Subject: Re: [security-services] Minutes for SSTC Call 30 Nov 2010
On 11/30/2010 11:32 AM, Nate Klingenstein wrote: >> 1. Roll Call & Agenda Review. > > Quorum was achieved. ( 10 out of 14 voting members) : 71% Voting Members: Scott Cantor Internet2 Nathan Klingenstein Internet2 Thomas Hardjono M.I.T. Anthony Nadalin Microsoft Corporation Frederick Hirsch Nokia Corporation Phil Hunt Oracle Corporation Hal Lockhart Oracle Corporation Emily Xu Oracle Corporation Anil Saldhana Red Hat David Staggs Veterans Health Administration Members: Rob Philpott EMC Corporation Bob Morgan Internet2 Status: Rob regains voting rights. > >> 2. Need a volunteer to take minutes. > > Nate volunteered. > >> 3. Approval of minutes from last meetings: >> >> - Minutes from SSTC Call on 16 Nov 2010: >> >> http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201011/msg00047.html >> > > Hal Lockhart(a.k.a. Tom Lockhard) corrected his name in an earlier > edition of the minutes. His amended version is the one that was voted > on. > > Rob moved to approve the minutes so amended by Hal, and Emily seconded > their approval. No objections were raised and the minutes were approved. > >> 4. AIs & progress update on current work-items: >> >> (a) Current electronic ballots: none currently open. >> >> (b) Status/notes regarding past ballots: (none). >> >> (c) Kerberos related items. [Josh/Thomas] >> - Kerberos Attribute Profile: >> - AI: Josh/Thomas will suggest additions to Attribute Profile. >> - AI: Thomas to move ahead with Web SSO and Subj Confirmation >> profiles. > > Thomas hopes that through the peace and quiet of the holidays he'll > have some time to allocate to work on these profiles. > >> (d) SAML V2.0 Identity Assurance Profiles, Version 1.0 >> - Status: 15-day review closed on 10 Sept. >> - Status: Scott working with Mary to generate HTML. >> - Any updates? > > Scott thinks the committee specification version of the profiles has > been finished and this item can be removed from future agendas. > >> (e) SAML V2.0 Metadata Profile for Algorithm Support Version 1.0: >> - Status: Thomas to ask Mary for (i) CSD version (from draft-03) >> and >> (ii) to Start new 15 day of CSD. >> - Status from last telecon: >> + Waiting on the the CSD from Mary >> + Will ask Thomas to update the public template >> once the CSD is generated. > > The 15 day review is likely almost over at this point, and a comment > was received from Thomas Scavo from InCommon. Technically, the > comments are out of order, because the issues aren't covered by the > second review. There is no need to formally handle the comments since > they weren't directed at the changes, which means the review will end > by Friday. On the next call, we'll look at moving it towards CS status. > >> (f) SAML Attribute Predicates (Greg Neven) >> - AI: Greg to propose a working draft for the SSTC to consider. >> - Any updates? > > Greg has indicated that he'll need more time to develop a working > draft for the SSTC to consider. The > >> (g) Session Token Profile (Hal) -- Any updates? > > Hal has received a few comments that will go into a revision of the > draft. He would like any additional feedback on the profile late this > week or very early next week so that he can issue a revised draft well > in advance of the next SSTC call. > >> (h) NSN Attribute Management proposal (Thinh/Phil) >> - AI: wish to move to CD during this call. > > Thinh was not on the call, traveling on business overseas. His last > indication was that NSN would like to move the draft to CD at this > stage. The objective right now is to achieve broader review. Phil > had a good conversation with Chad, which illuminated that the problem > solved by the spec needs to be called out more clearly. Phil is > convinced there's some editing refinement that can be done to position > the spec better, but the two agreed that there is a real problem to be > solved in change notification issuance. > > Phil was curious whether it was appropriate to use committee draft as > a way to achieve broader review. Hal doesn't think that the new OASIS > CD status is substantively different from historical CD status, but > it's also not clear to him that CD's get more attention. It certainly > doesn't get less. But Phil is not ready to move to public review yet. > > CD status triggers a few automatic changes such as IPR status. Phil > envisions some remaining editorial cleanups and some potential changes > to some attributes and qualifiers that would result in minor > alterations to schema. This is the fourth major iteration, and the > two-step notify followed by an action helps to solve many of the > statefulness challenges involved in federated provisioning. That is > an advantage of using a change notification process that needs to be > called out more clearly in the introduction. > > Scott points out that going to CD early creates a little more work for > Mary. To Scott, moving to CD status is best used as an indication to > people that the spec is ready for consideration for implementation. > Phil believes that now is the time to start playing with > implementations to understand whether some qualification attributes > are necessary on endpoints, and Chad and Phil had discussions about > where more or less flexibility and dynamism is necessary in the > protocol itself. Phil thinks that following a CD edition and a little > implementation experience, we can resolve those questions in an > informed manner. > > Phil would be comfortable waiting two more weeks to move this to CD so > that Thinh can be a participant. This also gives Chad and others a > slightly bigger window in which they can propose changes, without > spending too much time going in circles. > >> (i) Channel binding proposal (Scott) - any updates? > > No updates to report. > >> (j) Metadata extension for Login/Discovery (Scott) - any updates? > > Scott uploaded a new working draft of this metadata extension to add a > "keywords" element to support generalized searching. This came up as > a discussion point in a variety of other working groups. This is the > only outstanding addition, and it's probably ready for CD, but Scott > would like to hold off and have a little more discussion about it in > other working groups before moving it forward in the SSTC. > >> (k) Enhanced Client or Proxy Profile (Scott) - any updates? > > No updates to report. > >> 5. Assorted mail items: >> >> 6. Other items: > > Chad submitted another minor metadata draft extension to allow > metadata entries to be labeled in some form, but it's anticipated that > there will be fairly major revision to it, so Scott believes there > isn't much to discuss at this point. > >> - Propose to cancel SSTC Call on Tue 28 December 2010. > > Nate stated that his winter will be cold and lonely without an SSTC > call, but he was overruled by majority consensus and the meeting will > be canceled. > >> 7. Next SSTC Call: Tuesday 14 December 2010.