[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: Proposed Agenda for SSTC Call (8 Feb 2011)
Quorum was achieved with nearly full attendance. > 2. Need a volunteer to take minutes. Nate volunteered to take minutes. > 3. Approval of minutes from last meetings: > > - Minutes from SSTC Call on 25 January 2010: > > http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201101/msg00020.html Scott moved to approve the minutes; Frederick seconded. No objections were registered and the minutes were approved. > (c) Kerberos Attribute Profile: [Josh/Thomas] > - Status: Request submitted for 15-day Public Review. > - Status: Thomas submitted CSD request to Oasis on 15 Dec 2010. > - Status: CSD Published. The SSTC has approved both these requests, but Thomas waited until the CSD request had been published before requesting the 15 day review. He'll submit the review today. > (d) SAML V2.0 Metadata Profile for Algorithm Support Version 1.0: > - Status: seeking to move to CS status. > - AI: Ballot request submitted 26 Jan 2011. The ballot hasn't been created yet. > (e) Session Token Profile (Hal) > - Status: New version WD04 uploaded. > - Status: Wish to request CD Ballot. Hal has uploaded a new version of the Session Token Profile. Scott still wants some time to evaluate the document, suggesting there may be some changes to attribute namespaces that would be necessary and normative changes. Hal is comfortable with deferral until Scott can get his feedback submitted. > (f) Change Notify Protocol Version 1.0 (Thinh/Phil) > - AI: Seeking to move to CSD status. > - Status: Thomas submitted CSD request to Oasis on 15 Dec 2010. > - Status: CSD Published. No further updates. > (g) Channel binding proposal (Scott) > - Any updates? No updates. Scott won't be ready to take this draft forward until he gets some other work done in other working groups. > (h) Metadata extension for Login/Discovery (Scott) > - Status: Thomas submitted CSD request to Oasis on 15 Dec 2010. > - Status: awaiting response from Oasis. > - #339 on Oasis Issues Tracker: http://tinyurl.com/47yta4p This is still being processed by TC Admin. > (i) Enhanced Client or Proxy Profile (Scott) > - Any updates? Not yet, but Scott hopes to have a new draft ready by the next call. > (j) Metadata Extensions for Documentation/Registration (Chad) > - WD02 uploaded before Christmas. > - Any updates? Chad doesn't have any updates. As far as he's aware there hasn't been much review of the draft. Scott suggested the strongest review of documents comes at the CD phase, but if there are specific items that he wants examined before moving to CD, simply flagging them on the email list will usually elicit feedback. Chad will give it another once-over before moving this towards CD status, but he may be ready to so move in a couple calls. > 5. Assorted mail items: > - NIST IDtrust 2011 There was a call for posters that went out. > - RSA conference 2011 A handful of SSTC members will be at the RSA conference and hope to encounter each other on the floor somewhere. > 6. Other items: Scott has an errata to review and may have some other errata to bring forward later. http://tools.oasis-open.org/issues/browse/SECURITY-7 The basic objection has been to the word "pseudorandom", which has a technical connotation, particularly in the SAML specification because it would confer protection against value collision. If that requirement were to be imposed on persistent NameID . The distinction, as Hal put it, is between an unguessable value and a globally unique value. Scott is proposing alternative language that does a better job of capturing the SSTC's original intent. If the text is acceptable, then it can be marked accepted in JIRA and it would be added to the next approved errata draft, which is still some way off at this time. No formal vote is necessary, but he'd like resolution of the TC to accept the proposal. A few SSTC members wanted a little more time to review the text, so he'd like to have it on the agenda for an upcoming call. > 7. Next SSTC Call: > - 22 February 2011
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]