OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Minutes for SSTC Telecon (18 Oct 2011)


Minutes for SSTC call: 18 Oct 2011

1. Roll Call & Agenda Review.
[Note] quorum is established.

2. Need a volunteer to take minutes.
[Note] Thinh Nguyenphu volunteered

3. Approval of minutes from last meetings:

   Minutes from SSTC Call on 20 Sept 2011:

http://lists.oasis-open.org/archives/security-services/201109/msg00008.h
tml
[Note] approved

   Minutes from SSTC Call on 20 Sept 2011:

http://lists.oasis-open.org/archives/security-services/201110/msg00004.h
tml
[Note] approved


4. AIs & progress update on current work-items:

  (a) Current electronic ballots: (none)

  (b) Status/notes regarding past ballots: (none)

  (c) Session Token Profile (Hal)
      - Status: Hal already submitted request for CSD and 15-day PR.
      - Status: 15-day PR from 3 Oct to 18 Oct 2011.

http://lists.oasis-open.org/archives/security-services/201110/msg00006.h
tml

[Note] Hal reports PR ends today, and document only received two
editorial comments by TCAdmin, which were minor comments. 


  (d) Attribute Predicate Profile (Gregory/Franz-Stefan)
      - Status: 30-day PR from 15 Oct to 14 Nov 2011.

http://lists.oasis-open.org/archives/security-services/201110/msg00008.h
tml

[Note] Gregory: PR just started.

  (e) Kerberos profiles [3 items] (Josh/Thomas)
      - Status: Committee Specification creation requested.
      - Status: Tickets TCADMIN-664, 665, 666.
    
[Note] Still waiting for TCAdmin to creating committee specification.

  (f) Change Notify Protocol Version 1.0 (Thinh/Phil)
      - Status: Committee Specification creation requested.
      - Status: Tickets TCADMIN-696 - in process.

[Note] Thinh: no update, waiting for TCAdmin.

  (g) Channel binding proposal (Scott)
      - Status: awaiting other items in other groups.
      - Any updates?

[Note] no update today.

  (h) Enhanced Client or Proxy Profile (Scott)
      - Status: work waiting for items in IETF Kitten WG.
      - Any updates?

[Note] no update today.

  (i) Metadata Extensions for Documentation/Registration (Chad)
      - Status: 15-day PR from 3 Oct to 2 Nov 2011.

http://lists.oasis-open.org/archives/security-services/201110/msg00005.h
tml

[Note] Chad: During PR, the document receives one comments. The response
to the comment is available at
http://wiki.oasis-open.org/security/PublicComments20111003-20111102.
Mostly, there will be a new revision.


  (j) Metadata Extensions for Login and Discovery User (MDUI) (Scott)
      - Status: 30-day PR from 14 Oct to 13 Nov 2011.

http://lists.oasis-open.org/archives/security-services/201110/msg00007.h
tml

[Note] Scott: The document receives one comment. The comment resolution
is available at
http://wiki.oasis-open.org/security/PublicComments20111014-20111113 


5. Assorted mail items:

6. Other items:
   - IIW in October (17-19 Oct). 
   - Kerberos Conference at MIT (Last week of Oct): Hal: There will be
excellent panel on Tuesday. The panel will feature three past SAML
co-chair. It will have great discussion on federation, SAML, Kerberos,
etc.

-	New security paper: Scott and Hall reported on new security
paper from Germany. New security paper published from Germany, which
identify potential SAML security risk.  The security paper, How to break
XML encryption, will be presented at ACM conference CCS 2011.  The paper
documented some new techniques of attach SAML security assertion. It may
provides some recommendation to mitigate the problem. 

It is recommended that members of SS TC to review the document and we
can discuss further meeting.

7. Next SSTC Call: 
   - Tue 1 November 2011.

_______________________________________________________



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]