Subject: Draft Minutes SSTC call August 9, 2011 (corrected)
Corrected to reflect correct draft and CSD for session token and vote for both CSD and 15 day PR. On Aug 8, 2011, at 10:56 AM, Thomas Hardjono wrote: > AGENDA: > > 1. Roll Call & Agenda Review. TBD > 2. Need a volunteer to take minutes. Chad took minutes > 3. Approval of minutes from last meetings: > > Minutes from SSTC Call on 26 July 2011: > > http://lists.oasis-open.org/archives/security-services/201107/msg00032.html Scott noted a typo in the minutes: the approved for CSD metadata UI document was CSD02 not CSD01 Hal motioned to accept minutes, with Scott's correction. Scott seconded. No objections, motion passed. > 4. AIs & progress update on current work-items: > > (a) Current electronic ballots: (none) > > (b) Status/notes regarding past ballots: (none) > > (c) Session Token Profile (Hal) > - Status: New version WD08 has been uploaded (relfecting > new RFC 6265) > - Status: Wish to request CSD and 15-day PR. > > http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201107/msg00040.html Hal motioned to accept WD08 as CSD03 and to request a 15 day Public Review. Chad seconded. No objections, motion passed. http://www.oasis-open.org/committees/download.php/41974/saml-session-token-v1.0-wd07.zip Hal will submit the request to TC-Admin > > > (d) Attribute Predicate Profile (Gregory/Franz-Stefan) > - Status: WD03 approved on Aug 9 to be CSD and for 30-day PR. > - AI: Franz-Stefan to submit request to TC-admin Skipped: Franz-Stefan and Gregory were not present > (e) Kerberos profiles: [Josh/Thomas] > - Status: CS ballot approved on Aug 9. > - AI: Thomas to submit request to TC-admin. Thomas will submit request today (Aug 9) > (f) Change Notify Protocol Version 1.0 (Thinh/Phil) > - Status: Request submitted for 15-day CSD Public Review. > - Status 15 day CSD PR request still in TC-Admin Queue (#534 and #528) > - Status: Thomas emailed Robin/TC-Admin on 7/26th and received > response stating that TC-admin will get to it very soon. > > http://tools.oasis-open.org/issues/browse/TCADMIN-534 Phil/Thinh were not present on call Chet sent a notice to mailing list that public review started Aug 9 and will end Aug 24 > (g) Channel binding proposal (Scott) > - Status: awaiting other items in other groups. > - Any updates? No update > (h) Enhanced Client or Proxy Profile (Scott) > - Status: WD02 uploaded last week. > - Status: work waiting for items in IETF Kitten WG. > - Any updates? No update > (i) Metadata Extensions for Documentation/Registration (Chad) > - Status: WD07 approved on Aug 9 to be CSD02 and for 15-day PR. > - AI: Chad to submit request to TC-admin. Request submitted on Aug 9 prior to call > (j) Errata document (Scott): > - PE-12. > - Any updates? Scott submitted to addition items, both of which were accepted for inclusion in next errata document - PE-13: typo in the previous errata; extra 'e' in the PAOS constant http://tools.oasis-open.org/issues/browse/SECURITY-13 - PE-14: proposed addition to signature profile to disallow use of the Object element in XML signatures http://tools.oasis-open.org/issues/browse/SECURITY-14 > (k) Metadata Extensions for Login and Discovery User (MDUI) (Scott) > - Status: WD09 approved on Aug 9 to be CSD01 and for 30-day PR. > - AI: Scott to submit request to TC-admin. Request submitted on Aug 8 > 5. Assorted mail items: > - IETF Oauth SAML Bearer Token draft (Phil Hunt) > > http://lists.oasis-open.org/archives/security-services/201108/msg00001.html Phil was not online, topic will carry over to next call Hal suggested that if we have any substantial comments that we officially file them with the OAuth working group. They are getting close to a final call on their documents. There was a general feeling that the approach of removal all security semantics from the message flows themselves, and moving that in to to-be-profiled parts of the message, was not a good idea. > 6. Other items: > - International Cloud Symposium. > > http://lists.oasis-open.org/archives/security-services/201108/msg00000.html No comments > 7. Next SSTC Call: > - Tue 23 August 2011.