[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Draft meeting minutes April 15, 2014
Minutes for 15 April 2014 TC meeting.
Started at: 1:12 pm EDT
Duane DeCouteau (Voting Members)
Mohammad Jafari (Chair)
Mike Davis (Voting Members)
Kathleen Connor (Non-member; HL7)
Quorum was reached ( 3 out of 3 (%100) of voting members)
- Discussion of the SAML profile committee specification draft.
Mohammad: Do we need to add attributes for representing the organization's policy with respect to sensitive information? This is necessary in inter-state and international use-cases.
Kathleen: This is important for trust negotiations.
Mohammad: We can't capture the trust negotiation protocol with SAML.
Kathleen: But we need to add the required attributes to be used in such protocol.
Mohammad: Agreed. We need to choose whether we want to stop moving the current profile forwards until we have a better understanding and preferably a demo implementation of such protocol. For example: what do we do if the consumer's policy doesn't match the provider's policy. Which one overrides?
Kathleen: That's also a policy.
Mike: Currently we can assume the transaction is rejected if the recipient can't comply with the sender's policy.
Duane: That's the case in the current demo implementation.
Mike moved that we proceed with the current profile and leave such attributes for a future “trust attributes profile”.
Mohammad: The next step for the profile is to open the committee specification draft for public review.
Motion: approving “Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of SAML v2.0 for Healthcare Version 2.0 Committee Specification Draft 01” dated 1 April 2014 to be published to the repository and be made available for Public Review
Approval of minutes from previous meetings (March 25 and April 1, 2014):
Mohammad: We will reconvene in two weeks to discuss the public comments.
Adjourned at: 1:45pm EDT.