OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xspa message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Draft meeting minutes Oct 29, 2018

Minutes for 29 October 2018 TC meeting.

Meeting started at 12:00 PM PT.

**Attendance:

 

Mohammad Jafari, co-chair (VHA)

Chris Shawn, co-chair (VHA)

Mike Davis (VHA),

Kathleen Connor (VHA).

Chair: We have quorum.

Agenda

**Administrivia:

- Approval of the draft minutes from the last meeting on 04/23/2018:

https://lists.oasis-open.org/archives/xspa/201804/msg00003.html

 

Unanimously approved.

 

**XSPA SAML Profile Working Draft:

- Purpose of Use vocabulary reference update.

Mohammad: Just clarifying that we are still referencing to the core HL7 v3 purpose of use vocabulary since I saw a comment about referencing the FHIR PoU vocabulary instead.

 

Kathleen: I think we should stick to the HL7 core valueset.

 

Mike: agreed.

 

- Harmonization with the SAML subject ID attribute.

Mohammad: The SAML TC has been working on Subject Identifier Attributes Profile to define a new attribute for representing the ID of the entity which is the subject of the assertion.

 

Mike: In the VA and most other exchange use-cases, there is no user ID and the determining identifier is the requesting organization's ID.

 

Mohammad: the SAML subject-id can be any entity; it can be an organization, a user, or even a machine.

 

Mike: Is this a multi-valued attribute?

 

Mohammad: need to check the profile specs.

 

Mohammad will update the WD13 to harmonize with SAML Subject ID profile.

 

- Simplified JSON encoding according to XACML JSON profiles and OpenID example.

 

Mohammad: I have expanded the JSON encoding section to include a mechanism for using these attributes in JSON-based protocols and have added a non-normative example using OpenID Connect. This paves the way for users of JSON-based protocols to adopt the profile.

 

Mike, Kathleen: This is a good idea.

 

Mohammad: I will complete this section and upload the new draft.

 

**Discussion of the next steps for the SAML Profile working draft.

Mohammad: In order to gain final approval as an OASIS standard, we need a number of implementer's attestation that they have successfully implemented the profile. We can seek that from the vendors in the SAML TC but that would require taking the profile to the SAML TC.

 

Kathleen: We probably encourage some vendors to join the XSPA TC.

 

Mohammad: Next meeting will be next week at the same time.

Adjourned at 12:40 PM PT.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]