[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Minutes for SSTC call (24 Aug 2010)
On 08/24/2010 11:36 AM, Scott Cantor wrote: >> AGENDA: >> >> 1. Roll Call& Agenda Review. > Attendance: > > Frederick Hirsch > Thinh Nguyenphu > David Staggs > Nate Klingenstein > Thomas Hardjono > Emily Xu > Scott Cantor > George Fletcher > Paul Madsen > Bob Morgan > Ari Kermaier > John Bradley > Rob Philpott > Quorum: 11 out of 16 voting members (68%) Status: Paul Madsen regains voting rights. >> 2. Need a volunteer to take minutes. > Scott volunteers. > >> 3. Approval of minutes from last meetings: >> >> Minutes from SSTC Call on 27 July 2010 (corrected): >> http://www.oasis- >> open.org/apps/org/workgroup/security/email/archives/201008/msg00022.html >> >> >> Minutes from SSTC Call on 10 August 2010: >> http://www.oasis- >> open.org/apps/org/workgroup/security/email/archives/201008/msg00033.html > Motion to approve, Nate. > Seconded, George. > Passed unanimously. > >> 4. AIs& progress update on current work-items: >> >> (a) Current electronic ballots: None. >> >> (b) Status/notes regarding past ballots: None. >> >> (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 as a CS >> - Status: passed ballot. >> >> (d) SAML V2.0 Holder-of-Key Assertion Profile Version 1.0 >> - Status: CS-01 version of this doc is on WiKi. >> - Status: Thomas to ask Mary. > AI to Thomas to ask about prepping of CS documents for c and d. > >> (e) Kerberos related items. [Josh/Thomas] >> - Kerberos Attribute Profile: >> - AI: Josh/Thomas will suggest additions to Attribute Profile. > Discussion about ability to reference IETF draft in a normative reference in > an OASIS profile. Agreement that it shouldn't be a normative reference. > RLBob notes that IETF says not to, because drafts are temporary and will go > away, so it's ok if you do it while developing, but a final version should > point to the final RFC only. > > The reason for asking relates to the CMU use case for plaintext KRB_CRED, > which is not allowed by RFC4120. > > Thomas suggests being silent about it. Scott suggests duplicating proposed > IETF change in the OASIS document, and ending up with duplicative text. > RLBob notes the risk of conflicts resulting. > > Thomas will take it under advisement. > >> (f) SAML V2.0 Identity Assurance Profiles, Version 1.0 >> - Status: Public review period closed on 13 June 2010. >> - Status: Now in 15-day review. >> >> (g) SAML V2.0 Metadata Profile for Algorithm Support Version 1.0: >> - Status: now in 60-day public review. >> >> http://www.oasis- >> open.org/apps/org/workgroup/security/email/archives/201008/msg00053.html >> >> >> (h) Service Provider Request Initiation Protocol and Profile Version 1.0 >> - Status: now in 60-day public review. >> >> http://www.oasis- >> open.org/apps/org/workgroup/security/email/archives/201008/msg00053.html > We noted the reviews are ongoing. > >> (i) NSN Attribute Management proposal (Thinh/Phil) - any updates? > No comments as of yet, but a lot of people are absent. > > Thinh asks for explicit review of section 2.7.2. > >> (j) SOA-TEL Token Correlation Profile (Federico/TI) - any updates? > No feedback from Federico since initial feedback. > >> 5. New work items: >> - Project Moonshot (potential new work item) > Josh not on call, will eventually update TC on abfab WG proposal, charter > discussion on WG list. > >> 6. Related items: >> - Standards Track vs Non-standards Track. > Announcement from OASIS about upcoming changes to TC and document process. > Scott notes we would have published Tech/Exec overviews using this new > track. > > John is unsure about the advantages from the IPR change point of view. > Frederick notes that obligations are unclear for such documents. Rob notes > you still have to be a TC member to participate in meetings and to supply > content to such documents, so that implies you already accept the IPR mode > of the TC. > > The change is approved but not effective until October. > > Frederick plans to raise issue at least for comment about non-OASIS > participation in non-standards track documents. > > A new template will be forthcoming for specs. > >> 7. Propose an SSTC Face-to-Face meeting for September 2010: >> - TBD (waiting ballot informal result) > No obvious enthusiasm for a meeting, so Thomas will cancel the reserved > room. > >> 8. Next Call: Tuesday 7 September, 2010.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]