[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Minutes SSTC Conference Call (9 March 2010)
On 03/23/2010 11:32 AM, Anil Saldhana wrote: > > On 03/23/2010 11:03 AM, ARI KERMAIER wrote: >> Minutes from the last meeting, roll-call missing. >> Regards, >> Ari >> >>> -----Original Message----- >>> From: Thomas Hardjono [mailto:hardjono@MIT.EDU] >>> Sent: Monday, March 08, 2010 1:22 PM >>> To: OASIS SSTC >>> Cc: Harold Lockhart >>> Subject: [security-services] Proposed Agenda SSTC Conference Call (9 >>> March 2010) >>> >>> >>> >>> >>> Folks, >>> >>> Let us know if there are any corrections or changes >>> needed for the Agenda. >>> >>> Note: Thomas will not be on the call due to a meeting clash, but Hal >>> will be present. >>> >>> >>> Hal+Thomas >>> ----------------- >>> >>> _______________________________________________________ >>> >>> Proposed Agenda SSTC Conference Call >>> Tuesday 9 March 2010, 12:00pm ET >>> >>> Dial in info: +1 408-774-4073 >>> Conference code: 4480739 >>> Password: 72657265 (SAMLSAML) >>> >>> >>> 1. Roll Call& Agenda Review >> No quorum. >> > Voting Members: > Scott Cantor Internet2 > Bob Morgan Internet2 > Tom Scavo NCSA > Frederick Hirsch Nokia Corporation > Thinh Nguyenphu NSN > Ari Kermaier Oracle Corporation > Hal Lockhart Oracle Corporation > Emily Xu Sun Microsystems > > Members: > Anthony Nadalin Microsoft Corporation > Phil Hunt Oracle Corporation > Anil Saldhana Red Hat > > Quorum: Not Achieved: 9 out of 19 (47%) > Status: Paul Madsen and Nate Klingenstein lose voting rights > >>> 2. Need a volunteer to take minutes >> Ari (was) volunteered. >> >>> 3. Approval of minutes from last meeting (23 Feb, 2010): >> Skipped due to lack of quorum. >> >>> http://www.oasis- >>> open.org/apps/org/workgroup/security/email/archives/201003/msg00006.htm >>> l >>> >>> NB. Minor typo ("ICAM" vs "ICANN"). >>> >>> >>> 4. AIs& progress update on current work-items: >>> >>> (a) Current electronic ballots: None open >> No update. >> >> . >>> (b) Status/notes regarding past ballots: (none) >> No update. >> >>> (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 as a >>> CS >>> SAML V2.0 Holder-of-Key Assertion Profile Version 1.0 >>> - Status: Mary asked chairs to send 1 email per request to TC- >>> Admin >>> - AI: Thomas will resend to Mary, 1 email per request for all >>> documents. (TBD Thomas) >> Ballot passed. Issue Tracker: TC-Admin 52 >> No official notification from TC-Admin, though. >> Who should create the CS version -- TP-Admin? >> >>> (d) Kerberos related items. [Josh/Thomas] >>> - Attribute Profile and the Subject Confirm Method docs are in >>> 60-day review. >>> - Kerberos Web Browser SSO Profile: >>> - Want to move to CD, but waiting for reformatting of >>> doc >>> - AI: Thomas/Josh to reformat to CD format before resubmitting >>> request. >> No update. >> >>> (e) Expressing Identity Assurance profile for SAML2.0 (LOA) >>> - Bob has done all corrections Mary asked for. >>> - Status: Mary asked chairs to send 1 email per request to TC- >>> Admin >>> - AI: Thomas will resend to Mary, 1 email per request for all >>> documents. (TBD Thomas) >> Issue Tracker: TC-Admin 75 >> Scott reports having sent requested info to Mary, but status not >> updated. >> >>> (f) CS version of Text-based Challenge/Response profile. >>> - Status: Mary asked chairs to send 1 email per request to TC- >>> Admin >>> - AI: Thomas will resend to Mary, 1 email per request for all >>> documents. (TBD Thomas) >> No update, but no open AI in SSTC. >> >>> (g) Errata doc: >>> - Scott working on publishing updated "Approved Standard with >>> Approved Errata". >> Getting document published at URL is still outstanding. Scott still >> doesn't have closure on whether he or RC-Admin will do the edits for >> the CS version. >> >>> (h) NSN Attribute Update proposal (Thinh) >> Phil Hunt (Oracle) posted an alternate proposal that covers similar >> use cases. Basically the same as last Fall's proposal, with the >> addition of full subject lifecycle management (Add, Modify), and >> Replace in the Modify operation. >> Scott asks: Is this a back-channel or front-channel protocol? >> Answer: Intended as back-channel, but could be profiled as >> front-channel. >> Scott: Don't you need to have subject authentication to add a >> subject? Sounds like something to be careful about. >> Phil: Maybe need additional spec for authn/delegation. >> Scott: Does Modify Subject include NameID modification? Isn't that >> already covered by Manage NameID protocol? >> Discussion/observations about proposals for authentication, SP >> credentialing, policy, IDP semantics, etc. >> Hal calls for TC to review the new proposal. >> >>> (i) Metadata Interop profile (Scott) - update >> Scott suggested incorporating Josh's Kerberos-related profiles into a >> revision of the current profile. Scott rev'ed the document to v2.0, >> merged in the material, reworked the conformance section. Also made >> some modifications to respond to objections from other communities >> (ICAM, et al). Posted March 1. Still has some cleanup and schema work >> to do. Also wants to pull in XML-DSIG 1.1 KeyInfo, but timelines may >> not work out if we want to progress the document to CS sooner. >> >> (j) Scott has a new profile draft, just uploaded, that he'll >> describe briefly on the >> call to solicit comment. >> http://wiki.oasis-open.org/security/RequestInitProtProf >> Scott: Proposal to standardize a Shibboleth mechanism for how to ask >> a provider to initiate SSO (SP or IDP initiated). Particularly useful >> for SPs supporting multiple protocols. Not SAML(2)-specific, designed >> to work across multiple protocols, including InfoCard. Composable >> with the Discovery Protocol. >> >>> >>> 5. New work items: none. >>> >>> >>> 6. Assorted threads on saml-dev/comment list: >>> - SAML assertion profile in OAuth 2.0 (Paul M.) >> Sunil mentions that SAML is not strongly referenced in the OAuth >> spec. Bob mentions that they might be removing that reference. >>> - Project Moonshot (Josh) >>> - IETF draft and planned BOF at IETF77 >> Scott: There are various conversations and proposals going on about >> where SAML fits into this. Try to attend the Bar BOF at IETF77. >> >>> >>> 7. Next Call: Tuesday 23 March, 2010. >>> New dial-in number (MIT webex number): Thomas to post on separate >>> email.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]