wsfed message

Subject: Minutes from WSFED Inaugural TC Meeting - June 6th/7th, 2007

From: Mike Kaiser <mkaiser@us.ibm.com>
To: <wsfed@lists.oasis-open.org>
Date: Tue, 12 Jun 2007 06:03:09 -0600

Minutes for F2F Inaugural WSFED TC Meeting
- Hosted by Microsoft at
Redmond Marriott Town Center
7401 164th Avenue NE
Redmond, Washington 98052 USA
- June 6th/7th, 2007

WEDNESDAY June 6th, 2007

Note: Times are represented within the square brackets as Pacific Daylight Savings time.

1. Welcome, Convener and meeting host
[9:06] - Paul Convened meeting
[9:08] - Greg Carpenter provided local host information.
[9:10] - Agenda Topic 1 complete

2. Introductions and roll call, Convener
a) WSFED TC roster http://www.oasis-open.org/apps/org/workgroup/wsfed/members/roster.php
b) OASIS Web Services Federation (WSFED) TC home page: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsfed
[9:11] - Roll call begun:
[9:26] - Roll call end
[9:28] - Roll call results announced.

3. Appointment of Note taker(s), Convener
[9:30] - Mike Kaiser selected as Note taker for Inaugural call

4. Selection of TC chairs, Convener
[9:31] - Marc Goodner nominated Chris Kaler for Chair
Mike Kaiser nominated Michael McIntosh for Chair
[9:32] - Michael McIntosh and Chris Kaler voted in unanimously by all attendees.
[9:32] - 10 minute break.

5. Approval of meeting agenda, Chairs
[9:46] - Meeting resumed.
[9:47] - Meeting Agenda reviewed by Michael McIntosh.
Hal Lockhart proposed adding something for charter. This was deferred until Charter discussion.
No Objections to Agenda were noted. Agenda was therefore accepted as is.

6. Introduction to OASIS process, OASIS staff
[9:49] - Jamie Clark presented OASIS process.
In real time OASIS Roster now shows Mike McIntosh and Chris Kaler as Co-Chairs and Paul Cotton now shows as a TC Member.
Tools. TC Process and IPR Policy are important and key. They are available from the main OASIS page.
Question: What does the new Conformance/Compliance rule mean for this TC?
Answer: The rule itself is deliberately written not to explicitly say what the conformance should say because there is wide disparity between project. This is rule 2.18.. when you get to a certain point you need to include a certain set of conformance clauses. The TC should work out for itself what should be in the conformance clause of the specification.
Mary (?) is currently working on a set of guidelines/templates for the conformance clause which should help, but ultimately it is up to the experts as to what formally should and should not be put into the conformance section of the TC.

Hal Lockhart (technical advisory board member): Intent is to clarify, but OASIS will probably go a little further than just document format. Intent is to provide here are the things that are important for compliance.

Mary: There is a Wiki which discusses this... information will include pointers.
Jamie: Original intent was to have the TC have its own influence on the compliance claims. As time goes on, we will learn and adjust if needed.

7. Selection of issues list editor(s), Chairs
[10:15] - Selection of Issues List Editors:
Will use similar mechanism that was used in WS-SX. No objections noticed.
People fill out a template to raise the issue. Email will allow discussion and then can be discussed at meetings. Normal process for an issue is as follows:
New --> Open --> Pending --> Review --> Closed
For reference purposes, the issue process for SX, is described at the following link (taken from chat): http://www.oasis-open.org/archives/ws-sx/200512/msg00027.html
Greg Carpenter nominated. No objections noted. Greg will be the issues list editor.[

