OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Proposed Minutes for SSTC Telecon (June 11th, 2013)

SAML TC Call Meeting Minutes

Tuesday June 11, 2013


> 1. Roll Call & Agenda Review.

No changes suggested.

> 2. Need a volunteer to take minutes.

Mohammad takes minutes.

> 3. Approval of minutes from previous meeting(s):

>    - Minutes from SSTC Call on 28 May 2013:

> https://lists.oasis-open.org/archives/security-services/201305/msg0002

> 1.html

Mohammad moved. Hal Seconded. Approved.

> 4. AIs & progress update on current work-items:


>   (a) Current electronic ballots: (none)


>   (b) Status/notes regarding past ballots: (none)


>   (c) SAML 2.1 work (Chad)

>       - SAML2.1 wiki:

>         https://wiki.oasis-open.org/security/SAML2Revision

>       - Chad's list:

>         https://wiki.oasis-open.org/security/SAML21


>       - Sample ToC for an SSO Profile:

>         https://wiki.oasis-open.org/security/SAML21ExampleProtocol


>       - AIs:

>         o Chad to email the SSTC list with proposed set of documents.

>         o Chad to request TC-Admin for document templates for 2.1.

Chad: Sent out an email to everyone to list the documents we need to ask the TC Admin to create. No more updates at this moment.



>   (d) Conceptual/overview of Metadata (Rainer Hoerbe)

>       - Any updates?

>         http://files.hoerbe.at/daunlod/eadocx-quickdoc.pdf

Rainer: No updates.


>   (e) SAML ECP (Scott)

>       - In 30-Day Public Review

> https://lists.oasis-open.org/archives/security-services/201305/msg00017.html

>   (f) Channel Binding Ext (Scott)

>       - In 30-Day Public Review

>       - AIs:  Thomas has sent both 30-day PR announcements

>               to the IETF Kitten WG list.


> https://lists.oasis-open.org/archives/security-services/201305/msg0001

> 6.html


Scott: No updates.

>   (g) XPA updates (Mohammad Jafari)

Mohammad: No update.



>   (h) SAML Token Profile for ebMS (Ian Otto / Australia)

>       - Australian government profiling ebMS /AS4 specs.

>       - Proposal for Security SAML Token Profile for securing the ebMS

> messages.



Ian: The Australian government is planning to using ebMS as a common messaging service. None of the existing vendors support SAML for ebMS 3.0. Looking for a profile of SAML over ebMS. On behalf of the ebMS TC, a paper is proposed.


The paper has been emailed to the list.



Ian presented a walk-through of the paper and answered questions:


Nate: Seems like SAML 2.0 metadata addresses some of these issues.

Let's give the TC 2 weeks to review. It's good if Ian takes a look at existing work especially SAML 2. SAML 1.1 is a decade old and we at least encourage interoperability with SAML 2.0.

Ian: ebMS TC will probably prescribe SAML 2.0.

Scott: Trying to deal with both will cause trouble in the long run.

Nate: We will bring this up on the agenda in the next meeting.

Ian: We tried contacting WS Security TC but it seems they are non-responsive.

Hal: WS Security TC meetings are rare. They have no charter to make any significant changes.




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]