[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] minutes (w/ attendance) SSTC concall 20-May-2008
wrt
AI: PM to address this bug in Technical Overview CD-02 Section 4.6
I've uploaded v16 to Kavi so I presume we can vote out a CD-03 next call.
paul
=JeffH wrote:
>
> ============================================================================
>
> SSTC/SAML concall Tue May 20 09:10:06 PDT 2008
> ----------------------------------------------------------------------------
>
> minutes by =JeffH
>
>
> proposed agenda:
> http://lists.oasis-open.org/archives/security-services/200805/msg00050.html
>
>
>
> AI summary
> ----------
>
> AI: BC signs up to help Eve on SSTC home page revamp
> AI: PM to address this bug in Technical Overview CD-02 Section 4.6
> AI: SSTC at large to be prepared to discuss/consider
> xspa-saml-profile-01 as a
> work item on next call
>
>
>
> Brian Campbell wrote:
> > (Added 4.4 at the suggestion of David Staggs)
> >
> > Proposed Agenda SSTC Conference Call
> > May 20, 2008, 12:00pm ET
> >
> > Dial in info: +1 215 446 3648
> > Access code 270-9441#
> >
> > Roll Call & Agenda Review
>
>
> Voting Members:
> Brian Campbell Ping Identity
> Scott Cantor Internet2
> Eve Maler Sun Microsystems
> Jeff Hodges NeuStar
> Ari Kermaier Oracle
> Hal Lockhart BEA Systems, Inc
> Paul Madsen NTT Corporation
> Bob Morgan Internet2
> Rob Philpott EMC Corporation
> Anil Saldhana Red Hat
> Tom Scavo NCSA
> David Staggs Veteran's Health Admin
> Eric Tiffany Liberty Alliance Project
> Emily Xu Sun Microsystems
> George Fletcher AOL
> Prateek Mishra Oracle
> Kent Spaulding Tripod Technology Group
> Srinath Godavarthi Nortel
>
> Members:
> Peter Davis Neustar
> Frederick Hirsch Nortel
>
> Quorum Achieved: 18 out of 21 Voting Members
>
> Membership Status Changes: Peter Davis and Frederick Hirsch (back as
> Voting Members)
>
>
> > 1. Approve minutes from May 6, 2008
> >
> http://lists.oasis-open.org/archives/security-services/200805/msg00024.html
>
>
>
> Brian Campbell (bc): approved by unanimous consent.
>
>
> > 2. Administrative
> >
> > 2.1 SSTC Home Page
> > Eve Maler (closing out AI#327) submitted proposal
> >
> http://lists.oasis-open.org/archives/security-services/200805/msg00033.html
>
>
> Eve (em) working on this. see msg on list..
> "AI #0327: Draft proposal for SSTC home page cleanup"
>
> Eve doesn't want to "loose data", wishing to have folks looking over
> her shoulder
> and to take action items and help do editing
>
> AI: BC signs up to help Eve - will connect offline on specifics
>
>
> Scott Cantor(sc): proposes that the wiki "saml dev" discussion forum
> shud be
> shut down and
> pointed to saml-dev@ list
>
> Jeff Hodges (jh) agrees, as does em
>
>
> > 2.2 Updating Specification Status after ballots
> >
> http://lists.oasis-open.org/archives/security-services/200805/msg00042.html
>
>
> bc: references Fredericks msg on the topic, he thinks that this won't
> affect us
> in near term.
>
> msg thread beginning 19-May-2008 entitled
> "[security-services] FW: [chairs] Updating Specification Status after
> ballots"
>
> bc: so if anyone has questions, can ask Mary and/or BC; but otherwise
> thinks we
> proceed as we are and see what happens, if anything
>
>
> > 3. Document Status
> >
> > 3.1 Subject-based Profiles for SAML V1.1 Assertions
> > (Re)Submitted to TC Admin for initial public review on May 19th
>
> bc: just fyi, wrt these docs...
>
> > 3.3 Holder-of-Key Web Browser SSO Profile
> > AIs #329, 330 & 331
> >
> > 3.4 Proposal: Query Extension for SAML AuthnReq
> > AI #332
> >
> > 3.5 Proposal: Profile for Use of DisplayName
> > AI #333
>
>
> bc: ..all above, just want to do bookkeeping on them, no additional
> discussion
> today?
> we just need to track the AIs (will cover them again at the end of
> this meeting..)
>
>
> > 4 Other business
>
> > 4.1 Error in Technical Overview CD-02 Section 4.6
> >
> http://lists.oasis-open.org/archives/security-services/200805/msg00027.html
>
>
> bc: Rob noticed this, treatment of signatures on the response. see msg
> above.
>
> seems to be something we shud fix
>
> pm: I'm most recent editor, will fix it.
>
> AI: PM to address this bug in Technical Overview CD-02 Section 4.6
>
>
> > 4.2 SAML 2.0 Interoperability Testing
> >
> http://lists.oasis-open.org/archives/security-services/200805/msg00026.html
>
> >
> http://projectliberty.org/liberty_interoperable/events/saml_2_0_interoperabi
>
> > lity_test
>
> Eric Tiffany (et): any questions on this? read the msgs and sign up if
> yer
> interested.
>
>
>
> > 4.3 X509SubjectAltName or full cert as in nameid?
> >
> http://lists.oasis-open.org/archives/security-services-comment/200805/msg00002.html
>
>
> bc: discussion btwn David Kemp & Tom Scavo wrt SubjectAltNames as a
> NameIdentifier, or perhaps entire cert
>
> Tom Scavo (ts): so david is basically wondering about the attr sharing
> profile
> which is at CS stage, he's suggesting that perhaps somethg other than
> (just)
> x.509 SubjectNamem might be used as NameIdentifier.