8. Review of TC charter, Chairs
a) Original Call for Participation http://lists.oasis-open.org/archives/tc-announce/200704/msg00020.html
b) WSFED TC charter http://www.oasis-open.org/committees/wsfed/charter.php
[10:20] - Review of TC Charter - Michael McIntosh reviewed Mary McRae's Call for Participation note sent 13 April 2007.
[10:23] - Michael McIntosh begins review of OASIS Web Services Federation (WSFED) Technical Committee Charter.
The charter can be found at the following link: http://www.oasis-open.org/committees/wsfed/charter.php
Each section (as shown below) was read and objections or questions were solicited. The results of this are shown below:
No objections raised to following sections (Name of TC, Statement of Purpose, Scope of Work, Federation Overview, Federation Model, Federation Metadata, Federated Sign-Out, Attribute Services, Pseudonym Services )

Questions were raised for the following sections:
Section: Attribute Services, Pseudonym Services.
Norman Brickman: Was hoping to get more information on Attribute and Pseudonym Services. Not a 100% sure what is in scope or out of scope and is hoping that discussions over the next two days will clarify for him. Question was added as to whether the charter is clear enough but at this point it can't be determined. Decision was made to defer this until after the in scope and out of scope sections and raise it again if there is something which needs to change for clarification purposes.

Issues were raised for the following sections:
None.

[10:46] - 15 minute break

[11:01] - Paul Cotton indicated that he had posted the Roll Call results from earlier in the meeting and asked that everyone review and let him know if there are any errors that need to be corrected.

[11:02] - Michael McIntosh restarts the Charter review:
No objections or questions were raised against the Charter for the following sections:
Security Tokens and Pseudonyms, Federation Extensions to WS-Trust, Indicating Specific Policy/Metadata, Additional Policy Assertions, General Notes on Scope, Deliverables, Anticipated Audience, Language, IPR Policy, References

Questions were raised for the following sections:
Section: Authentication Types
Hal Lockhart: Proposes to create an alternate claims dialect. Has taken it up with the XACML TC and that TC has agreed to take up the work. Would this TC feel that it's better to do that work here or there?
Tony: Seems like it would fit better in the XACML TC because that is where the specific skills lie. There are different ways that this could be done.
Several people in the room expressed the thought that XACML seemed to be the right set of people to run with this.
Decision: Agreed to let XACML team run with this and not alter the charter.

Section: Web (passive) Requestors
One question raised around discovery assumption...response indicated that was one way of handling, but there were many others. No change needed for charter...just a simple question.

Section: Out of scope
One question raised regarding 14, 15 as being specific Response indicated that because it was not explicitly stated in the list, the interpretation should be that it is included within the scope.
No change needed for charter...just a simple question.

Issues were raised for the following sections:
None.

[11:41] - With no objections, The Charter is accepted as is, with no required updates or changes.
Two additional people were noted as having arrived after the roll call earlier in the call. Paul Cotton will update the attendance/voting member roster and re-post: Additions were:
David Staggs ... Veterans Health Administration.
Toufic Boubez ... Layer 7 Technologies

[11:45] - Break for lunch (1 hr, 15 minutes) until 1:00pm PST.

------------------- Afternoon ----------------------------------------------

9. Presentation: WS-Federation Part One: Understanding WS-Federation
http://msdn2.microsoft.com/en-us/library/bb498017.aspx

[ 1:01pm] - Resume meeting - Request for any new people who have joined the meeting and not yet represented by the roster. No new attendees noted.
[1:02] - Marc Goodner presents the contents of the "Understanding WS-Federation" whitepaper.
[1:45] - Two potential issues have been raised as follows while presenting slide 10 "Authorization Context". ISSUES:

Do we have an issue for a more complex claim structure? A common claim type doesn't adequately allow for complex.
We need some kind of reference of where one would find a definition for a particular claim. Common claims are fine, but how are we going to get claim structure outside of this? We need to come up with perhaps a normative definition of how to represent complex definitions...maybe a pointer.

Several discussion topics including the following:
Why didn't they do this right the first time? There may be a number of reasons including that you already had tokens from earlier messages or it may be that the current application has determined (based on what is now occurring) that it needs additional authentication.

