[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Minutes from SSTC Call on Tue 22 Feb 2011
On 02/25/2011 10:32 AM, Thomas Hardjono wrote: > 1. Roll Call. Voting Members:- Rob Philpott EMC Corporation Scott Cantor Internet2 Thomas Hardjono M.I.T. Thinh Nguyenphu Nokia Siemens Networks GmbH & Co. KG Phil Hunt Oracle Corporation Ari Kermaier Oracle Corporation Hal Lockhart Oracle Corporation Emily Xu Oracle Corporation Anil Saldhana Red Hat Members:- Anthony Nadalin Microsoft Corporation Abbie Barbir Bank of America Observers:- Jonas Hogberg Ericsson Quorum: Achieved. 9 out of 14 voting members (64%) > - Quorum achieved. > > 2. Minute-taker: Phil Hunt. > > 3. Approval of the minutes from last SSTC call (8 Feb 2011): > > > http://www.oasis-open.org/apps/org/workgroup/security/email/archives/2 > 01102/msg00015.html > > - Anil Saldhana: Motion to accept minutes from 8 Feb 2011. > + Second: Rob Philpott. > + No objections. Motion passes. Minutes approved. > > 4. AIs& progress update on current work-items: > > a. Metadata Profile for Algo Support just passed the ballot. > Next steps: Scott will await for Robin to publish the CS. > > b. Ballot Status/notes: none. > No discussion > > c. Kerberos Attribute Profile > Thomas: CSD Published, awaiting 15 day review to start. > > e. Session Token Profile: > > - Hal: we addressed Scotts concerns. We also addressed some > concerns about why not using HTTP headers. > There was a question on list about why using cookies? > Answer: because headers are a one way mechanism. > > - Link to doc version wd06: > > http://www.oasis-open.org/apps/org/workgroup/security/email/archives/2 > 01102/msg00024.html > > - Hal Lockhart: Motion to move working draft wd06 to CD status. > + Second: Scott Cantor. > + No objections. Motion passes. > > - Hal Lockhart: Motion to move committee spec draft (wd06) to > 30-day public review. > + Second: Scott Cantor. > + No objections. Motion passes. > > > f. Change Notify Protocol: > - Thinh/Phil: No updates or comments received. > > - Thinh Nguyenphu: Motion to move committee spec draft to 30-day > public review. > + Second: Phil Hunt. > + No objections. Motion passes. > > > g. Channel binding support: > - Scott: No update > > h. Metadata extension for Login/Discovery: > > - Scott: > Robin has completed this over the weekend. > There are a few non-egregious glitches that are a result of > the confusion over the new process and some issues with our > older processes, so this is going to another round of > WD->CSD no matter what. > > There are two big takeaways: > > Our specs should stop including normative references to > their own schemas (referencing *other* schemas is ok). > The Designated Cross Reference process is not meant to > handle this case, it's overkill. Robin suggests a number > of alternatives, one good one being having the spec submission > for publication include a request to reference the stable > schema URI under Related Work. > > Our TC process for the Acknowledgements appendix is broken > under the new TC rules, because we can't have the list of > voting members added *after* we approve a draft. > > I suggest a new "standard" default approach be for spec > editors to include a list of the voting members in their > later WDs once they get to a "CSD likely" stage. > That's about all we can do, because we can't change > it after the CSD vote, and we can't change the CSD > list during a vote to CS. > > The TC process states that the "chair compile the > initial list" and that any TC member can request an > addition or removal at any time. > It does not say how that can work given the rules on document > changes after a transition vote, but Robin's checking with > the rules lawyers on it. In practice, we haven't had much of > a problem with people asking. > > > i. Enhanced Client or Proxy Profile: > - Scott: feature complete, but doubt it is structurally final. > Scott wanted to get as much of the normative material > out on the table. It probably stay in WD for a bit > longer. > > - Thomas: anyone else work on it? > + Scott: I believe Nate has, but he is not on the call today. > > > j. Metadata Extensions: > - No discussion (Chad not on call) > > k. Errata document > - Issue: wish to address usage of term "psudeorandom" > + See: http://tools.oasis-open.org/issues/browse/SECURITY-7 > and on... > + http://tools.oasis-open.org/issues/browse/SECURITY-8 > > - Scott: would like to call for consensus. > > - There was discussion with Scot with [ ?name] on pseudorandom and > whether global uniqueness required. [? name] was > concerned about collisions between domains. > Scott indicated that the value is always intended to be > qualified with a domain qualifier. > > - Scott will take another pass in an attempt to better understand > the concern. > > - Scott: The other item should not be contentious (item > SECURITY-8). > + Seeking general consensus. > + No objections. > > 6. Other items: > - Scott suggested putting voting members in the Ack section of > late/stable working drafts so that it will be in place for the > rest of the document lifecycle. If people want to get > added/removed > after that point, it will be up to OASIS to tell us how that > could happen. > > > 7. Meeting adjourned.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]