OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [security-services] Minutes for SSTC call (24 Aug 2010)


  On 08/24/2010 11:36 AM, Scott Cantor wrote:
>> AGENDA:
>>
>> 1. Roll Call&  Agenda Review.
> Attendance:
>
> Frederick Hirsch
> Thinh Nguyenphu
> David Staggs
> Nate Klingenstein
> Thomas Hardjono
> Emily Xu
> Scott Cantor
> George Fletcher
> Paul Madsen
> Bob Morgan
> Ari Kermaier
> John Bradley
> Rob Philpott
>
Quorum:  11 out of 16 voting members (68%)
Status: Paul Madsen regains voting rights.
>> 2. Need a volunteer to take minutes.
> Scott volunteers.
>
>> 3. Approval of minutes from last meetings:
>>
>> Minutes from SSTC Call on 27 July 2010 (corrected):
>> http://www.oasis-
>> open.org/apps/org/workgroup/security/email/archives/201008/msg00022.html
>>
>>
>> Minutes from SSTC Call on 10 August 2010:
>> http://www.oasis-
>> open.org/apps/org/workgroup/security/email/archives/201008/msg00033.html
> Motion to approve, Nate.
> Seconded, George.
> Passed unanimously.
>
>> 4. AIs&  progress update on current work-items:
>>
>>    (a) Current electronic ballots: None.
>>
>>    (b) Status/notes regarding past ballots: None.
>>
>>    (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 as a CS
>>        - Status: passed ballot.
>>
>>    (d) SAML V2.0 Holder-of-Key Assertion Profile Version 1.0
>>        - Status: CS-01 version of this doc is on WiKi.
>>        - Status: Thomas to ask Mary.
> AI to Thomas to ask about prepping of CS documents for c and d.
>
>>    (e) Kerberos related items. [Josh/Thomas]
>>        - Kerberos Attribute Profile:
>>        - AI: Josh/Thomas will suggest additions to Attribute Profile.
> Discussion about ability to reference IETF draft in a normative reference in
> an OASIS profile. Agreement that it shouldn't be a normative reference.
> RLBob notes that IETF says not to, because drafts are temporary and will go
> away, so it's ok if you do it while developing, but a final version should
> point to the final RFC only.
>
> The reason for asking relates to the CMU use case for plaintext KRB_CRED,
> which is not allowed by RFC4120.
>
> Thomas suggests being silent about it. Scott suggests duplicating proposed
> IETF change in the OASIS document, and ending up with duplicative text.
> RLBob notes the risk of conflicts resulting.
>
> Thomas will take it under advisement.
>
>>    (f) SAML V2.0 Identity Assurance Profiles, Version 1.0
>>        - Status: Public review period closed on 13 June 2010.
>>        - Status: Now in 15-day review.
>>
>>    (g) SAML V2.0 Metadata Profile for Algorithm Support Version 1.0:
>>        - Status: now in 60-day public review.
>>
>> http://www.oasis-
>> open.org/apps/org/workgroup/security/email/archives/201008/msg00053.html
>>
>>
>>    (h) Service Provider Request Initiation Protocol and Profile Version 1.0
>>        - Status: now in 60-day public review.
>>
>> http://www.oasis-
>> open.org/apps/org/workgroup/security/email/archives/201008/msg00053.html
> We noted the reviews are ongoing.
>
>>    (i) NSN Attribute Management proposal (Thinh/Phil) - any updates?
> No comments as of yet, but a lot of people are absent.
>
> Thinh asks for explicit review of section 2.7.2.
>
>>    (j) SOA-TEL Token Correlation Profile  (Federico/TI) - any updates?
> No feedback from Federico since initial feedback.
>
>> 5. New work items:
>>     - Project Moonshot (potential new work item)
> Josh not on call, will eventually update TC on abfab WG proposal, charter
> discussion on WG list.
>
>> 6. Related items:
>>     - Standards Track vs Non-standards Track.
> Announcement from OASIS about upcoming changes to TC and document process.
> Scott notes we would have published Tech/Exec overviews using this new
> track.
>
> John is unsure about the advantages from the IPR change point of view.
> Frederick notes that obligations are unclear for such documents. Rob notes
> you still have to be a TC member to participate in meetings and to supply
> content to such documents, so that implies you already accept the IPR mode
> of the TC.
>
> The change is approved but not effective until October.
>
> Frederick plans to raise issue at least for comment about non-OASIS
> participation in non-standards track documents.
>
> A new template will be forthcoming for specs.
>
>> 7. Propose an SSTC Face-to-Face meeting for September 2010:
>>     - TBD (waiting ballot informal result)
> No obvious enthusiasm for a meeting, so Thomas will cancel the reserved
> room.
>
>> 8. Next Call: Tuesday 7 September, 2010.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]