[2:05] - Review of Enterprise Scenario Review... Slide 14 reached.
[2:05] - Completed Review/Discussion of Enterprise Scenario (Slide 14) Will take a 15 minute break.

[2:25] - Resuming presentation. Beginning Healthcare Scenario Slide 15.
Question was raised {paraphrased} "does the federation example provide enough to meet HIPAA requirements because break the glass scenario isn't good enough any more? Nor is it acceptable to have the doctor log in and establish that his hours are 10pm-5am and anything that happens during that time is ok". It was stated that the example has some of this included and we should resurrect this question at the end during the summary to see if all the aspects were covered.

Question from phone: Is this consistent with HL7's work. Answer Yes, that is hoped to be the case.

Slide 18 Question was raised about: There are request specific contextual information at play here. This is the mechanism that is used to do this here. The specifics of where it appears in the RST may or may not be interesting. In this case the content did not originate with this service. The way you tell people to put stuff in here is with the security token template.

Question from phone: For this example have you compared against those provided by the to American Healthcare Associates ... now opening it up to ISO and HL7. Answer: No, not with these in particular, the standard has to be worldwide an not just limited to US or any other specific geography, but various people for Healthcare were queried in development of the example.

[3:00] - Five minute break.

[3:07] - Resuming with slide 21 "Requesting the Missing Token"
Question was asked as to whether there was a guarantee that the recipient received and took action with the sign-out: Response: Signout is an advisory notification only. There is no guarantee that the recipient actually does anything with the sign-out.

Is the logout parameter required or optional. Response: it is optional.

Is there a more efficient way to handle the fault/resubmit methodology associated with a tertiary claim example which in each level another piece of information is added. (i.e. the secondary claim requires street address, the tertiary requires phone-number info) Response: This will be covered tomorrow during the STS Model discussion.

[3:30] - Completed Understanding WS-Federation presentation.

Return to the "break glass discussion question above". The example doesn't make any legal claims, however healthcare people were consulted and it appears that this can be reasonably automated and there is an audit trail that could be used. Is it better than "break glass"... Answer: Yes, this is far better and it looks like it would meet the US HIPAA requirements. 1) It was protected, 2) there is a defined process and 3) there was an audit trail. These are the key things for HIPAA.

[3: 35] - Ask people if we want to stop today or continue.
If we continue today, we could finish by roughly lunch time tomorrow.

10. TC administration, Chairs
a) Distributed meeting schedule (day of week and time of day)
[3:35] - Proposed - time slot Tues: 7-8am PT. We will go weekly and cancel meetings if not necessary. No one has any objections.
First call to be scheduled on June 19th. Also proposed that we not have a call on July 3rd. Will get something posted in the next few days.

b) TC and meetings aids such as TC website, document repository, IRC, etc.
[3:40] Please familiarize yourself with the following repositories.
i) Email archive:
http://www.oasis-open.org/apps/org/workgroup/wsfed/messages.php
ii) Document repository
http://www.oasis-open.org/apps/org/workgroup/wsfed/documents.php
iii) Minutes
http://www.oasis-open.org/committees/wsfed/minutes.php
[3:41] This link may not be correct. They may actually be in the document archive. (Per Hal)
iv) FAQ http://www.oasis-open.org/committees/wsfed/faq.php
[3:42] We may not use this if we don't have a questions. It is likely that we will need it.

ISSUE: We need to get some sort of FAQ together.

c) Future F2F meeting schedule
http://www.oasis-open.org/committees/calendar.php?wg_abbrev=wsfed
[3:44] Propose an October time frame. Is there a Austin possibility? Is there an East Coast possibility? Is there a Boston preference?
ISSUE: Need to establish a next F2F meeting (location/time).

d) TC roles (secretary, specification editors, etc.)
[3:47] Secretary Managing the Roster and Taking Minutes: Greg Carpenter agreed to do this. Mike Kaiser agreed to help. Abbie will handle attendance.
Marc Goodner and Tony Nadalin agree to be editors.
Hal Lockhart will be liaison with XACML.

