[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes from SSTC Call on Tue 22 Feb 2011
1. Roll Call. - Quorum achieved. 2. Minute-taker: Phil Hunt. 3. Approval of the minutes from last SSTC call (8 Feb 2011): http://www.oasis-open.org/apps/org/workgroup/security/email/archives/2 01102/msg00015.html - Anil Saldhana: Motion to accept minutes from 8 Feb 2011. + Second: Rob Philpott. + No objections. Motion passes. Minutes approved. 4. AIs & progress update on current work-items: a. Metadata Profile for Algo Support just passed the ballot. Next steps: Scott will await for Robin to publish the CS. b. Ballot Status/notes: none. No discussion c. Kerberos Attribute Profile Thomas: CSD Published, awaiting 15 day review to start. e. Session Token Profile: - Hal: we addressed Scotts concerns. We also addressed some concerns about why not using HTTP headers. There was a question on list about why using cookies? Answer: because headers are a one way mechanism. - Link to doc version wd06: http://www.oasis-open.org/apps/org/workgroup/security/email/archives/2 01102/msg00024.html - Hal Lockhart: Motion to move working draft wd06 to CD status. + Second: Scott Cantor. + No objections. Motion passes. - Hal Lockhart: Motion to move committee spec draft (wd06) to 30-day public review. + Second: Scott Cantor. + No objections. Motion passes. f. Change Notify Protocol: - Thinh/Phil: No updates or comments received. - Thinh Nguyenphu: Motion to move committee spec draft to 30-day public review. + Second: Phil Hunt. + No objections. Motion passes. g. Channel binding support: - Scott: No update h. Metadata extension for Login/Discovery: - Scott: Robin has completed this over the weekend. There are a few non-egregious glitches that are a result of the confusion over the new process and some issues with our older processes, so this is going to another round of WD->CSD no matter what. There are two big takeaways: Our specs should stop including normative references to their own schemas (referencing *other* schemas is ok). The Designated Cross Reference process is not meant to handle this case, it's overkill. Robin suggests a number of alternatives, one good one being having the spec submission for publication include a request to reference the stable schema URI under Related Work. Our TC process for the Acknowledgements appendix is broken under the new TC rules, because we can't have the list of voting members added *after* we approve a draft. I suggest a new "standard" default approach be for spec editors to include a list of the voting members in their later WDs once they get to a "CSD likely" stage. That's about all we can do, because we can't change it after the CSD vote, and we can't change the CSD list during a vote to CS. The TC process states that the "chair compile the initial list" and that any TC member can request an addition or removal at any time. It does not say how that can work given the rules on document changes after a transition vote, but Robin's checking with the rules lawyers on it. In practice, we haven't had much of a problem with people asking. i. Enhanced Client or Proxy Profile: - Scott: feature complete, but doubt it is structurally final. Scott wanted to get as much of the normative material out on the table. It probably stay in WD for a bit longer. - Thomas: anyone else work on it? + Scott: I believe Nate has, but he is not on the call today. j. Metadata Extensions: - No discussion (Chad not on call) k. Errata document - Issue: wish to address usage of term "psudeorandom" + See: http://tools.oasis-open.org/issues/browse/SECURITY-7 and on... + http://tools.oasis-open.org/issues/browse/SECURITY-8 - Scott: would like to call for consensus. - There was discussion with Scot with [ ?name] on pseudorandom and whether global uniqueness required. [? name] was concerned about collisions between domains. Scott indicated that the value is always intended to be qualified with a domain qualifier. - Scott will take another pass in an attempt to better understand the concern. - Scott: The other item should not be contentious (item SECURITY-8). + Seeking general consensus. + No objections. 6. Other items: - Scott suggested putting voting members in the Ack section of late/stable working drafts so that it will be in place for the rest of the document lifecycle. If people want to get added/removed after that point, it will be up to OASIS to tell us how that could happen. 7. Meeting adjourned. ---------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]