-Valenzuela
  Scott Cantor
  Peter Davis
  Frederick Hirsch
  Hal Lockhart
  Paul Madsen
  Eve Maler
  Prateek Mishra
  Anthony Nadalin
  Rob Philpott
  Anil Saldhana
  Tom Scavo
  David Staggs
  Eric Tiffany

Attendance of Non-Voting Members 
  Chris Laskowski
  Bob Morgan
  Lakshmi Thiyagarajan

16 out of 22 voting members present, have quorum.

1. Approve minutes from July 17 as amended


Minutes approved unanimously.

2. Administrative

2.1 News: E-Authentication now supports SAML V2.0
Formerly supported SAML 1.0 now supports SAML 2.0

2.2 Workshop on SAML & XACML Given at GeoWeb 2007 in Vancouver, July 23
Hal presented workshop on SAML and XACML, much interest in SAML.

3. Document Status

3.0 Eight wiki pages added to track status and milestones for documents

3.1 Docs on their way to OS
3.1.1 Metadata Profile for the OASIS Security Assertion Markup Language
(SAML) V1.x CS Version now done

3.1.2 Metadata Extension for SAML V2.0 and V1.x Query Requesters CS
Version now done

Metadata Profile and Metadata Extension documents are now in new
document format.
Chairs will request ballot to make 15 August deadline.

3.2 SAML V2.0 Errata
Public Review began 16 July 2007, and ends 31 July 2007 (today) No
comments have yet been received.

3.3 Docs pending public review
3.3.1 Documents needing conformance clauses *SAML V2.0 Attribute Sharing
Profile for X.509 Authentication-Based Systems *SAML V2.0 Deployment
Profiles for X.509 Subjects *Identity Provider Discovery Service
Protocol and Profile *SAMLv2.0 HTTP POST "SimpleSign" Binding

Committee needs to approve new drafts after adding conformance clauses
before public review on these.

3.3.2 Security Assertion Markup Language (SAML) V2.0 Technical Overview
Waiver on conformance as the doc is informational and not normative?

Brian communicated with TC Admin.
Committee Draft is currently highest status that can be obtained.
No conformance clause necessary. Can choose to perform public review or
not, but not same cycle as normative specification. OASIS is considering
alternative approaches but this is not available yet.

Hal - we have pending edits. Should we update and then do public review
or public review first?

Conor - public review would be good, but first do update Others agree.
Conor - want implementers to review even if not direct target, also
gives publicity.

General agreement to do update and then public review.

Eve asks whether any SSTC members would like to compare this SSTC
technical overview with recent WS-Federation white paper.

4 Other business

Eve notes Concordia and digital id world workshop - asks about
attendance, that attendees contact Eve. Conor plans to attend.

Hal notes XML Security Workshop

"Position papers are due 14 August for the Workshop on Next Steps for
XML Signature and XML Encryption to be held 25-26 September in Mountain
View, California, USA, hosted by VeriSign. Attendees will discuss next
steps for the XML Signature and XML Encryption specifications and share
their experiences implementing and developing these standards. Topics
may include interoperability and robustness, performance, legal
requirements for digital signature formats, and the impact of the
evolving XML environment. The Workshop is expected to give its
recommendations to the XML Security Specifications Maintenance Working
Group. The Workshop is free free and open to all, however, submission of
position papers is required of all participants."


5 Action Items

#0282: AuthnContextDecl and AuthnContextDeclRef Confusion
Owner: Eric Tiffany
Eric: No normative changes needed, but some guidance text might be
Not clear where to put it. List discussion.

#0283: Change final arrows to solid in Tech Overview diagrams
In progress

#0286: Research the use of LDAP language tags
Owner: Bob Morgan
Bob: LDAP Attribute profile needs to be updated to fix schema and to
preserve attribute types and tags.
Scott: Suggested tagging options are not preserved and outside of
Bob: Tags not used much. Language tags are used. Could be XML tags.
Scott: if tags used widely, then need to consider.
Might want to limit to language tags rather than general case.

Scott will update wiki for this document.

Scott will review language tag and offer proposal.

#0298: Prepare CS version of Metadata Profile for the OASIS Security
Assertion Markup Language (SAML) V1.x
Owner: Scott Cantor
Done, close.

#0299: Prepare CS version of Metadata Extension for SAML V2.0 and V1.x
Query Requesters
Owner: Tom Scavo
Done, close.

#0300: Double check w/OASIS admin that 2 metadata specs needn't conform
to the new document templates
Owner: Hal Lockhart
Done, close.

#0302: Find and distribute language around the conformance statement.
Owner: Hal Lockhart
Done, close.

#0303: Confirm that 'null' conformance clause is ok for Tech overview.
Owner: Brian Campbell
Done, close.

Next meeting 14 August.

Meeting Adjourned.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]