Meeting tomorrow is in the Lewis River room and will start at 9:00am (Breakfast at 8:00am)

[3:51] Meeting Adjourned for the day.

[10:56] anonymous morphed into JamieClark
[11:05] anonymous morphed into Jim Hosmer (Lockheed Martin)
[11:16] anonymous morphed into Jonathan Marsh
[11:40] anonymous morphed into Maryann HOndo
[11:40] Maryann HOndo morphed into Maryann Hondo
[11:41] JamieClark: Good morning Jonathan. Been a while. How's WSO2?
[11:42] abbie: helooooooooooo
[11:43] abbie1 morphed into abbie
[11:43] JamieClark: Abbie, you sound like you are at the bottom of a well ..
[11:43] abbie: i am
[11:44] abbie: with no rope
[11:45] Room information was updated by: Dug
Tel: 1-203-480-8000 Access Code: 5764779
[11:45] JamieClark: I've heard the Toronto suburbs described uncharitably before, but never quite like that
[11:47] abbie: Jamie, it is Ottawa (The Capital region......)
[11:48] JamieClark: Ah sorry I wad thinking Nortel HQ. Brampton, no? .. Hm and Ottawa, well, yes, maybe ...
[11:48] anonymous morphed into Robin Martherus (PingIdentity)
[11:50] Chris morphed into Chris Ferris (IBM)
[12:02] anonymous morphed into Mary McRae
[12:04] Jonathan Marsh: Very soft though
[12:04] Dug: very very soft
[12:05] Jonathan Marsh: last was best
[12:06] Dug: Agenda: http://www.oasis-open.org/apps/org/workgroup/wsfed/email/archives/200705/msg00004.html
[12:06] PaulC: agenda: http://www.oasis-open.org/apps/org/workgroup/wsfed/email/archives/200705/msg00004.html
[12:06] anonymous morphed into Anil@JBoss/RedHat
[12:07] anonymous2 morphed into Gerry Woods
[12:07] anonymous morphed into Atul Tulshibagwale (HP
[12:07] Atul Tulshibagwale (HP morphed into Atul Tulshibagwale (HP)
[12:07] Mary McRae: can't hear Greg
[12:08] Michael McIntosh: can u hear him now?
[12:08] Anil@JBoss/RedHat: Thanks to MS. Good arrangement.
[12:08] MrGoodner: can you hear him now?
[12:08] anonymous morphed into Steve Carter
[12:08] Mary McRae: no
[12:08] MrGoodner: sing into the mike Darby!
[12:09] Michael McIntosh: Greg is just explaining details of local logistics
[12:09] anonymous morphed into Gene Thurston
[12:10] Dug: roster: http://www.oasis-open.org/apps/org/workgroup/wsfed/members/roster.php
[12:10] Dug: TC Home Page: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsfed
[12:10] anonymous morphed into Sidd (MSFT)
[12:11] Sidd (MSFT) morphed into Sidd Shenoy (MSFT)
[12:13] anonymous1 morphed into Larry Rogers
[12:13] Anil@JBoss/RedHat morphed into Anil [JBoss/RedHat]
[12:18] anonymous morphed into Kent@ttg.cc
[12:19] Kent@ttg.cc morphed into Kent Spaulding
[12:29] MrGoodner: I nominated Chris Kaler
[12:30] MrGoodner: Mike K nominated Mike M
[12:35] MrGoodner: we're on a 10 min break for anyone who didn't hear
[12:41] ckaler: we are going to start back up in 2 min
