[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Proposed Agenda for SSTC Call on 5 October 2010
> AGENDA: > > 1. Roll Call & Agenda Review. George Fletcher AOL* Group Member John Bradley Individual Group Member Scott Cantor Internet2 Group Member Nathan Klingenstein Internet2 Group Member Bob Morgan Internet2 Group Member Thomas Hardjono M.I.T. Group Member Thinh Nguyenphu Nokia Siemens Networks GmbH & Co. KG Group Member Phil Hunt Oracle Corporation Group Member Ari Kermaier Oracle Corporation Group Member Hal Lockhart Oracle Corporation Group Member Emily Xu Oracle Corporation Group Member Federico Rossini Telecom Italia S.p.a. Group Member > 2. Need a volunteer to take minutes. Scott volunteers. > 3. Approval of minutes from last meetings: > > Minutes from SSTC Call on 21 Sept 2010: > > http://www.oasis- > open.org/apps/org/workgroup/security/email/archives/201009/msg00051.html Deferred, no attendance available. > 4. AIs & progress update on current work-items: > > (a) Current electronic ballots: None. Request for CS of LOA spec is in, no ballot yet. > (c) SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 as a CS > - Status: CS created and published. > > (d) SAML V2.0 Holder-of-Key Assertion Profile Version 1.0 > - Status: CS created and published. Nate updated the wiki to reflect the latest versions. Will remove from agenda. > (e) Kerberos related items. [Josh/Thomas] > - Kerberos Attribute Profile: > - AI: Josh/Thomas will suggest additions to Attribute Profile. No updates, hopefully next week. Still working on the IETF side. > (f) SAML V2.0 Identity Assurance Profiles, Version 1.0 > - Status: 15-day review closed on 10 Sept. > - Update: CS-Ballot was requested to Mary (Fri 1 Oct) Ballot requested. > (g) SAML V2.0 Metadata Profile for Algorithm Support Version 1.0: > - Status: now in 60-day public review. (Closes 13 October) > - Any updates? > > (h) Service Provider Request Initiation Protocol and Profile Version 1.0 > - Status: now in 60-day public review. (Closes 13 October) > - Any updates? No comments as of yet. Should be covered by old TC process, so may be able to skip review for (g) despite needing some fixes to examples. > (i) NSN Attribute Management proposal (Thinh/Phil) - any updates? New draft 03 posted. Thinh: focused on cleaning up SSO profile material in both SP and IdP initiated cases (sec 4.1). Clarified use of the request/response messages and required/optional content. Also clarified assumptions in section 2.3. Some schema changes or protocol material in this draft. Still need work done on the back-channel flows. Scott asked about the underlying use case for the SSO integration. An error in the text on page 17 was noted, where it mentions an AuthnRequest and should talk about an unsolicited response. Phil attempted to outline some uses for signaling ahead of SSO. One that seemed mutually understandable was to signal whether a full set of "initial" data would be needed by indicating in the response from the IdP whether the user was already "known". Phil notes that the ModifySubject flows cover the reverse flow where an SP pushes data back into an IdP, not just the IdP->SP direction. Phil also explained the need for a stronger notion of RetireSubject over and above the defederation idea. More discussion on possible use cases for combining NewSubject with SSO also took place. There was definitely interest in use case discussion to help people understand the business scenarios. > (j) SOA-TEL Token Correlation Profile (Federico/TI) - any updates? Federico still looking for a way to manipulate assertion content without breaking the signature. He proposed a way to do this using XPath filtering transforms, but Scott noted this is not allowed by SAML. Federico believes this limitation is a problem for various use cases, but at the moment thinks he can't solve his problem as a result. > (k) Channel binding proposal -- Scott. No updates. > (l) Metadata extension for Login/Discovery -- Scott. Shibboleth project is working on code for this, the Kantara ULX group has been reviewing the work but has a broader mandate. Still some open issues around relationship of new extensions to older metadata elements. > (m) Profile for Mandatory Credentials -- Federico. Will be discussed on future call. > 5. Assorted mail items: > - Enhancements to SAML for attribute assurance. No discussion other than on list. > 6. Other items: > - Any news from Oasis conference and IIW No discussion. > 7. Next Call: Tuesday 19 October 2010.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]