Re: [security-services] Minutes from SSTC Call on 23 March 2010

[Anil Saldhana <Anil.Saldhana@redhat.com>]

On 04/05/2010 09:04 AM, Thomas Hardjono wrote:
> Folks,
>
> Below are the minutes from the SSTC Call on 23 March 2010.
> Since PaulM got disconnected for some minutes, I have
> added my notes where needed (eg. motion on Kerberos profile).
>
> Big thanks to Paul Madsen for his help.
>
> Regards.
>
> Thomas+Nate
> -----------------
>
> -------------------------------------------------------------
>
> Proposed Agenda SSTC Conference Call
> Tuesday 23 March 2010, 12:00pm ET
>
> 1. Roll Call&  Agenda Review.
>
>    
Voting Members:
Rob Philpott      EMC Corporation
John Bradley     Individual
Scott Cantor     Internet2
Thomas Hardjono     M.I.T.
Tom Scavo     National Center for Supercomputing Applica...
Thinh Nguyenphu     Nokia Siemens Networks GmbH & Co. KG
Hal Lockhart     Oracle Corporation
Emily Xu     Oracle Corporation
David Staggs     Veterans Health Administration

Members:
Anthony Nadalin     Microsoft Corporation
Anil Saldhana     Red Hat
Nathan Klingenstein     Internet2

Quorum: 9 out of 15 (60%)
Status: Tony Nadalin, Nate and Anil gain voting rights. George Fletcher 
and Kent Spaulding lose voting rights.