[12:44] Larry Rogers: can barely hear speaker
[12:44] Dug: whoever is typing near their phone - please go on mute
[12:45] Paul Knight: thanks!
[12:47] MrGoodner: Jamie has the floor
[12:52] Kent Spaulding21 morphed into Kent Spaulding
[12:56] MrGoodner: Policies link Jamie is describing:http://www.oasis-open.org/who/policies_procedures.php
[12:58] MrGoodner: Confromance clause being discussed:http://www.oasis-open.org/committees/process.php#2.18
[12:58] MrGoodner: [NOTE: The following words in Section 2.18, referring to conformance clauses, will be effective as of 1 June 2007, and will not apply to any version approved as a Committee Specification by that date: "A specification that is approved by the TC at the Public Review Draft, Committee Specification or OASIS Standard level must include a separate section, listing a set of numbered conformance clauses, to which any implementation of the specification must adhere in order to claim conformance to the specification (or any optional portion thereof). " See also the Note to Section 1(dd), above.]
[13:03] anonymous morphed into Gene Thurston
[13:08] MrGoodner: having a hard time hearing Mary in the room
[13:17] Paul Knight: A bit hard to hear - is that Greg Carpenter who will be the issues editor?
[13:17] Anil [JBoss/RedHat]: y
[13:17] ckaler: http://lists.oasis-open.org/archives/tc-announce/200704/msg00020.html
[13:17] ckaler: this is the call for participation link
[13:17] ckaler: the charter link is:
[13:18] ckaler: http://www.oasis-open.org/committees/wsfed/charter.php
[13:18] MrGoodner: Issue process for SX, which we're cribbing from, is described here:http://www.oasis-open.org/archives/ws-sx/200512/msg00027.html
[13:58] MrGoodner: coming back from break
[14:15] anonymous morphed into Kent Spaulding
[14:39] MrGoodner: charter accepted
[14:43] MrGoodner: bridge is being muted for lunch
[14:43] MrGoodner: back at 1pm PST
[14:49] Larry Rogers: anyone have the link to the next agenda item, Understanding WS-Federation presentation
[15:14] MrGoodner: The next item is on the Understanding WS-Federation whitepaper, it was published here:http://msdn2.microsoft.com/en-us/library/bb498017.aspx
[15:14] MrGoodner: It was just submitted to the TC as well,http://www.oasis-open.org/archives/wsfed/200706/msg00004.html
[15:15] MrGoodner: And here is the deck: http://www.oasis-open.org/archives/wsfed/200706/msg00005.html
[16:13] anonymous morphed into David Staggs
[16:22] Don Adams morphed into Don Adams (TIBCO)
[17:05] Mike Kaiser: Will be taking a 15 minute break and resuming at 2:20pm PST
[18:00] Michael McIntosh: cookies and brownies arrived in room - so we are adjusting our blood sugar for a few minutes
[18:48] Paul Knight: see you tomorrow
[18:51] Mike Kaiser: Meeting adjorned

