[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Proposed Minutes for SSTC Telecon (June 11th, 2013)
SAML TC Call Meeting Minutes Tuesday June 11, 2013 > 1. Roll Call & Agenda Review. No changes suggested. > 2. Need a volunteer to take minutes. Mohammad takes minutes. > 3. Approval of minutes from previous meeting(s): > - Minutes from SSTC Call on 28 May 2013: >
https://lists.oasis-open.org/archives/security-services/201305/msg0002 > 1.html Mohammad moved. Hal Seconded. Approved. > 4. AIs & progress update on current work-items: > > (a) Current electronic ballots: (none) > > (b) Status/notes regarding past ballots: (none) > > (c) SAML 2.1 work (Chad) > - SAML2.1 wiki: >
https://wiki.oasis-open.org/security/SAML2Revision > - Chad's list: >
https://wiki.oasis-open.org/security/SAML21 > > - Sample ToC for an SSO Profile: >
https://wiki.oasis-open.org/security/SAML21ExampleProtocol > > - AIs: > o Chad to email the SSTC list with proposed set of documents. > o Chad to request TC-Admin for document templates for 2.1. Chad: Sent out an email to everyone to list the documents we need to ask the TC Admin to create. No more updates at this moment. > (d) Conceptual/overview of Metadata (Rainer Hoerbe) > - Any updates? >
http://files.hoerbe.at/daunlod/eadocx-quickdoc.pdf Rainer: No updates. > (e) SAML ECP (Scott) > - In 30-Day Public Review >
https://lists.oasis-open.org/archives/security-services/201305/msg00017.html > (f) Channel Binding Ext (Scott) > - In 30-Day Public Review > - AIs: Thomas has sent both 30-day PR announcements > to the IETF Kitten WG list. > >
https://lists.oasis-open.org/archives/security-services/201305/msg0001 > 6.html > Scott: No updates. > (g) XPA updates (Mohammad Jafari) Mohammad: No update. > > (h) SAML Token Profile for ebMS (Ian Otto / Australia) > - Australian government profiling ebMS /AS4 specs. > - Proposal for Security SAML Token Profile for securing the ebMS
> messages. > Ian: The Australian government is planning to using ebMS as a common messaging service. None of the existing vendors support SAML for ebMS 3.0. Looking for a profile of SAML over ebMS. On behalf of the ebMS TC, a paper is proposed. The paper has been emailed to the list. https://www.oasis-open.org/apps/org/workgroup/security/email/archives/201306/msg00001.html Ian presented a walk-through of the paper and answered questions: Nate: Seems like SAML 2.0 metadata addresses some of these issues.
Let's give the TC 2 weeks to review. It's good if Ian takes a look at existing work especially SAML 2. SAML 1.1 is a decade old and we at least encourage interoperability with SAML 2.0. Ian: ebMS TC will probably prescribe SAML 2.0. Scott: Trying to deal with both will cause trouble in the long run. Nate: We will bring this up on the agenda in the next meeting. Ian: We tried contacting WS Security TC but it seems they are non-responsive. Hal: WS Security TC meetings are rare. They have no charter to make any significant changes. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]