OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Minutes for SSTC Call (25 January 2011)


> AGENDA:
> 
> 1. Roll Call & Agenda Review.

TBD.

Abbie's ITU-T item added to agenda.

> 2. Need a volunteer to take minutes.

Scott volunteered.

> 3. Approval of minutes from last meetings:
> 
> - Minutes from SSTC Call on 11 January 2010:
> 
> http://www.oasiszopen.org/apps/org/workgroup/security/email/archives/201101/msg00014.html

Moved by Anil, seconded Nate. No objections.

> 4. AIs & progress update on current work-items:
> 
>   (a) Current electronic ballots: (none).
> 
>   (b) Status/notes regarding past ballots: (none).
> 
>   (c) Kerberos Attribute Profile: [Josh/Thomas]
>       - Status: Request submitted for 15-day Public Review.
>       - Status: Thomas submitted CSD request to Oasis on 15 Dec 2010.
>       - Status: awaiting response from Oasis.
>       - #337 on Oasis Issues Tracker: http://tinyurl.com/47yta4p

Thomas noted that a question was raised about changes to the Kerb token profile for WSS, but the maintenance TC indicated this was out of scope.

>   (d) SAML V2.0 Metadata Profile for Algorithm Support Version 1.0:
>       - Status: seeking to move to CS status.
>       - AI: Thomas to request CS ballot Creation.

Not done yet.

>   (e) Session Token Profile (Hal)
>       - Wish to do create CD Ballot.

Hal: not looking for ballot, got comments from Scott, and after review and updates, the new draft is not complete.

Hal: would like to keep it bearer confirmation only, Scott agrees this is fine.

Hal/Scott discussed the requirement for a NameID in the session token, and Scott objects to the assumption that the original SSO event included a NameID or in fact any long term identifier, since that's considered out of scope of the profile and left to deployment.

Scott raised the common Shibboleth use case of attributes-only with no long term identifier, and Hal indicated that made sense and would take that back to this team.

Hal: hoping to publish soon, looking for vote on next call.

>   (f) Change Notify Protocol Version 1.0 (Thinh/Phil)
>       - AI: Seeking to move to CSD status.
>       - Status: Thomas submitted CSD request to Oasis on 15 Dec 2010.
>       - Status: awaiting response from Oasis.
>       - #338 on Oasis Issues Tracker: http://tinyurl.com/47yta4p

There was a bit of back and forth about filenames and some image content, but it's moving forward.

Nate: Robin had asked about which directories to use for new drafts, and I told her that the Post-2.0 folder should be the main location.

>   (g) Channel binding proposal (Scott)
>       - Any updates?
> 
>   (h) Metadata extension for Login/Discovery (Scott)
>       - Status: Thomas submitted CSD request to Oasis on 15 Dec 2010.
>       - Status: awaiting response from Oasis.
>       - #339 on Oasis Issues Tracker: http://tinyurl.com/47yta4p
> 
>   (i) Enhanced Client or Proxy Profile (Scott)
>       - Any updates?

Expect a new draft fairly soon.

>   (j) Metadata Extensions for Documentation/Registration (Chad)
>       - WD02 uploaded before Christmas.
>       - Any updates?

TOPIC: Abbie discussing ITU-T coordination

Abbie: SAML 2.0 was published there as a standard. Due to the agreement, it's the TC's responsibility to provide updates and they're concerned about it being out of date.

Hal: The only items we would send them are actual OASIS standards, of which we have few.

Abbie: Could have draft documents in ITU-T to provoke comment.

Hal: Need to separate things...definitely need to send over approved errata and actual standards, regardless of the various other drafts and documents.

Abbie: Could get additional implementers with more exposure.

Thomas: Can we even share such drafts with them?

Hal: All of them are public, but we're not talking about official submissions, just FYIs. Would need to coordinate anything like this with liason staff at OASIS.

Abbie: I can coordinate that. Next meeting is in April, we'd have to move quickly.

Hal: Suggest chairs compile list of documents we think we should submit officially, and separately let's come up with a list of FYI docs. The official ones need a special majority ballot to approve submission.

Hal: Concerned about formatting CSDs into ITU format.

Nate: We should consider CS and up only.

Abbie: Agree.

Thomas: Is there a policy about who gets to decide what to share?

Hal: No, nothing outside OS is defined for official purposes.

Abbie: We could even just share links.

Several: We should do that if possible.

Additional discussion about getting wiki links to XSPA material up to date among Hal and David Staggs.

Thomas: Nate and I will work on building the document lists.

> 5. Assorted mail items:
>    - NIST IDtrust 2011
> 
> 6. Other items:

Scott mentioned some proposed errata items he's submitted/submitting, will discuss next call.

> 7. Next SSTC Call:
>    - 8 February 2011



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]