[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: Draft Minutes 4 February 2014
Minor correction: > Will give overview of SSO, authentication > request, request initiation and LLO profile. > Will explain how XACML can return missing attributes. Should be: Will give overview of SSO, authentication request, request initiation and LOA profile. Will explain how XACML can return an indication of missing attributes which can trigger step up authentication. Hal > -----Original Message----- > From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com] > Sent: Tuesday, February 04, 2014 1:14 PM > To: security-services@lists.oasis-open.org > Cc: Frederick.Hirsch@nokia.com; ndk@internet2.edu; hardjono@MIT.EDU; > Hal Lockhart > Subject: Draft Minutes 4 February 2014 > > SSTC Conference Call > Tuesday 4 February 2014, 12:00pm ET > > > 1. Roll Call & Agenda Review. > > Quorum achieved. Hal Chaired. > > Attendance > > Voting Members > > Internet2 Scott Cantor > Nokia Corporation Frederick Hirsch > Veterans Health Administration Mohammad Jafari > Covisint Corporation Chad La Joie > Oracle Hal Lockhart > Red Hat Anil Saldhana > > Members > > Open Identity Exchange John Bradley > > > > > 2. Need a volunteer to take minutes. > > Frederick Hirsch volunteered to take minutes > > > 3. Approval of minutes from previous meeting(s): > > > > - Minutes from SSTC Call on 21 January 2013: > > > > https://lists.oasis-open.org/archives/security- > services/201401/msg0001 > > 0.html > > Minutes approved by unanimous consent. > > > 4. AIs & progress update on current work-items: > > > > (a) Current electronic ballots: None. > > > > (b) Status/notes regarding past ballots: None. > > > > (c) SAML 2.1 work (Chad) > > - SAML2.1 wiki: > > https://wiki.oasis-open.org/security/SAML2Revision > > > > - Chad's list: > > https://wiki.oasis-open.org/security/SAML21 > > > > - Sample ToC for an SSO Profile: > > https://wiki.oasis-open.org/security/SAML21ExampleProtocol > > > > - Thematic profiles from Chad: > > https://lists.oasis-open.org/archives/security- > services/201312/msg0000 > > 4.html > > Chad has talked with Chet, sent message to list. Group needs to decide > on open question - Should security considerations and conformance be > left as separate document(s) or rolled into new drafts? > > General agreement on call to rolling into profile documents for clarity > and conformance to specific profile. > Original idea was conformance to having families of related material, > but this may not be appropriate going forward but could be a separate > document if needed. > > May need updates to security considerations. > > ACTION: Chad will send out names for documents to list looking for > agreement, then will ask Chet to regenerate templates. > > NSTIC feedback indicates continuing interest in SAML and need for > profiles for deployment. > > > - New templates for SAML2.1: > > > > https://lists.oasis-open.org/archives/security- > services/201401/msg0001 > > 1.html > > > > (d) Conceptual/overview of Metadata (Rainer Hoerbe) > > - Further Steps thread. Any updates? > > > > https://www.oasis- > open.org/apps/org/workgroup/security/document.php?do > > cument_id=50362 > > > > (e) XSPA updates (Mohammad Jafari) > > - Any updates? > > No updates. > > > (f) Folding SAML.XML.ORG material into SAML/SSTC site. > > - Scott has created updated front page. > > - AI: Thomas to ping TC Admin folks. > > > > https://wiki.oasis-open.org/security/FrontPage > > > Thomas is checking on this, redirect has not been implemented yet. > > ACTION: Thomas to check on SAML.XML.ORG update. > > > (g) Usage of SAML in NSTIC-funded pilots (the Daon slides) > > - Folks to review slides from Daon (via Colin Wallis & Jamie > Clark). > > - Any feedback for Daon and for SAML developers in NSTIC pilots? > > > > https://lists.oasis-open.org/archives/security- > services/201401/msg0000 > > 7.html > > > Hal noted Trust Elevation TC asked him to give overview on SAML support > for step up authentication mechanism; will include some XACML as well. > Should happen Thursday. > Will post slides on SAML archive, would appreciate any feedback > Wednesday (before Thursday). Will give overview of SSO, authentication > request, request initiation and LLO profile. > Will explain how XACML can return missing attributes. > > Discussion of use cases, e.g. need to have stronger authentication > during session after some point (SP initiated flow), > > John Bradley mentioned need for SP to be aware of changes in confidence > and use case for social media identities to be used for government > access, using step-up authentication by third party, to enable use of > such identities. Use case of third party identity providers (in > addition to initial IDP). > > Discussion of Daon. Need more use case information. Question as to why > client needs to ask for this information from SP rather than using > client information, need better understanding. Using location as part > of authentication. Geo XACML have defined types related to Daon. Scott > noted used IETF syntax for data expression. > > Question for everyone, are there areas to pursue as new work in SSTC? > > Scott asked whether adding some key pieces of Liberty to SAML would > obtain adoption; OpenID/OAuth might need to deal with those issues. > > Dealing with attribute functionality seems interesting but not many > implementers providing attribute sources, need clarity on business > case. > > Hal noted there may be question about unifying different SAML and OIDC > approaches by offering higher level profile. (slide 21, Example 1 - > http://www.idecosystem.org/filedepot_download/1369/1039 ) John noted > this is policy but not technical standards issue, so will depend on > implementation support (possible with standard as written). > > Hal asked regarding interest in TC providing summary feedback to NSTIC. > No immediate interest, please indicate on list if interested. > > > 5. Assorted mail items: > > > > No discussion > > > > > 6. Other items: > > - RSA conference coming up. > > No discussion > > > 7. Next SSTC Call: > > Tuesday 18 February 2014 > > > Adjourned > > regards, Frederick > > Frederick Hirsch > Nokia > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]