OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes from SSTC Call on Tue 22 Feb 2011

1. Roll Call.
   - Quorum achieved.

2. Minute-taker: Phil Hunt.

3. Approval of the minutes from last SSTC call (8 Feb 2011):


   - Anil Saldhana: Motion to accept minutes from 8 Feb 2011.
     + Second: Rob Philpott.
     + No objections. Motion passes. Minutes approved.

4. AIs & progress update on current work-items:

a. Metadata Profile for Algo Support just passed the ballot.  
   Next steps:  Scott will await for Robin to publish the CS.

b. Ballot Status/notes: none.
   No discussion

c. Kerberos Attribute Profile
   Thomas: CSD Published, awaiting 15 day review to start. 

e. Session Token Profile:

   - Hal: we addressed Scotts concerns. We also addressed some 
          concerns about why not using HTTP headers. 
          There was a question on list about why using cookies? 
          Answer: because headers are a one way mechanism.

   - Link to doc version wd06:

   - Hal Lockhart: Motion to move working draft wd06 to CD status.
     + Second: Scott Cantor.
     + No objections. Motion passes.

   - Hal Lockhart: Motion to move committee spec draft (wd06) to
30-day public review.
     + Second: Scott Cantor.
     + No objections. Motion passes.

f. Change Notify Protocol:
   - Thinh/Phil: No updates or comments received.

   - Thinh Nguyenphu: Motion to move committee spec draft to 30-day
public review.
     + Second: Phil Hunt.
     + No objections. Motion passes.

g. Channel binding support:
   - Scott: No update

h. Metadata extension for Login/Discovery:

   - Scott: 
       Robin has completed this over the weekend. 
       There are a few non-egregious glitches that are a result of 
       the confusion over the new process and some issues with our 
       older processes, so this is going to another round of 
       WD->CSD no matter what.

       There are two big takeaways:

       Our specs should stop including normative references to 
       their own schemas (referencing *other* schemas is ok). 
       The Designated Cross Reference process is not meant to 
       handle this case, it's overkill. Robin suggests a number 
       of alternatives, one good one being having the spec submission 
       for publication include a request to reference the stable 
       schema URI under Related Work.

       Our TC process for the Acknowledgements appendix is broken 
       under the new TC rules, because we can't have the list of 
       voting members added *after* we approve a draft.

       I suggest a new "standard" default approach be for spec 
       editors to include a list of the voting members in their 
       later WDs once they get to a "CSD likely" stage. 
       That's about all we can do, because we can't change 
       it after the CSD vote, and we can't change the CSD 
       list during a vote to CS.

       The TC process states that the "chair compile the 
       initial list" and that any TC member can request an 
       addition or removal at any time. 
       It does not say how that can work given the rules on document 
       changes after a transition vote, but Robin's checking with 
       the rules lawyers on it. In practice, we haven't had much of 
       a problem with people asking.

i. Enhanced Client or Proxy Profile:
   - Scott:  feature complete, but doubt it is structurally final. 
             Scott wanted to get as much of the normative material 
             out on the table.  It probably stay in WD for a bit

   - Thomas: anyone else work on it?  
     + Scott: I believe Nate has, but he is not on the call today.

j. Metadata Extensions:
   - No discussion (Chad not on call)

k. Errata document
   - Issue: wish to address usage of term "psudeorandom"
     + See: http://tools.oasis-open.org/issues/browse/SECURITY-7
     and on...
     + http://tools.oasis-open.org/issues/browse/SECURITY-8

   - Scott: would like to call for consensus. 

   - There was discussion with Scot with [ ?name] on pseudorandom and 
     whether global uniqueness required.  [? name] was 
     concerned about collisions between domains.   
     Scott indicated that the value is always intended to be 
     qualified with a domain qualifier.

   - Scott will take another pass in an attempt to better understand
the concern.

   - Scott: The other item should not be contentious (item
     + Seeking general consensus.
     + No objections.

6. Other items:
   - Scott suggested putting voting members in the Ack section of 
     late/stable working drafts so that it will be in place for the 
     rest of the document lifecycle. If people want to get
     after that point, it will be up to OASIS to tell us how that
could happen.

7. Meeting adjourned.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]