OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes for SSTC call (24 Aug 2010)

> 1. Roll Call & Agenda Review.


Frederick Hirsch
Thinh Nguyenphu
David Staggs
Nate Klingenstein
Thomas Hardjono
Emily Xu
Scott Cantor
George Fletcher
Paul Madsen
Bob Morgan
Ari Kermaier
John Bradley
Rob Philpott

> 2. Need a volunteer to take minutes.

Scott volunteers.

> 3. Approval of minutes from last meetings:
> Minutes from SSTC Call on 27 July 2010 (corrected):
> http://www.oasis-
> open.org/apps/org/workgroup/security/email/archives/201008/msg00022.html
> Minutes from SSTC Call on 10 August 2010:
> http://www.oasis-
> open.org/apps/org/workgroup/security/email/archives/201008/msg00033.html

Motion to approve, Nate.
Seconded, George.
Passed unanimously.

> 4. AIs & progress update on current work-items:
>   (a) Current electronic ballots: None.
>   (b) Status/notes regarding past ballots: None.
>   (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 as a CS
>       - Status: passed ballot.
>   (d) SAML V2.0 Holder-of-Key Assertion Profile Version 1.0
>       - Status: CS-01 version of this doc is on WiKi.
>       - Status: Thomas to ask Mary.

AI to Thomas to ask about prepping of CS documents for c and d.

>   (e) Kerberos related items. [Josh/Thomas]
>       - Kerberos Attribute Profile:
>       - AI: Josh/Thomas will suggest additions to Attribute Profile.

Discussion about ability to reference IETF draft in a normative reference in
an OASIS profile. Agreement that it shouldn't be a normative reference.
RLBob notes that IETF says not to, because drafts are temporary and will go
away, so it's ok if you do it while developing, but a final version should
point to the final RFC only.

The reason for asking relates to the CMU use case for plaintext KRB_CRED,
which is not allowed by RFC4120.

Thomas suggests being silent about it. Scott suggests duplicating proposed
IETF change in the OASIS document, and ending up with duplicative text.
RLBob notes the risk of conflicts resulting.

Thomas will take it under advisement.

>   (f) SAML V2.0 Identity Assurance Profiles, Version 1.0
>       - Status: Public review period closed on 13 June 2010.
>       - Status: Now in 15-day review.
>   (g) SAML V2.0 Metadata Profile for Algorithm Support Version 1.0:
>       - Status: now in 60-day public review.
> http://www.oasis-
> open.org/apps/org/workgroup/security/email/archives/201008/msg00053.html
>   (h) Service Provider Request Initiation Protocol and Profile Version 1.0
>       - Status: now in 60-day public review.
> http://www.oasis-
> open.org/apps/org/workgroup/security/email/archives/201008/msg00053.html

We noted the reviews are ongoing.

>   (i) NSN Attribute Management proposal (Thinh/Phil) - any updates?

No comments as of yet, but a lot of people are absent.

Thinh asks for explicit review of section 2.7.2.

>   (j) SOA-TEL Token Correlation Profile  (Federico/TI) - any updates?

No feedback from Federico since initial feedback.

> 5. New work items:
>    - Project Moonshot (potential new work item)

Josh not on call, will eventually update TC on abfab WG proposal, charter
discussion on WG list.

> 6. Related items:
>    - Standards Track vs Non-standards Track.

Announcement from OASIS about upcoming changes to TC and document process.
Scott notes we would have published Tech/Exec overviews using this new

John is unsure about the advantages from the IPR change point of view.
Frederick notes that obligations are unclear for such documents. Rob notes
you still have to be a TC member to participate in meetings and to supply
content to such documents, so that implies you already accept the IPR mode
of the TC.

The change is approved but not effective until October.

Frederick plans to raise issue at least for comment about non-OASIS
participation in non-standards track documents.

A new template will be forthcoming for specs.

> 7. Propose an SSTC Face-to-Face meeting for September 2010:
>    - TBD (waiting ballot informal result)

No obvious enthusiasm for a meeting, so Thomas will cancel the reserved

> 8. Next Call: Tuesday 7 September, 2010.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]