OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Draft minutes for 7 Nov 2006 SSTC meeting (with attendance data)


Attendance of Voting Members

   Steve Anderson BMC Software
   Abbie Barbir Nortel
   Brian Campbell Ping Identity
   Carolina Canales-Valenzuela Ericsson
   Scott Cantor Internet2
   Peter Davis NeuStar
   Heather Hinton IBM
   Frederick Hirsch Nokia
   Jeff Hodges NeuStar
   Chris Laskowski Booz Allen Hamilton
   Hal Lockhart BEA Systems, Inc
   Paul Madsen NTT Corporation
   Eve Maler Sun Microsystems
   Rebekah Metz Booz Allen Hamilton
   Prateek Mishra Oracle
   Jahan Moreh Sigaba
   Bob Morgan Internet2
   Anthony Nadalin IBM
   Ashish Patel France Telecom
   Rob Philpott RSA Security
   Tom Scavo National Center for Supercomputing Applications
   David Staggs Veteran's Health Admin
   Eric Tiffany IEEE Industry Standards
   Greg Whitehead Hewlett-Packard Company
   Thomas Wisniewski Entrust
   Emily Xu Sun Microsystems

Attendance of Non-Voting Members

   Dana Kaufman Forum Systems

Attendance of Observers

   Alessandro Triglia OSS Nokalva

Membership Status Changes

   Dana Kaufman Forum Systems Granted voting status after 11/7/2006 call
   John Hughes PA Consulting Lost voting status after 11/7/2006 call

NEXT MEETING: We will skip the November 21 meeting because it's 
during the week of U.S. Thanksgiving; the next meeting will be 
December 5.  [Eve note added afterwards: This is during IIWb: 
http://www.windley.com/events/iiw2006b/announcement.]

 > 1. Roll Call & Agenda Review, Eve volunteered to be Secretary

Attendance list supplied above.

 > 2. Approve minutes from October 24 con-call
 > 
http://www.oasis-open.org/archives/security-services/200611/msg00000.htm
 > l

APPROVED with unanimous consent.

- New agenda item: ITU-T update from Abbie Barbir

X.1141 has been approved as an ITU-T Recommendation, and it is now 
in the (believe it or not) "beautification" phase.  Abbie commends 
ITU-T on the great job they did.  They did tasks like ensuring the 
schemas are error-free, and compared the text with the original SAML 
text; the process was extensive.  The current phase involves another 
three-plus editorial (not approval) reviews.  Abbie will continue to 
work with them.

We can therefore close AI #0240: "Status of SAML 2.0 submission to 
ITU T".

 > 3. Status
 >
 > a. IPR Transition Ballot
 > 
http://www.oasis-open.org/archives/security-services/200610/msg00051.htm
 > l
 >
 > b. 15 day review
 >
 > c. 60 day review

Hal reports that the request has gone to OASIS, but the ballot won't 
be issued for a while yet.

- New agenda item: Technical Overview

Eve reports that rev 12 is not yet complete, but it's on its way. 
We're preparing to do a DocBook conversion that will allow us to 
publish single-file HTML, bursted HTML, and PDF.  Eve will talk to 
Norm about feasability issues of uploading multiple files for a 
single document, having all the links work, etc.

Tom Scavo had raised the issue on the SSTC list of breaking out the 
"comparison" appendices as separate documents.  With the new 
publishing paradigm they'd be available separately (as well as 
together) anyway, but the consensus was to permanently separate them 
out regardless.

 > 4. Discussion of future plans
 >
 > a. Progressing current profiles to Standard - successful use criteria

Hal: Short review is currently taking place on some docs, and long 
60-day review is taking place on others.  We plan to approve them 
eventually as a bundle called something like "post-V2.0 profiles". 
OASIS's criteria for successful use are quite loose.  For SAML V1.0, 
we asked for successful use attestations roughly at the level of 
operational modes (though they didn't exist yet).  For SAML V2.0, we 
treated the specs as one big lump.  What granularity should we apply 
for the new specs?  Attestations have to be OASIS organization members.

Scott: Keep in mind that he has already agreed to make changes to at 
least two of the docs in review (they're at CD-02) based on comments 
made by Tom Scavo.  He'd like to get the specs finished ASAP, but 
the OASIS review process is progressing slowly.

Eve: Comments from people are likely a good sign that they'd be 
willing to attest to successful use eventually.

Greg: The question is academic.  An attestation has to be somewhat 
specific.  SAML V2.0 involved most of the specs, no matter what 
profile(s) you were interested in implementing.

Eve: The post-V2.0 bundling is only for convenience; the attestation 
granularity should be per-spec.  If there are related ones, they 
could be bundled for attestation purposes.

Scott: I have proposed groupings that could be used for this purpose.

Hal: The AIs mention two bits of outstanding work needed on 
post-V2.0 specs.  Are we missing any?

Paul: There's been a telco deployment profile mentioned, but it's 
early days.

Hal: Also the GUIDE work could possibly bring up some more profiling.

Scott: The X.500 stuff might drive additional profiling work, driven 
by the U.S. federal government.  But this is speculation.

 > b. Other work, in progress or projected
 >
 > 5. Open AIs
 >
 > #0269: CDize errata based on draft 35
 > Owner: Eve Maler
 > Status: Open
 > Assigned: 2006-09-25
 > Due: ---

In progress.

 > #0267: Chairs to move docs to new public review
 > Owner:
 > Status: Open
 > Assigned: 2006-09-25
 > Due: ---

Hal considers this done.  Not sure why the announcement hasn't come 
out.  Closed.

 > #0266: New deployment profile
 > Owner: Tom Scavo*
 > Status: Open
 > Assigned: 2006-09-25
 > Due: ---

In progress.

 > #0265: Updated draft of X.500 attribute sharing deployment profile
 > Owner: Ari Kermaier
 > Status: Open
 > Assigned: 2006-09-25
 > Due: ---

In progress.

 > #0263: NameID and the use of SPProvidedID
 > Owner: Jahan Moreh
 > Status: Open
 > Assigned: 2006-07-17
 > Due: ---

Should have been closed as of last meeting.

 > #0240: Status of SAML 2.0 submission to ITU T
 > Owner: Abbie Barbir
 > Status: Open
 > Assigned: 2005-11-07
 > Due: ---

Closed.

-- 
Eve Maler                                         +1 425 947 4522
Technology Director                           eve.maler @ sun.com
CTO Business Alliances group                Sun Microsystems, Inc.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]