[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: Minutes for SSTC Telecon (Tue 23 July 2013) (Correction)
An addendum below to document the CS ballot motion. On 7/23/13 2:07 PM, "Cantor, Scott" <cantor.2@osu.edu> wrote: >On 7/19/13 11:40 AM, "Thomas Hardjono" <hardjono@MIT.EDU> wrote: > >>Tuesday 23 July 2013, 12:00pm ET >> >>AGENDA: >> >>1. Roll Call & Agenda Review. > >Hal >Scott >Nate >Rainer >Ian Young >Chad >Frederick >Mohammad >Ian Otto > >>2. Need a volunteer to take minutes. > >Scott volunteers. > >>3. Approval of minutes from previous meeting(s): >> >> - Minutes from SSTC Call on 9 July 2013: >> >>https://lists.oasis-open.org/archives/security-services/201307/msg00011.h >>t >>ml > >Scott moved to approve the minutes with the minor correction. Chad >seconded. There were no objections and the minutes were adopted. > > >>4. AIs & progress update on current work-items: >> >> (a) Current electronic ballots: None. >> >> (b) Status/notes regarding past ballots: CB passed ballot. ECP did not >>pass. >> >> (c) SAML 2.1 work (Chad) > >We discussed the proposed use of a numbered multi-part doc structure. Some >concern about implication of ordering of the documents for a reader, so we >would need explicit guidance on how to approach things in the intro >document. > >Scott isn't thrilled with doing it, but as long as the documents retain >their own identity and name (bindings, profiles, etc.), is ok with it. > >General acceptance to agree with the templates proposed. > >Open AI: Hal to express a view on whether it's ok to roll security >considerations into core/profiles/bindings, or maintain a separate >document. > >> (d) Conceptual/overview of Metadata (Rainer Hoerbe) >> - Any updates? >> >> http://files.hoerbe.at/daunlod/eadocx-quickdoc.pdf > >Rainer discussed next steps for this work. Notes the UML diagram wasn't >well received. Pointer above is to a reduced form of textual overview. > >Q: Ok to combine both drafts and include some UML in the other document? >Q: Is the Tech Overview the right place for this material? > >Rainer notes the audience for this is for deployers and users of metadata, >not implementers. > >Scott originally was suggesting adding material to the metadata >specification. Still may be a good idea, but agrees we could use a >document discussing use cases, and how to make use of the metadata spec is >a good thing and is better done outside the spec, without normative >language. > >TC agrees on having more background material in the metadata spec in 2.1 >to be a good thing, and this work and the original Shibboleth >documentation are potential fodder for that. > >Q. Noted IETF draft on entity categories. Should that be at IETF or here? > >Ian notes the draft in question is not at IETF. It's in an IETF format, >but it's a MACE-Dir document being shephered at Internet2 and discussed by >REFEDS. (Scott implied otherwise in a response on the list, he was >mistaken.) > >> (e) XPA updates (Mohammad Jafari) >> - Any updates? > >No updates to report. Hopefully something to talk about by next meeting. > >> (f) SAML Token Profile for ebMS (Ian Otto / Australia) >> - First draft uploaded. >> >>https://lists.oasis-open.org/archives/security-services/201307/msg00024.h >>t >>ml > >Initial draft out for comment. Lack of specification for token acquisition >via WS-Trust noted, may need to be included for conformance purposes. > >> (g) SAML ECP (Scott) >> - Updated WD has been uploaded. >> - Request new CD ballot. > >Scott moves to accept ECP WD09 as CSD02. > >http://www.oasis-open.org/committees/download.php/49980/saml-ecp-v2.0-wd09 >. >zip > >Hal seconds. No objections, motion passed. > >Scott moves that given no normative changes were made, this CSD02 need not >repeat a public review and moves to request a ballot for advancing CSD02 >to Committee Specification. A redline version of the WD approved as CSD02, demonstrating that no material changes were made, and documenting the non-material ones: https://www.oasis-open.org/committees/download.php/50086 > >Hal seconds. No objections, motion passed. > >Scott will request the CSD and ballot. > >>6. Other items: >> - IETF87 Berlin coming-up. >> - NSTIC IDESG Plenary at MIT (July 24-26, 2013). > >Hal discussed government interest in an ABAC workshop. The director of >NSTIC and other GSA officials attended and expressed their opinion as to >its importance. > >http://www.nist.gov/itl/csd/attribute-based-access-control-workshop-july-1 >7 >-2013.cfm > >Seeing an uptick in interest in policy and attribute-based access control. > >If there is interest, consider reviewing: > >http://csrc.nist.gov/publications/drafts/800-162/sp800_162_draft.pdf > >They are still accepting comments on this document, despite appearances >that a deadline has passed. > >>7. Next SSTC Call: >> - Tuesday 6 August 2013. >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]