> Quorum achieved
>
> 2. Need a volunteer to take minutes.
>
> Paul Madsen
>
> 3. Approval of minutes from last meeting (9 March, 2010)&  February 23, 2010
>
>        ## Minutes for Feb 23 approved
> 		
> 	  Scott sent small correction - http://lists.oasis-open.org/archives/security-services/201003/msg00035.html
> 	  Anil posted roll - http://lists.oasis-open.org/archives/security-services/201003/msg00036.html
> 	
> 	  ## Minutes for March 9 (with Scott's minor corrections&  roll info) approved
>
> 	
> 4. AIs&  progress update on current work-items:
>
> TC responsible for formatting up to and including CD status docs. OASIS admin responsible for CS
>
>    (a) Current electronic ballots: None open.
>
>    (b) Status/notes regarding past ballots: (none)
>
>    (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 as a CS
>         - Status: Thomas has formally asked Mary for new Ballot. (3/11th)
>
> 	  SC: There is a dependency on this that requires this be voted soon to CS. ICAM reps in eGov work at Kantara have asked for a stable reference.
> 	
>    (d)  SAML V2.0 Holder-of-Key Assertion Profile Version 1.0
>         - Status: Thomas has formally asked Mary for an Announcement-email for success of ballot. (3/11th)
>
> 	   HL: Also asking for the CS version of the document (as formatting responsibility of Mary)
> 	
> 	   SC: wonders if admin is also responsible for publishing approved errata. May have to figure out a way to kick things forward.
> 	
> 	
>    (e) Kerberos related items. [Josh/Thomas]
>          - Kerberos Web Browser SSO Profile:
>                - Want to move to CD, but waiting for reformatting of doc
>          - AI: Thomas/Josh to reformat to CD format before resubmitting request.
>          - NOTE: Oasis/Mary's slides indicate that we should NOT prepare a CD-formatted doc prior to vote.
>
> 		TH: ready to go to CD, understanding is that docs need not be formatted in advance of a vote to CD?
> 		HL: correct
> 		SC: talked to the Kerberos folks and there were some concerns about the attribute profile.
>
>          - Motion: to begin 60-day public review of Kerberos Web Browser SSO profile (Hal)
>            Second: Scott Cantor.
>            No objections.
>
> 		
>    (f) Expressing Identity Assurance profile for SAML2.0 (LOA)
>         - Status: Thomas has formally asked Mary for new Ballot. (3/11th)
>
> 	   TH: same sitation, waiting on Mary for a ballot to CS
> 	
>    (g) Older docs: Thomas has formally asked Mary to post these 4 docs (3/11th)
>
>          (I) Protocol Extension for Third-Party Requests (CS-01)
>         (II) Protocol Extension for Requested Authentication Context (CS-01)
>         (III) Shared Credentials Authentication Context Extension and Related Classes (CS-01)
>         (IV) Text-based Challenge/Response (CS-01)
>
> 		TH: understanding is that these simply need to be posted, Mary move them to right folder?
> 		HL: yes
> 		
>    (h) Errata doc:
>         - Scott working on publishing updated "Approved Standard with Approved Errata".
>
> 	   SC: we approved errata in October, but still nothing at the right place.
>                    Issue is we are not sure who is supposed to format it.
>                    Even if Scott did it, he cant place it where it needs to go.
> 	
> 	   HL: recently we've had better success sending Mary a focused email
> 	
> 	   SC: vote is done, nothing really remains other than boilerplate change and posting to permanent URL
> 	
>             AI: Scott to make formatting changes to approved errata CD doc. Send email to Mary hoping for action. Will copy Thomas
>
> 		
>    (i) NSN Attribute Update proposal (Thinh)
>
>              T: no updates. Will work with Oracle to determine how to merge different proposals. Nothing to report right now.
>
>
>    (j) Metadata Interop profile (Scott) - update
>
>             SC: no real update. Dependency on Kerberos attribute profile.
>                  Separately, unclear whether Kantara requireents may need this document to move forward sooner rather than later.
>
>             JB: still hoping for feedback on ICAM SAML profile to determine whether ICAM profile should ref this document....
>
>
> 5. New work items:
>
>    SC: will be sending in a new draft of the SSO initiation draft. Small tweaks, then ready to move to TC
>
>    HL: some things coming up, but too soon to talk about it.
>
>
>
> 6. Assorted threads on saml-dev/comment list:
> - Project Moonshot
>
> 		TH: goal is to provide identity federation for non-web applications.
>                         Programmers want easy APIs for authentication in federated systems.
>                         Proposing new GSS mechanism around EAP. SAML portion is when the Authentication Server talks to the IdP.
> 		
> 		SC: want to tunnel EAP over GSS, use that to establish the SAML-based sec context.
>                        Maybe some sort of artifact to address small packet size in EAP. Number of discussions with Josh about how to best use SAML. Interested in IETF reaction
> 	
> 	TH: on topic of IETF, any comments on OAuth?
> 	
> 	SC: no comment
>
> 	TN: disappointed in lack of progress.
> 	
> 	SC: did note the seeming interest in reinserting the SAML Assertion profile.
>                 If that goes forward, will likely chime in to ensure SAML gets used correctly
> 	
> - Visit from SOA-TEL TC to the SSTC Call on April 20.
>         Need to decide if we want to lengthen our telecon to 90 minutes.
> 	
> 	   TH: any objections to April 20 visit?
> 	   HL: in past, weve rarely used the extra time. Lets keep the time as is
> 	   SC: agenda should mention whether the SAO-TEL update is first or second half
> 	   HL: may make sense to give them fixed time at start, the first 45 minutes
> 	
> 	   agreed
>
>
> 7. Call for new SSTC Co-chair.
>
> 	TH: Hal stepping down after 4 years. Picking a new co-chair.
>                Have one person who would be suitable but also wanted to ask group.
>                The nominee is Nate Klingenstein.
>
> 	NK: flattered and would accept. Can commit to a year or perhaps bit longer
> 	
> 	TH: objections to unanimous consent to elect Nate?
> 	
> 	None given
> 	
> 	TH: hearing no objections, Nate is now co-chair
> 	
> 8. Next Call: Tuesday 6 April, 2010.
>
> -------------------------------------------
>