[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: Proposed Agenda for SSTC Telecon (March 17th, 2015)
Folks Regarding 4 (c).... The solutions architect working on the SAML deployment for the NZ Govt's 'RealMe' login/Authentication service adds .. NZ has a requirement for government (SP) agencies to: 1) request some specified attributes in the <AuthnRequest> from identity provider (IdP). Based on the request the IdP should pull the attributes from attribute providers. Typically these are minimal subset combinations of identity info (such as name, DoB, PoB, Gender) depending on the context. 2) invoke user consent to release displayed attributes on the wire in the message flow in the AuthnResponse. We wanted to use AuthnContextClassRef values in <AuthnRequest> and <AuthnResponse> to put in attributes. But we thought it is not right place to put. So we have come up with some static config approach, but it have limited success. We note that OpenID connect has covered this quite well (see OpenID Connect's spec Section 3.1.2.1 and in particular scope, display, consent, Requested Authentication Context Class Reference (acr) (Claim) Values). What we want in essence, is roughly the equivalent in SAML 2.0, and for vendors to support that. While the <samlp:Extensions> element seems a possible route, we note that indeed 'anything goes', so we may need some rules around what we want in terms of size etc etc. Timezones and call time slew being what it is I may not make the call..but the above FWIW anyway.. Cheers Colin -----Original Message----- From: security-services@lists.oasis-open.org [mailto:security-services@lists.oasis-open.org] On Behalf Of Thomas Hardjono Sent: Saturday, 14 March 2015 6:23 a.m. To: OASIS SSTC Cc: Nate Klingenstein; Thomas Hardjono Subject: [security-services] Proposed Agenda for SSTC Telecon (March 17th, 2015) Folks, Below is the proposed agenda for our next SSTC Call. Please let us know if you have additional items or modifications. Note that SSTC meetings are now on a 4-week cycle. Regards. Nate+Thomas _______________________________________________________ Proposed Agenda SSTC Conference Call Tuesday 17 March 2015, 12:00pm ET Topic: OASIS SSTC Call Call-in Number: 1-617-324-0000 Access code: 645 403 951# Date: Every 4 weeks on Tuesday Time: 12:00 pm, Eastern Standard Time (New York, GMT-05:00) Meeting Number: 645 403 951. Meeting Password: samlsaml. [Backup Telecon number: (605) 475-4700 / passcode: 176720# ] AGENDA: 1. Roll Call & Agenda Review. 2. Need a volunteer to take minutes. 3. Approval of minutes from previous meeting(s): - Minutes from 17 February 2015 meeting: https://lists.oasis-open.org/archives/security-services/201502/msg00003.html 4. AIs & progress update on current work-items: (a) Current electronic ballots: None. (b) Status/notes regarding past ballots: None. (c) Follow up discussions from Dutch eID presentation (Martijn Kaag) - Any updates/questions/discussions. (d) SAML 2.1 work: - SAML2.1 wiki: https://wiki.oasis-open.org/security/SAML2Revision - Starter docs: https://lists.oasis-open.org/archives/security-services/201403/msg00010.html - Martijn had indicated that he is interested to work on the 2.1 project. (e) XSPA updates (Mohammad Jafari) - Any updates. (f) Clarifications for algorithm support for metadata extension (Scott) - Was there any AIs from last SSTC meeting? 5. Assorted mail items: 6. Other items: - IETF#92 Dallas (March 22-27) - IIW (April 6-9) - RSA Conference (April 2-24). 7. Next SSTC Call: - Tuesday 14 April 2015. ------------------------------------------------- **** You can forward this email invitation to attendees **** Hello , Thomas Hardjono invites you to attend this online meeting. Topic: OASIS SSTC Call Date: Every 4 weeks on Tuesday, from Tuesday, February 5, 2013 to no end date Time: 12:00 pm, Eastern Standard Time (New York, GMT-05:00) Meeting Number: 645 403 951 Meeting Password: samlsaml ------------------------------------------------------- To join the online meeting (Now from mobile devices!) ------------------------------------------------------- 1. Go to https://mit.webex.com/mit/j.php?ED=170547347&UID=0&PW=NZDIyZDMzZGU5&RT=MiMxMQ%3D%3D 2. If requested, enter your name and email address. 3. If a password is required, enter the meeting password: samlsaml 4. Click "Join". To view in other time zones or languages, please click the link: https://mit.webex.com/mit/j.php?ED=170547347&UID=0&PW=NZDIyZDMzZGU5&ORT=MiMxMQ%3D%3D ------------------------------------------------------- To join the audio conference only ------------------------------------------------------- To receive a call back, provide your phone number when you join the meeting, or call the number below and enter the access code. Call-in Number: 1-617-324-0000 Access code: 645 403 951 ------------------------------------------------------- For assistance ------------------------------------------------------- 1. Go to https://mit.webex.com/mit/mc 2. On the left navigation bar, click "Support". You can contact me at: hardjono[at]mit.edu 1-781-7299559 To add this meeting to your calendar program (for example Microsoft Outlook), click this link: https://mit.webex.com/mit/j.php?ED=170547347&UID=0&ICS=MI&LD=1&RD=2&ST=1&SHA2=AAAAAqQ8HRHsFV2sx7PeRL8WhHjtErKdRExJqKIpxM3zbAAL&RT=MiMxMQ%3D%3D The playback of UCF (Universal Communications Format) rich media files requires appropriate players. To view this type of rich media files in the meeting, please check whether you have the players installed on your computer by going to https://mit.webex.com/mit/systemdiagnosis.php. http://www.webex.com CCP:+16173240000x645403951# IMPORTANT NOTICE: This WebEx service includes a feature that allows audio and any documents and other materials exchanged or viewed during the session to be recorded. By joining this session, you automatically consent to such recordings. If you do not consent to the recording, discuss your concerns with the meeting host prior to the start of the recording or do not join the session. Please note that any such recordings may be subject to discovery in the event of litigation. ---------------------------------------------------------------------- ____________________________________________ ____________________________________________ Thomas Hardjono MIT Consortium for Kerberos & Internet Trust w: kit.mit.edu e: hardjono[at]mit.edu m: +1 781 729 9559 b: http://hardjono.mit.edu ____________________________________________ --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]