THURSDAY June 7th, 2007

11. Presentation: WS-Federation Part Two - Specification
ttp://www.ibm.com/developerworks/webservices/library/specification/ws-fed/

[9:08] Roster updates:
Marco Carugi Nortel - Needs to be added as at the meeting.l
[9:12] Tony Nadalin begins presentation WS-Federation Overview.
Slide 7 definition correction - "Replying Party" should be "Relying Party"
Covered Push/Pull Model and Direct Trust.
Indirect Trust - Chart 12 describes the Healthcare Scenario that we covered yesterday where Hospital has a trust relationship with Medical Authority and Dr. has a trust with Medical Authority, therefore the Hospital can trust the Dr even though they have never interacted before.
Multiple Tokens with Direct Trust - Chart 13 - The Healthcare scenario yesterday also demonstrates this with Dr. logging in and got one from Hospital and Medical Authority and used them together later.
These diagrams only show the key flows. There are additional flows that aren't pictured on the page.
Slide 15 - Delegation with Direct Trust has not been implemented for Web Requestor scenarios...not that it technically couldn't be.
[9:51] - Presentation Part 2 = WS-Trust Extensions for Federations begins. (Slide 16)
[10:00] - Presentation Part 2 complete.
20 minute break.
[10:20] - Resume - Begin Part 3 STS Service Model Extensions - Presented by Don Schmidt (Slide 27)
Clarification comment on Privacy: When the spec talks about privacy in spec it really means confidentiality.
[10:40] - Question raised relative to trust relationships not shown on slide 33 "Attribute Service"
No broad shaded arrows of trust are shown between the RP/STS and the Attribute Service and Trust between the IP/STS and its Attribute Service on the left side of the chart. Shouldn't there be arrows here?
Response: Perhaps it should be explicitly shown, but this chart shows really two domains and assumes that trust within a realm is really implicit.
[10:45] - Clarification (Slide 34) Pseudonyms does not guarantee anonymity. They are a way to provide some integrity. If IP information is shared it is possible to determine specific user information. Any time you tie a request in which you provide any identifying information anonymity is lost or potentially discernible.
[11:00] - Slide 38 - What is meant by scope for this discussion? Response: It is in the spec. You can specify 'applies to' or other scope using filters.
Is is possible to have two pseudonyms for the same parties? Response: Yes it is possible, but it is not meant to be implied that it is typical. Let's go through the rest of the slides to see if this is covered in greater detail as we go along.

This slide is essentially another way to achieve the same thing as the slide 37 was trying to do. In general these last two slides are doing something using a pair wise relationship.

[11:12] - Slide 40 - End of Pseudonym discussion. Short 10 minute break.
[11:23] - Resume meeting. Slide 41 Authorization Service
[11:30 ] - Part 4 - Federation Metadata section begun.
[11:40] - (Slide 53) ISSUE: Norman requested to write up an issue Regarding Security Policy and Federation Metadata.
[11:45] - Part 5 Sign-out section begun.
Remember that sign-out is simply an advisory mechanism. It does not cancel or terminate any existing tokens. There is no guarantee that the receiving party does anything with it.
[11:50] - Web Requestors (Slide 60) begun
[11:53] - This is about using standard browsers.
Goal of Web Requestor was to provide the same Federation capabilities/concepts using standard browsers with no add-ons/plug-ins etc.
Slide 64 .. the difference between solid and dotted line (solid = in protocol communications, dotted = out of band/protocol communications)
[12:02] - Part 6 Wrap-up begun
Intent was to present the federation material in the way that we think about the spec.
Norman: For the Web Browser you tried to use the RST format... is there any standards summary about what is available to the Web Browser vs a service (i.e. pseudonym service etc...)? The SOAP faults are not available to browser clients, you can dig it out, but there is not formal list.
[12:05] - Concluded presentation.
[12:08] - Break for quick lunch. ~22 minutes

12. Any other business
[12:30] - Resume Meeting.
Review Of Issues (see Issue list below).

Next meetings:
Tuesday June 19, 2007 - 7:00 - 8:00am PST.
Tuesday June 26th, 2007 - 7:00-8:00am PST.
Tuesday July 3rd, 2007 - NO Meeting
The chairs will post more detailed scheduling information prior to the next meeting.

13. Adjourn
[12:43] - Meeting Adjourned.

[11:25] anonymous morphed into Larry Rogers (LMCO)
[11:55] Larry Rogers (LMCO): Must be having a really great breakfast!
[11:57] Mike Kaiser: Please note that we are struggling with a phone problem in the conference room.
[11:57] Larry Rogers (LMCO): thx
[11:59] Michael McIntosh: Greg is fumbling over the conf phone now
[11:59] Room information was updated by: Dug
Tel: 1-203-480-8000 Access Code: 5764779
[12:02] MrGoodner: How many fingers is Chris holding up?
[12:03] Dug: more importantly, which finger?
[12:03] abbie: one
[12:03] abbie: middle
[12:03] anonymous morphed into Robin Martherus (PingIdentity)
[12:05] MrGoodner: guess the cameras are working
[12:07] Dug: is there a web cam we can hook into?
[12:07] MrGoodner: ask abbie, he seems to be able ot see
[12:08] Kent Spaulding: there's a camera?
[12:08] MrGoodner: no, just joking around waiting for the meeting to get going
[12:08] Dug: the sound diff between the chair and the people on the phone is huge - very quiet for chair, very loud for callers

