[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes for SSTC call (24 Aug 2010)
> AGENDA: > > 1. Roll Call & Agenda Review. Attendance: Frederick Hirsch Thinh Nguyenphu David Staggs Nate Klingenstein Thomas Hardjono Emily Xu Scott Cantor George Fletcher Paul Madsen Bob Morgan Ari Kermaier John Bradley Rob Philpott > 2. Need a volunteer to take minutes. Scott volunteers. > 3. Approval of minutes from last meetings: > > Minutes from SSTC Call on 27 July 2010 (corrected): > http://www.oasis- > open.org/apps/org/workgroup/security/email/archives/201008/msg00022.html > > > Minutes from SSTC Call on 10 August 2010: > http://www.oasis- > open.org/apps/org/workgroup/security/email/archives/201008/msg00033.html Motion to approve, Nate. Seconded, George. Passed unanimously. > 4. AIs & progress update on current work-items: > > (a) Current electronic ballots: None. > > (b) Status/notes regarding past ballots: None. > > (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 as a CS > - Status: passed ballot. > > (d) SAML V2.0 Holder-of-Key Assertion Profile Version 1.0 > - Status: CS-01 version of this doc is on WiKi. > - Status: Thomas to ask Mary. AI to Thomas to ask about prepping of CS documents for c and d. > (e) Kerberos related items. [Josh/Thomas] > - Kerberos Attribute Profile: > - AI: Josh/Thomas will suggest additions to Attribute Profile. Discussion about ability to reference IETF draft in a normative reference in an OASIS profile. Agreement that it shouldn't be a normative reference. RLBob notes that IETF says not to, because drafts are temporary and will go away, so it's ok if you do it while developing, but a final version should point to the final RFC only. The reason for asking relates to the CMU use case for plaintext KRB_CRED, which is not allowed by RFC4120. Thomas suggests being silent about it. Scott suggests duplicating proposed IETF change in the OASIS document, and ending up with duplicative text. RLBob notes the risk of conflicts resulting. Thomas will take it under advisement. > (f) SAML V2.0 Identity Assurance Profiles, Version 1.0 > - Status: Public review period closed on 13 June 2010. > - Status: Now in 15-day review. > > (g) SAML V2.0 Metadata Profile for Algorithm Support Version 1.0: > - Status: now in 60-day public review. > > http://www.oasis- > open.org/apps/org/workgroup/security/email/archives/201008/msg00053.html > > > (h) Service Provider Request Initiation Protocol and Profile Version 1.0 > - Status: now in 60-day public review. > > http://www.oasis- > open.org/apps/org/workgroup/security/email/archives/201008/msg00053.html We noted the reviews are ongoing. > (i) NSN Attribute Management proposal (Thinh/Phil) - any updates? No comments as of yet, but a lot of people are absent. Thinh asks for explicit review of section 2.7.2. > (j) SOA-TEL Token Correlation Profile (Federico/TI) - any updates? No feedback from Federico since initial feedback. > 5. New work items: > - Project Moonshot (potential new work item) Josh not on call, will eventually update TC on abfab WG proposal, charter discussion on WG list. > 6. Related items: > - Standards Track vs Non-standards Track. Announcement from OASIS about upcoming changes to TC and document process. Scott notes we would have published Tech/Exec overviews using this new track. John is unsure about the advantages from the IPR change point of view. Frederick notes that obligations are unclear for such documents. Rob notes you still have to be a TC member to participate in meetings and to supply content to such documents, so that implies you already accept the IPR mode of the TC. The change is approved but not effective until October. Frederick plans to raise issue at least for comment about non-OASIS participation in non-standards track documents. A new template will be forthcoming for specs. > 7. Propose an SSTC Face-to-Face meeting for September 2010: > - TBD (waiting ballot informal result) No obvious enthusiasm for a meeting, so Thomas will cancel the reserved room. > 8. Next Call: Tuesday 7 September, 2010.