>
> ts: suggested that if he has something specific in mind, he should
> make his
> suggestions more explicit. ts doesn't plan on doing anything unless
> others also
> believe should be done.
>
> sc: agrees with TS that just using SubAltName might not be enough
> granularity
>
> [disc of all the name types in SubAltName... general agreement that
> suggestion
> isn't specific enough...]
>
> bc: so pending any further discussion at this time, wait for him to
> reply..
> where do we have NameIDFormats that apply to SubjectAltName?...
>
> Hal Lockhart (hl): in section 8.3 in -core- we have these name types...
>
> [general agreement that they might map, but not directly nor
> conguently, but
> something cud be done...]
>
>
>
> > 4.4 Cross-Enterprise Security and Privacy Authorization (XSPA)
> Profile of
> > SAML & XSPA TC
> >
> http://lists.oasis-open.org/archives/security-services/200805/msg00048.html
>
> [note draft spec attached to above message: xspa-saml-profile-01]
>
> david staggs (ds): HITSP (health info tech stds panel) -- trying to
> create a
> "transaction package" for health info package(s) -- hoping SAML TC can
> help do
> this correctly, want to create a profile for American health info
> council use
> case -- attached a draft of such a profile to that message, hope the
> TC can
> pick up as a work item and do it correctly
>
> xspa-saml-profile-01 "Cross-Enterprise Security and Privacy
> Authorization
> (XSPA)
> Profile of Security Assertion Markup Language (SAML)"
>
> bc: what do you want us to do? advise or progress the doc?
>
> ds: the latter, would be a good idea to do this in the SSTC
>
> em: criterion for doing this in sstc is eg wide applicability of such
> a profile
> if widely applicable maybe we shud do it here...
>
> ds: likely users/deployers will be government-wide most likely, so
> pretty wide
> applicability
>
> em: so we should hear more about it
>
> ds: HITSP needs to identify/reference "Standards", rather that cook up
> own
> profile a la GSA did with eGov effort, so really needs this to run
> thru a group
> like SSTC
>
> rob philpott (rp): we've done such w/x.508 attr profile, but this
> draft spec
> looks more govt-specific -- there's a lot of health-care specific
> stuff in this
> draft spec -- so perhaps another health-specific group shoudl progress
> this,
>
> ds: IHG has looked at this, but they are out of bandwidth,and we think
> oasis
> might be a good one too, so up to sstc to figure out whether sstc
> wants to just
> comment or progress it or whatever...also this new TC that's being
> created (by
> TS), it might take it on...
>
> XSPA - Cross Security Privacy Authz TC
> looking for conveners (talked to e.g. EM) mostly of interest to those
> serving health care.
>
> [discussion/queries wrt the HITSP IPR policies and ramifications thereof]
>
> em: was this sent to sstc as submission or ?
>
> ds: this is a proposed work item...
>
> em: so there are default IPR mode wrt sstc...
>
> hl: but that applies to only sstc output...and with stuff sent to the
> (list)
> archives means that there's some default IPR licensing on that stuff upon
> submission
>
> ds: getting back to the spec...
>
> hl: suggests defer it to next call, can review before then and then
> consider
> the request on next call...
>
> bc: concurs...
>
> AI: SSTC at large to be prepared to discuss/consider
> xspa-saml-profile-01 as a
> work item on next call
>
>
> > 5 Action Items (Report created 19 May 2008 04:36pm EDT)
>
> > #0333: Publish a new revision of Profile for Use of DisplayName in
> OASIS
> > template
> > Owner: Sampo Kellomki
> > Status: Open
> > Assigned: 2008-05-19
> > Due: ---
>
> remains open
>
>
>
> > #0332: Revise Query Extension for SAML AuthnReq
> > Owner: Sampo Kellomki
> > Status: Open
> > Assigned: 2008-05-19
> > Due: ---
>
> remains open
>
>
>
>
> > #0331: Revise Holder-of-Key Web Browser SSO Profile to make X.509
> mandatory
> > to implement
> > Owner: Nathan Klingenstein
> > Status: Open
> > Assigned: 2008-05-19
> > Due: ---
>
> remains open
>
>
>
>
> > #0330: Revise Holder-of-Key Web Browser SSO Profile to make clear
> what 'TLS'
> > means, i.e. SSL 3, TLS 1, or TLS 1.1
> > Owner: Nathan Klingenstein
> > Status: Open
> > Assigned: 2008-05-19
> > Due: ---
>
>
> remains open
>
>
>
> > #0329: Revise Holder-of-Key Web Browser SSO Profile WRT Authn
> Statements
> > Owner: Nathan Klingenstein
> > Status: Open
> > Assigned: 2008-05-19
> > Due: ---
>
> remains open
>
>
>
> > #0328: Revise SimpleSign
> > Owner: Jeff Hodges
> > Status: Open
> > Assigned: 2008-05-19
> > Due: ---
>
>
> remains open
>
>
> Additional business?
> ---------------------------------
>
> em: any thoughts from IIW that are saml-relevant?
>
> [no answer]
>
> **meeting adjorned**
>
>
>
>
> ============================================================================
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail. You may a link to this group and all your TCs in
> OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>
>
--
Paul Madsen e:paulmadsen @ ntt-at.com
NTT p:613-482-0432
m:613-282-8647
aim:PaulMdsn5
web:connectid.blogspot.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]