OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] Minutes for SSTC Call (1 November 2011)

On 11/01/2011 11:52 AM, Hal Lockhart wrote:
Minutes SSTC Conference Call
Tuesday 1 November, 2011, 12:00pm ET

1. Roll Call&  Agenda Review.
Open Identity Exchange     John Bradley     Member
Internet2     Scott Cantor     Secretary
AOL     George Fletcher     Member
M.I.T.     Thomas Hardjono     Chair
Oracle     Hal Lockhart     Secretary
Microsoft     Anthony Nadalin     Member
Red Hat     Anil Saldhana     Secretary

Voting Members: 4 of 9 (44%)
Did not achieve quorum.

2. Need a volunteer to take minutes.
Hal taking minutes

3. Approval of minutes from last meetings:

    Minutes from SSTC Call on 18 October 2011:



4. AIs&  progress update on current work-items:

   (a) Current electronic ballots: (none)

   (b) Status/notes regarding past ballots: (none)

   (c) Session Token Profile (Hal)
       - Status: Hal already submitted request for CSD and 15-day PR.
       - Status: 15-day PR ended.  Two minor comments received.


Hal to create electronic ballot to request TC admin to create Electronic ballot for CS vote on Session Token Profile.

   (d) Attribute Predicate Profile (Gregory/Franz-Stefan)
       - Status: 30-day PR from 15 Oct to 14 Nov 2011.

No new information.

   (e) Kerberos profiles [3 items] (Josh/Thomas)
       - Status: Two Committee Specifications published on 24 Oct 2011.
Two out of three have been published. Third is in process.

   (f) Change Notify Protocol Version 1.0 (Thinh/Phil)
       - Status: Committee Specification creation requested.
       - Status: Tickets TCADMIN-696 - in process.
No change.

   (g) Channel binding proposal (Scott)
       - Status: awaiting other items in other groups.
       - Any updates?

No updates.

   (h) Enhanced Client or Proxy Profile (Scott)
       - Status: work waiting for items in IETF Kitten WG.
       - Any updates?

No updates.

   (i) Metadata Extensions for Documentation/Registration (Chad)
       - Status: 15-day PR from 3 Oct to 2 Nov 2011.
       - Status: one comment was receoved duirng PR period.
       - AI: will revise document.


Message posted prior to call.


Will publish revised document.

   (j) Metadata Extensions for Login and Discovery User (MDUI) (Scott)
       - Status: 30-day PR from 14 Oct to 13 Nov 2011.
       - Status: One comment has already been received.


Comments recorded in wiki page along with responses. Error in schema as shown in doc. Other corrections require a new update. Review is still in progress.

5. Assorted mail items:

6. Other items:
IETF meeting in Taipei - Of potential interest to SAML members: Oauth WG will meet (and perhaps recharter). Jose WG will also meet.

Scott working on a new Errata Draft. Probably after New Years for approval.

General discussion of recent attack on XML encryption. Scott feels SAML core should be modified to include advice on countermeasures.

It was reported that Internet2 uses Assertion Encryption by Default. Ficam Profile requires encryption.

Scott noted that the Security Considerations doc "is a mess" and he does not have time to do a rewrite. There is text left over from 1.1 as well as errors. It would be desirable for someone to take on the task of a rewrite.


7. Next SSTC Call:
    - Tue 15 November 2011.

To unsubscribe, e-mail: security-services-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: security-services-help@lists.oasis-open.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]