[12:09] Kent Spaulding: I was in the room yesterday - that's a relief (no camera)

[12:10] anonymous morphed into Atul Tulshibagwale (HP)
[12:11] Paul Knight: don't see a link for part 2 of the preso in the original agenda
[12:11] MrGoodner: I'm trying to get it onto the list
[12:12] MrGoodner: the first copy doesn't seem to have reflected... trying again with a smaller version of the atachment
[12:13] Michael McIntosh: Abbie - can you hear him?
[12:13] Paul Knight: Tony is very faint now on the phone
[12:13] Michael McIntosh: it is better now?
[12:13] Paul Knight: no
[12:14] Paul Knight: a little better
[12:15] Larry Rogers (LMCO): Tony fading in and out
[12:15] MrGoodner: I'll have the presentation in the document archive in a minute
[12:16] Dug: much better
[12:17] Paul Knight: Thanks, Marc
[12:17] anonymous morphed into anil [JBoss/RedHat]
[12:21] Kent Spaulding: This is the unserstanding pdf?
[12:22] anil [JBoss/RedHat]: the slides will be uploaded soon as per Mark
[12:22] anil [JBoss/RedHat]: http://www.ibm.com/developerworks/webservices/library/specification/ws-fed/
[12:22] anil [JBoss/RedHat]: think the slides are just an overview of this spec
[12:22] MrGoodner: Here is the current deck:http://www.oasis-open.org/apps/org/workgroup/wsfed/download.php/24292/WS-FederationOverview.pdf
[12:22] Kent Spaulding: thx anil
[12:23] MrGoodner: I had to upload, the list doesn't seem to like it as an attachment
[12:23] MrGoodner: He is on slid 8
[12:23] MrGoodner: http://www.oasis-open.org/apps/org/workgroup/wsfed/download.php/24292/WS-Federation%20Overview.pdf
[12:23] Kent Spaulding morphed into Kent Spaulding [TTG]
[12:29] MrGoodner: Slide 9
[12:29] MrGoodner: Slide 10
[12:30] MrGoodner: Slide 11
[12:32] MrGoodner: Slide 12
[12:34] MrGoodner: Slide 13
[12:35] Paul Knight: sound is gone??
[12:35] Paul Knight: or just me?
[12:35] Michael McIntosh: is sound gone?
[12:35] Michael McIntosh: do you hear?
[12:36] MrGoodner: Slide 14
[12:36] Paul Knight: no, not even echo of my own voice.
[12:36] Michael McIntosh: s paul only one?
[12:36] Kent Spaulding [TTG]: I can hear
[12:36] Michael McIntosh: sorry paul - you've gone deaf - doctor visit is in order
[12:36] Paul Knight: I'll call in again
[12:39] Paul Knight: i had moved something on my desk that hit the headset button... okay now
[12:40] Michael McIntosh: you are not using wireless?
[12:40] Paul Knight: Not today, I'm on a real phone in the office - came in to donate blood.
[12:45] MrGoodner: Slide 15
[12:52] MrGoodner: Slide 18
[12:56] Gene Thurston: It seems like Tony's slides being presented in the room have a few additional items on them (namely examples of XML tags of interest). Can we get this newer version of the presentation as a PDF?
[12:58] MrGoodner: We're on slide 25 now
[12:58] MrGoodner: I'll update the deck after the meeting
[12:58] Kent Spaulding [TTG]: dropping off - "see" everyone on the TC calls.
[12:59] Gene Thurston: Thanks, Mark.
[13:00] MrGoodner: break to 10:15
[13:00] Mike Kaiser: Breaking for 15 minutes.
[13:17] Mike Kaiser: Rsuming meeting.
[13:19] MrGoodner: Don is on slide 28
[13:27] MrGoodner: Slide 29
[13:27] MrGoodner: Slide 30
[13:30] MrGoodner: Slide 32
[13:32] MrGoodner: 33
[13:45] MrGoodner: 34
[13:49] MrGoodner: 35
[13:50] MrGoodner: 37
[14:02] MrGoodner: 38
[14:07] MrGoodner: 39
[14:09] MrGoodner: 40
[14:37] Larry Rogers (LMCO): Please repeat the question
[14:42] Michael McIntosh: Abbie - r u there?
[14:47] abbie: y
[14:47] abbie: on a call oasis idtrust
[14:47] abbie: will be back in 10 minutes
[15:04] Michael McIntosh: Abbie - just trying to ask for you to please update the roster to reflect attendance - only change to spreadsheet paul sent is Marco Carugi is present and becomes voting member
[15:05] Michael McIntosh: will ask for additional attendees shortly
[15:09] abbie: ok
[15:09] abbie: i am on the call i will start from the roster from paul
[15:09] abbie: thanks
[15:13] abbie: r u on lunch break
[15:13] Michael McIntosh: yes - til 1230
[15:14] abbie: ok
[15:29] MrGoodner: namespaces!
[15:30] MrGoodner: http://docs.oasis-open.org/wsfed/federation/200706http://docs.oasis-open.org/wsfed/authorization/200706http://docs.oasis-open.org/wsfed/privacy/200706
[15:31] MrGoodner: Version number!
[15:34] Larry Rogers (LMCO): repeat issue 4
[15:34] Larry Rogers (LMCO): thx
[15:37] Michael McIntosh: Abbie please send me a note when the roster is updated
[15:39] abbie: do we have a list of the caller from today
[15:39] MrGoodner: I think Mike K. has been keeping track as scribe
[15:39] Larry Rogers (LMCO): details of the weekly meeting, please
[15:40] MrGoodner: Tue. at 7am PST
[15:40] MrGoodner: next meeting is the 19th
[15:40] MrGoodner: then weekly
[15:40] Larry Rogers (LMCO): call-in info?
[15:40] MrGoodner: meetings are scheduled for 1 hour
[15:40] Michael McIntosh: it will go out on te list
[15:40] MrGoodner: call in info to be provided
[15:40] Michael McIntosh: soon
[15:40] MrGoodner: will be sent to list in advance of call
[15:55] Mike Kaiser: Adjourned

