Re: [security-services] Minutes from SSTC call June 1, 2010 withoutAttendance

[Anil Saldhana <Anil.Saldhana@redhat.com>]

On 06/01/2010 01:18 PM, Harold Lockhart wrote:
> Minutes from SSTC call June 1, 2010
>
>    
>> 1. Roll Call&  Agenda Review.
>>      
>    
Voting Members:
John Bradley      Individual
Scott Cantor     Internet2
Nathan Klingenstein     Internet2
Thomas Hardjono     M.I.T.
Thinh Nguyenphu     Nokia Siemens Networks GmbH & Co. KG
Paul Madsen     NTT Corporation
Phil Hunt     Oracle Corporation
Ari Kermaier     Oracle Corporation
Hal Lockhart     Oracle Corporation
Anil Saldhana     Red Hat
David Staggs     Veterans Health Administration

Quorum: 11 out of 14 voting members (78%).  Quorum Achieved.
Status: No changes.

>
>    
>> 2. Need a volunteer to take minutes.
>>      
> Hal to do minutes.
>
>    
>> 3. Approval of minutes from last meetings:
>>
>> Minutes from SSTC Call on 18 May 2010:
>> http://www.oasis-open.org/apps/org/workgroup/security/email/ar
>> chives/201005/msg00019.html
>>      
> Approved unanamously.
>
>    
>> 4. AIs&  progress update on current work-items:
>>
>>    (a) Current electronic ballots: None open.
>>
>>    (b) Status/notes regarding past ballots: None.
>>
>>    (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version
>> 1.0 as a CS
>>         - Status: Thomas has formally asked Mary for new
>> Ballot. (3/11th)
>>         - Status: Mary has acknowledged, and is setting up
>> ballot currently. (4/15)
>>         - Status: Thomas has followed-up again with Mary to
>> request Ballot (May/14th).
>>         - Status: still awaiting response from Mary.
>>      
> Still waiting
>
>    
>>    (d)  SAML V2.0 Holder-of-Key Assertion Profile Version 1.0
>>         - Status: CS-01 version of this doc is on WiKi.
>>         - AI: Thomas to ask Mary to move into Doc tree.
>>      
> Will repeat request.
>
>    
>>    (e) Kerberos related items. [Josh/Thomas]
>>          - Kerberos Web Browser SSO Profile:
>>          - Status: In 60-day review.
>>      
> Still going on.
>
>    
>>    (f) Expressing Identity Assurance profile for SAML2.0 (LOA)
>>          - Status: In 60-day review.
>>      
> Still going on.
>
>    
>>    (g) Older docs: Thomas has formally asked Mary to post
>> these 4 docs (3/11th)
>>          (I) Protocol Extension for Third-Party Requests (CS-01)
>>         (II) Protocol Extension for Requested Authentication
>> Context (CS-01)
>>         (III) Shared Credentials Authentication Context
>> Extension and Related Classes (CS-01)
>>         (IV) Text-based Challenge/Response (CS-01)
>>          - Status: Still awaiting response from Mary.
>>      
> Still waiting.
>
>    
>>    (h) NSN Attribute Management proposal (Thinh) - updates
>>      
> Phil Hunt sent an email describing 3 flows.
>
> Phil: Three ways to do online provisioning. All assume the ability to pass SAML Assertion.
> Tried to capture pros and cons of each alternative. Request comments and corrections. If we can getting some interim agreement we can update the proposal.
>
> Scott: Possible use of SPML.
>
> Phil: not sure SAML&  SPML identifier schemes can be reconciled.
>
> SPML only suitable for back channel.
>
> Scott: Still think usecase of SP providing data to IDP is very rare. Have to look at scenarios where no Assertion is involved.
>
> {general discussion of alternatives}
>
> Plil: will post updated proposal. Will resemble origianl proposal, with front channel binding, cleanup and clarification.
>
>    
>>    (i) SSO initiation draft (Scott) - update
>>        Status: Wish to bring this to CD status (May/4th)
>>        Status: Docs have been uploaded:
>>
>>      
> Waiting to initiate public review of it and other documents.
>
>    
>>
>> 5. New work items: none.
>>      
> Josh Howlett is working on project Moonshoot. May submit new profiles after IETF meeting in June.
>
> SOA-TEL TC may propose new work items.
>
>    
>> 6. Assorted threads on saml-dev/comment list:
>>     - Discussion on Authrequest and Provisioning approaches
>>     - Call for Presentations for OASIS Identity Management
>> 2010 Conf (Sept 27-29 in DC)
>>
>> 7. propose an SSTC Face-to-Face meeting for September 2010:
>>     - Thomas/Nate has formally asked Oasis for room/venue for
>> 1 day F2F meeting
>>       during the week of the OASIS Identity Management 2010 in DC.
>>     - Most likely date will be Sept 30th or Oct 1st (after the
>> Oasis conference).
>>      
> The Chairs have request a room be reserved. The TC can decide to meet or not. Perhaps a full day is not needed.
>
> At a minimum, the people who ar there can use the room and eveyone else can call in.
>
> 8. Meeting Ajourned.
>
> Hal