OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Draft minutes, SSTC conf call, March 25 2008


Draft Minutes
SSTC Conf call
March 25, 2008
Scribe:  RL "Bob" Morgan

Roll Call & Agenda Review

Roll Call:
Voting Members:

Hal Lockhart         BEA Systems, Inc.
Brian Campbell       Ping Identity
Rob Philpott         EMC Corporation
Scott Cantor         Internet2
Bob Morgan           Internet2
Tom Scavo            National Center for Supercomputing Applica...
Ari Kermaier         Oracle Corporation
Anil Saldhana        Red Hat
David Staggs         Veterans Health Administration
Jeff Hodges          Neustar
Paul Madsen          NTT Corporation
Eric Tiffany         Liberty Alliance
Emily Xu             Sun Microsystems
George Fletcher      AOL Corporation

Members:
Eve Maler        Sun Microsystems
Prateek Mishra   Oracle Corporation

Voting Status:
George Fletcher obtained Voting status after 3/11/2008 call
Eve Maler obtained Voting status after today's call
Kent Spaulding, Peter Davis lost voting status after today's call

Quorum Achieved: 14 out of 17 Voting Members

1. Approve minutes from Feb 11, 2008
http://lists.oasis-open.org/archives/security-services/200803/msg00014.html

Approved.

2. Administrative

2.1 RSA Conference
Conference April 7-11
Next SSTC call would be April 8

Call cancelled, next call April 22.

Many SSTC participants will be at the Concordia event on Monday April 7.

3. Document Status

3.1 Subject-based Profiles for SAML V1.1 Assertions (Draft-03)
http://lists.oasis-open.org/archives/security-services/200803/msg00045.html

Tom S:
  Two comments received:  motivation, addressed in introduction.
  Comment about "strongly matches" addressed in email.
  So, ready for CD
Brian:  so, members should review for CD vote on next call.

3.2 Ballot now open to approve 5 specs as Committee Specifications (Closes
Wed)
http://lists.oasis-open.org/archives/security-services/200803/msg00041.html

Online vote now open to approve these specs as CS, closes March 26
(tomorrow), please vote.  Two-thirds of voting members needed, have not
achieved that yet.

3.3 Technical Overview
http://lists.oasis-open.org/archives/security-services/200803/msg00008.html
New draft posted ~3 weeks ago.  Where are we?

Hal:  Question open as to whether this document would eventually go to CS
  or not.  Discussion in OASIS of separate document track for non-normative
  docs, but hasn't concluded yet.  CD could be advertised via Robin Cover's
  pages and OASIS news, could be as effective as public review process.

Brian:  move to CD now?
Hal:  so moved.  BobM seconds.
No objections to unanimous consent, passed.
PaulM will edit to create CD version.  Brian will update TC page.

3.4 Holder-of-Key Web Browser SSO Profile Draft

Nate can't join call, no further discussion.

4 Errata

4.1 New draft - Scott Closed PE65, PE66, E68, PE69.  Added PE70, PE71, PE72.
And reworded PE67. 
http://www.oasis-open.org/apps/org/workgroup/security/download.php/27677/sst
c-saml-errata-2.0-draft-43.pdf

Scott:  all new PEs are trivial
Scott:  move to approve PE71, Brian seconds, no objections, passed.

4.2 Metadata Errata Items

E68, E69 & Reworded PE67.  Others?

Brian:  any others?
Scott:  no
Scott:  re PE67, maybe add text suggesting what implementations do re the
   absence of info, as a SHOULD, varies by element
   lines 165-172 of MD spec touches this issue
TomS:  this seems like a significant problem, would like more time to
   review

4.3 The 'lost' errata
http://lists.oasis-open.org/archives/security-services/200803/msg00047.html

item ("followon to E61"):  issue withdrawn (TomS)
Eve:  edited a while ago, seems accurate now, not worth fixing again
Scott:  will tweak E61 text to remove dangling ref

item ("SSO profile", msg00018)
does replay detection of assertion apply to artifact binding?
Scott:  propose adding something to artifact text as MAY
   though better to avoid adding more optional stuff to complex spec
Brian:  consider this one closed?  OK

item ("incorrect URI", msg00069)
Scott:  has been handled

item ("type in E15", msg00034)
Scott:  fixed
Scott:  any other errata to errata?
procedural issue:  can "approved" errata be changed again?
Brian:  let's not do errata-to-errata doc
Scott:  will propose clarifying text for next errata doc draft
   will re-open E15 as PE


5 Other business

Note OSIS interop at RSA conference, Tuesday April 8
   including SAML assertions in Infocard tokens


6 Action Items (Report created 24 March 2008 10:33am EDT)

#0323: Make errata on orig spec with correct reference in place of
draft-mealling-uuid-urn-05.txt
Owner: Scott Cantor
Status: Open
Assigned: 2008-02-11
Due: 2008-03-11

Closed via PE70.
Scott:  move to accept PE70, TomS seconds, no objections, passed.

Next call April 22, 2008

Adjourned.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]