OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Draft Minutes SSTC Telecon 29 Nov 2011

Minutes SSTC Conference Call, Tuesday 29 November, 2011, 12:00pm ET

minutes taken by Frederick Hirsch

> 1. Roll Call & Agenda Review.

Quorum achieved

> 2. Need a volunteer to take minutes.

Frederick Hirsch volunteered

> 3. Approval of minutes from last meetings:
>   Minutes from SSTC Call on 15 Nov 2011:
> http://lists.oasis-open.org/archives/security-services/201111/msg00030.html

MOTION: Approve Minutes from 15 November 2011.

Hal moved, Chad seconded.
Motion approved without objection.

> 4. AIs & progress update on current work-items:
>  (a) Current electronic ballots: (none)


>  (b) Status/notes regarding past ballots: (none)
>  (c) Session Token Profile (Hal)
>      - Status: CS Ballot passed
> http://lists.oasis-open.org/archives/security-services/201111/msg00022.html

Hal confirmed that ballot passed. TC-Admin posted message that ballot passed.

>  (d) Attribute Predicate Profile (Gregory/Franz-Stefan)
>      - Status: CS ballot request received on 19 Nov 2011.
>      - Status: In TC-admin queue.
> http://lists.oasis-open.org/archives/security-services/201111/msg00032.html

Ballot closed yesterday - 7/8 voted yes, so ballot passed. 

One comment from Scott on wording. Scott proposed correction. Can adopt this change with other revisions (if any) based on comments received later (defer any correction for now).

Waiting for TC Admin to post note that vote passed.

>  (e) Kerberos Web browser SSO Profile (Josh/Thomas)
>      - Status: WD02 uploaded.
>      - AI: seeking TC approval to move to CSD & 15-day PR.

XSD file was missing, so new WD has been created and has been uploaded

MOTION: TC members approve SAML V2.0 Kerberos Web Browser SSO Profile Version
1.0 Working Draft 02 (located in http://www.oasis-open.org/apps/org/workgroup/security/download.php/44411/sstc-saml-kerberos-browser-sso-wd02.zip) as Committee Specification Draft 02

Moved by Scott, seconded by Hal.
No objection, motion approved by unanimous consent.

MOTION: TC members approve submitting SAML V2.0 Kerberos Web Browser SSO Profile Committee Specification Draft 02 for 15 day public review

Moved by Hal, seconded by Franz-Sefan
No objection, motion approved by unanimous consent.

ACTION: Thomas to submit CSD and public review request. 

[Nate and Ari joined]

>  (f) Change Notify Protocol Version 1.0 (Thinh/Phil)
>      - Status: Committee Specification creation requested.
>      - Status: Tickets TCADMIN-696 - in process.

Thomas: still in TC-Admin process

no other update, Thinh and Phil not on call

>  (g) Channel binding proposal (Scott)
>      - Status: awaiting other items in other groups.
>      - Any updates?

Scott: No update, remove from agenda until needed..

>  (h) Enhanced Client or Proxy Profile (Scott)
>      - Status: work waiting for items in IETF Kitten WG.
>      - Any updates?

Scott: Waiting for implementations, remove from agenda until needed.

>  (i) Metadata Extensions for Documentation/Registration (Chad)
>      - Status: 15-day PR from 3 Oct to 2 Nov 2011.
>      - Status: one comment was received during PR period.
>      - AI: will revise document.
> http://wiki.oasis-open.org/security/PublicComments20111003-20111102.

Chad: No update, revision in progress.

>  (j) Metadata Extensions for Login and Discovery User (MDUI) (Scott)
>      - Status: 30-day PR from 14 Oct to 13 Nov 2011.
>      - Status: One comment has already been received.
>      - AI: will update to new WD.

Scott: No update, revision in progress.

>  (k) SAML2.0 Approved Errata
>       - Status: wd-54 uploaded (Scott).

wd-54 is latest version.

Scott: possible additional changes related to XML Encryption, if additional information suggests it is needed. Currently evaluating. In addition, one other errata was provided, still open - issue on clock skew.  Security-15. 

Scott proposed changes for Security-15 on the list, 
see http://www.oasis-open.org/apps/org/workgroup/security/email/archives/201111/msg00028.html

MOTION: Accept proposal sent by Scott on 15 November 2011 to resolve issue Security-15 for clock skew, with addition of text to 3.7.1 similar to change for  section1.3.3 (relying parties should allow for reasonable clock skew) 

Moved by Scott, seconded Ari.
No objection, motion approved by unanimous consent.

ACTION: Scott to update errata draft with this change.

Scott will do this once encryption errata item resolved.

>  (l) SAML 2.0.1 and Security Considerations doc
>      - Plans for 2012?

Scott: rolling errata into document would be very helpful to implementers. Could also consider other needed changes. Could be 2.0.1

Hal: this requires compliance with current TC Process that has changed since document was originally published. 

Chad: might also need to consider new crypto issues.

Scott: have unofficial red-line with errata incorporated, but not a published clean version.

Hal: a clean update would be useful

Chad: question of whether there is enough community interest to justify this work

Scott: need more input

general discussion of value and how to document goals for next year.

Various options open at this point, further thought required.

>  (m) PE-15: Clock skew (Scott)
>      - Any comments or updates
> http://tools.oasis-open.org/issues/browse/SECURITY-15

See resolution above, item (k).

> 5. Assorted mail items:

no items to discuss.

> 6. Other items:

no other business

> 7. Next SSTC Call: 
>   - Tue 13 December 2011.

Next call 13 December

>   - Propose to cancel SSTC call on 27 December.

No call 27 December, call cancelled.

>   - Propose Tue 10 January 2012 as first telecon in 2012.

Meeting Adjourned.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]