[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: OASIS SSTC con call minutes 2009-01-13 (revised)
OASIS SSTC conference call minutes 2009-01-13 Scribe: RL "Bob" Morgan ** Action Summary PEs 75, 76, 77, and 78 were unanimously accepted as errata. Roll Call & Agenda Review 1. Minutes 1.1 Minutes from SSTC/SAML conference call December 16, 2008 http://lists.oasis-open.org/archives/security-services/200812/msg00047.html ** Approved with no objection 2. Announcements 2.1 Public Review of XSPA Profile of SAML for Healthcare http://lists.oasis-open.org/archives/security-services/200901/msg00017.html Introduction http://lists.oasis-open.org/archives/security-services/200812/msg00040.html Examples http://lists.oasis-open.org/archives/security-services/200812/msg00041.html Duane: We will demonstrate the XSPA profile of SAML (along with the new XSPA Introduction and XSPA Examples non-normative material just submitted) at the joint HITSP/OASIS/HIMSS presentation in the "new directions" booth at the HIMSS09 Conference April 4-8 in Chicago. 3. Document Status 3.1 HoK Assertion Request Profiles (draft-01) http://lists.oasis-open.org/archives/security-services/200812/msg00034.html Motivation http://lists.oasis-open.org/archives/security-services/200812/msg00052.html Tom: Primary motivation is to support VOMS, a widely-deployed authorization service for grid systems. VOMS is adding SAML support in addition to existing X.509 support. 3.2 SAML V2.0 HoK Web Browser SSO Profile (draft-11) http://lists.oasis-open.org/archives/security-services/200901/msg00016.html Tom: refactoring of -10 draft. Message sent listing changes: ... Q1: refer to SimpleSign in this profile? Scott: written to permit SimpleSign, right? should continue to permit any suitable binding Q2: which binding should be mandatory to implement? Scott: should make something MTI, don't know which, probably not artifact 3.3 SAML V2.0 Holder-of-Key Assertion Profile (draft-08) http://lists.oasis-open.org/archives/security-services/200901/msg00015.html Tom: relaxed requirements for X.509 certs that can be used with profile, not referring specifically to X.509v3 except in one place. 3.4 SAMLv2.0 HTTP POST "SimpleSign" Binding http://wiki.oasis-open.org/security/SimpleSignBinding Voted to public review on last call but not started yet, however, comments made by Tom: http://lists.oasis-open.org/archives/security-services/200901/msg00007.html Brian: Not sure what path to take on this doc. Scott: Not enthusiastic about this doc, since it doesn't seem to have had uptake from the community it was intended for. Can address comments, but not much interest in spending a lot of time on it. JeffH is co-author ... Peter: hoping to align SimpleSign proposal in XRI TC with this one ... Hal: shouldn't take this doc to CS if we think it's changing is this going to be proposed in X3C XML signature? Scott: maybe, don't know people have implemented, so unwise to make technical changes George Fletcher had shown interest, will ping him about it Brian: will leave in CD status until something else happens 4. Other business 4.1 Errata... Scott: go through list in draft 46 PE75: issue is whether to nail down 2nd level status code, suggest not bothering, move to approve as is, Hal seconds, approved with unanimous consent PE76: nesting issue with cache durations, suggest that nested conditions can narrow period, not expand it Scott moves to accept, Hal seconds, approved unanimously PE77: generalize metadata spec to be less SAML-specific so it can be referenced from WS-Fed specs involved removing "SAML" from various phrases, couple of bigger changes Scott moves to accept, Hal seconds, approved unanimously PE78: discussion indicated "MUST NOT" is OK, can be done in errata TomS: support change, but might affect existing deployments if some IdPs reassign ... Scott: constraint that IDs are supposed to be pseudo-random implies that reuse would be accidental and extremely rare, if implementers follow that recommendation RobP: support MUST NOT, let's put it out for review Scott: move to approve option 2, Rob seconds, approved unanimously 5. Action Items (Report created 12 January 2009 06:15pm EST) All left open. #0333: Publish a new revision of Profile for Use of DisplayName in OASIS template Owner: Sampo Kellomki Status: Open Assigned: 2008-05-19 Due: --- #0332: Revise Query Extension for SAML AuthnReq Owner: Sampo Kellomki Status: Open Assigned: 2008-05-19 Due: --- Attendance ========== Voting Members: Rob Philpott EMC Corporation John Bradley Individual Jeff Hodges Individual Scott Cantor Internet2 Nathan Klingenstein Internet2 Bob Morgan Internet2 Tom Scavo NCSA Peter Davis NeuStar, Inc. Srinath Godavarthi Nortel Hal Lockhart Oracle Corporation Brian Campbell Ping Identity Corporation Anil Saldhana Red Hat Kent Spaulding Skyworth TTG Holdings Limited Eve Maler Sun Microsystems Emily Xu Sun Microsystems Duane DeCouteau Veterans Health Administration Members: Paul Madsen NTT Corporation Ari Kermaier Oracle Corporation Quorum: 16 out of 21 Voting Members (76%) Membership Status Change: Paul Madsen and Ari Kermaier regain voting rights. George Fletcher loses voting rights. --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]