ISSUES RECORDED OVER THE TWO DAY MEETING:

Two potential issues have been raised as follows while presenting slide 10 "Authorization Context".

Do we have an issue for a more complex claim structure? A common claim type doesn't adequately allow for complex. Owner: TBD Status: OPEN
We need some kind of reference of where one would find a definition for a particular claim. Common claims are fine, but how are we going to get claim structure outside of this? We need to come up with, perhaps, a normative definition of how to represent complex definitions...or maybe a pointer. Owner: TBD Status: OPEN

We need to get some sort of FAQ together. Owner: TBD Status: OPEN

We need to establish the date and location for the next F2F meeting. Owner: TBD Action Item

Namespaces need to be updated: Propose the following for Federation/Authorization/Privacy:
http://docs.oasis-open.org/wsfed/federation/200706http://docs.oasis-open.org/wsfed/authorization/200706http://docs.oasis-open.org/wsfed/privacy/200706
Owner: Editors Status: OPEN.

We need to get specification into OASIS template format. Owner: TBD Status: OPEN

Change version number of specification to 1.2 Owner: Editors Status: OPEN

The references in spec need to be broken apart into normative vs. non-normative groupings. Owner: Editors Status: OPEN

Transitive closure for cascaded references needs to be done to make sure that cascaded versions don't reference other spec versions. Owner: TBD Status: OPEN