OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes from SSTC Call on 23 March 2010


Below are the minutes from the SSTC Call on 23 March 2010.
Since PaulM got disconnected for some minutes, I have
added my notes where needed (eg. motion on Kerberos profile).

Big thanks to Paul Madsen for his help.




Proposed Agenda SSTC Conference Call
Tuesday 23 March 2010, 12:00pm ET

1. Roll Call & Agenda Review.

Roll To be inserted

Quorum achieved

2. Need a volunteer to take minutes.

Paul Madsen

3. Approval of minutes from last meeting (9 March, 2010) & February 23, 2010

      ## Minutes for Feb 23 approved
	  Scott sent small correction - http://lists.oasis-open.org/archives/security-services/201003/msg00035.html
	  Anil posted roll - http://lists.oasis-open.org/archives/security-services/201003/msg00036.html
	  ## Minutes for March 9 (with Scott's minor corrections & roll info) approved

4. AIs & progress update on current work-items:

TC responsible for formatting up to and including CD status docs. OASIS admin responsible for CS

  (a) Current electronic ballots: None open.

  (b) Status/notes regarding past ballots: (none)
  (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 as a CS
       - Status: Thomas has formally asked Mary for new Ballot. (3/11th)

	  SC: There is a dependency on this that requires this be voted soon to CS. ICAM reps in eGov work at Kantara have asked for a stable reference.
  (d)  SAML V2.0 Holder-of-Key Assertion Profile Version 1.0
       - Status: Thomas has formally asked Mary for an Announcement-email for success of ballot. (3/11th)

	   HL: Also asking for the CS version of the document (as formatting responsibility of Mary)
	   SC: wonders if admin is also responsible for publishing approved errata. May have to figure out a way to kick things forward.
  (e) Kerberos related items. [Josh/Thomas]
        - Kerberos Web Browser SSO Profile: 
              - Want to move to CD, but waiting for reformatting of doc
        - AI: Thomas/Josh to reformat to CD format before resubmitting request.
        - NOTE: Oasis/Mary's slides indicate that we should NOT prepare a CD-formatted doc prior to vote.

		TH: ready to go to CD, understanding is that docs need not be formatted in advance of a vote to CD? 
		HL: correct
		SC: talked to the Kerberos folks and there were some concerns about the attribute profile.

        - Motion: to begin 60-day public review of Kerberos Web Browser SSO profile (Hal)
          Second: Scott Cantor.
          No objections.
  (f) Expressing Identity Assurance profile for SAML2.0 (LOA) 
       - Status: Thomas has formally asked Mary for new Ballot. (3/11th)

	   TH: same sitation, waiting on Mary for a ballot to CS
  (g) Older docs: Thomas has formally asked Mary to post these 4 docs (3/11th)

        (I) Protocol Extension for Third-Party Requests (CS-01)
       (II) Protocol Extension for Requested Authentication Context (CS-01)
       (III) Shared Credentials Authentication Context Extension and Related Classes (CS-01)
       (IV) Text-based Challenge/Response (CS-01)

		TH: understanding is that these simply need to be posted, Mary move them to right folder?
		HL: yes
  (h) Errata doc:
       - Scott working on publishing updated "Approved Standard with Approved Errata". 

	   SC: we approved errata in October, but still nothing at the right place. 
                  Issue is we are not sure who is supposed to format it. 
                  Even if Scott did it, he cant place it where it needs to go.
	   HL: recently we've had better success sending Mary a focused email
	   SC: vote is done, nothing really remains other than boilerplate change and posting to permanent URL
           AI: Scott to make formatting changes to approved errata CD doc. Send email to Mary hoping for action. Will copy Thomas

  (i) NSN Attribute Update proposal (Thinh)

            T: no updates. Will work with Oracle to determine how to merge different proposals. Nothing to report right now.

  (j) Metadata Interop profile (Scott) - update

           SC: no real update. Dependency on Kerberos attribute profile. 
                Separately, unclear whether Kantara requireents may need this document to move forward sooner rather than later.
           JB: still hoping for feedback on ICAM SAML profile to determine whether ICAM profile should ref this document....

5. New work items: 

  SC: will be sending in a new draft of the SSO initiation draft. Small tweaks, then ready to move to TC
  HL: some things coming up, but too soon to talk about it.

6. Assorted threads on saml-dev/comment list:
- Project Moonshot

		TH: goal is to provide identity federation for non-web applications. 
                       Programmers want easy APIs for authentication in federated systems. 
                       Proposing new GSS mechanism around EAP. SAML portion is when the Authentication Server talks to the IdP.
		SC: want to tunnel EAP over GSS, use that to establish the SAML-based sec context. 
                      Maybe some sort of artifact to address small packet size in EAP. Number of discussions with Josh about how to best use SAML. Interested in IETF reaction
	TH: on topic of IETF, any comments on OAuth? 
	SC: no comment

	TN: disappointed in lack of progress.
	SC: did note the seeming interest in reinserting the SAML Assertion profile. 
               If that goes forward, will likely chime in to ensure SAML gets used correctly
- Visit from SOA-TEL TC to the SSTC Call on April 20. 
       Need to decide if we want to lengthen our telecon to 90 minutes.
	   TH: any objections to April 20 visit? 
	   HL: in past, weve rarely used the extra time. Lets keep the time as is
	   SC: agenda should mention whether the SAO-TEL update is first or second half
	   HL: may make sense to give them fixed time at start, the first 45 minutes

7. Call for new SSTC Co-chair.

	TH: Hal stepping down after 4 years. Picking a new co-chair. 
              Have one person who would be suitable but also wanted to ask group. 
              The nominee is Nate Klingenstein.

	NK: flattered and would accept. Can commit to a year or perhaps bit longer
	TH: objections to unanimous consent to elect Nate?
	None given
	TH: hearing no objections, Nate is now co-chair
8. Next Call: Tuesday 6 April, 2010.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]