[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes for 13 Mar 2007 SSTC telecon, with roll (Corrected 4/10/2007)
> 1. Roll Call & Agenda Review, Find volunteer minute taker Eve volunteered to take minutes. Attendance of Voting Members Steve Anderson BMC Software Conor P. Cahill Intel Brian Campbell Ping Identity Scott Cantor Internet2 Jeff Hodges NeuStar Ari Kermaier Oracle Chris Laskowski Booz Allen Hamilton Paul Madsen NTT Corporation Eve Maler Sun Microsystems Prateek Mishra Oracle Bob Morgan Internet2 Anthony Nadalin IBM Ashish Patel France Telecom Rob Philpott EMC Corporation Tom Scavo National Center for Supercomputing Applications David Staggs Veteran's Health Admin Eric Tiffany IEEE Industry Standards Greg Whitehead Hewlett-Packard Company Emily Xu Sun Microsystems Attendance of Non-Voting Members Abbie Barbir Nortel George Fletcher AOL Membership Status Changes Eric Tiffany IEEE Industry Standards - Member account restored 3/1/2007 Senthil Sengodan Nokia - Withdrew from TC 3/2/2007 George Fletcher AOL - Membership granted 3/9/2007 > 2. Approve minutes from February 27 con-call > http://lists.oasis-open.org/archives/security-services/200702/msg00071 > .html APPROVED by unanimous consent. > 3. New drafts uploaded > > (a) Simple Signature Web SSO Profile > http://lists.oasis-open.org/archives/security-services/200703/msg00014 > .html Scott: Note that this is a binding (not a profile). He had some trouble producing HTML, but ultimately managed it using a software tool and a bit of hand-editing. This is okay to do occasionally but isn't tenable as a regular thing. AI: Chairs to get SimpleSign to 60-day public review. > (Voted to public review Jan 30 - chairs need to forward to Mary) > > > (b) CD-01 version of Approved Errata document > http://www.oasis-open.org/archives/security-services/200703/msg00033.h > tml > > initiate errata process - > http://www.oasis-open.org/committees/process.php#3.5 Eve: Actually we did this last time; this is ready to go to public review now, having been edited into CD form. AI: Chairs to get Approved Errata to 15-day public review. > (c) Technical Overview v13 > http://www.oasis-open.org/archives/security-services/200702/msg00052.h > tml > We had planned on a CD and public review vote today. Motion approved to move Tech Overview to CD status and public review. Eve: Asks for clarification: are we instructing the editor (Paul) to incorporate edits as suggested by Eve and Tom prior to CD publication? Prateek: No, we'll catalog these as the first wave of "public review" comments and save them for later. AI: Editor (Paul) to prepare Tech Overview for CD publication. > (d) draft-sstc-saml-idp-discovery-03.pdf uploaded > http://lists.oasis-open.org/archives/security-services/200703/msg00028 > .html MOVED by Abbie, SECONDED by RLBob to move IdP Discovery doc to CD status. APPROVED by unanimous consent. MOVED by JeffH, SECONDED by Abbie to move the IdP Discovery CD to public review. APPROVED by unanimous consent. > 4. Active Threads > > (a) Untrusted Service Provider Profile > http://lists.oasis-open.org/archives/security-services/200702/msg00075 > .html No action. > (b) Assertion signing confusion > http://lists.oasis-open.org/archives/security-services/200703/msg00003 > .html No action. The confusion was cleared up in errata already. > (c) AuthnContextDecl and AuthnContextDeclRef > http://lists.oasis-open.org/archives/security-services/200703/msg00004 > .html No action; we think the spec text is as good as we can make it. If someone (Eric?) wants to suggest better text, we can entertain it. AI: Eric to either propose text to improve AuthnContextDecl/Ref confusion or indicate that there's no need. > (d) Comments on Tech Overview rev 13 > http://lists.oasis-open.org/archives/security-services/200703/msg00019 > .html This link is to a followup; the original comments in totality are at: http://lists.oasis-open.org/archives/security-services/200703/msg00016.h tml First issue: Should the two outermost steps in flows ("access resource" and "supply resource") use dotted lines or solid lines? Currently the first is solid and the last is dotted! So regardless, something has to change. The sentiment on the call was to make them solid, so as not to needlessly confuse people about what's being accomplished by the flow. (The "challenge for credentials" and "user login" steps are appropriately dotted because it could be multiple challenge steps etc. We're not willing to change it to be a single dotted-double arrow line, though, since that would change the numbering and be very invasive to the spec text.) AI: Editor (Paul) to change final arrows to solid in Tech Overview diagrams throughout. Second issue: Should the swoopy redirect arrows be changed to a pair of arrow steps, the way POST is? No, it's not that important and anyway it shows at a glance which binding is being used in the diagram. No action. > (e) NZ gov use case > http://lists.oasis-open.org/archives/security-services/200703/msg00022 > .html No action; Collin isn't on the call. > 5. AIs > > #0279: Investigate relationship between ID-WSF and SOAP SSO profile > Owner: Greg Whitehead > Status: Open > Assigned: 2007-03-12 > Due: --- Greg continues to investigate (though he is not at the Liberty interim meeting this week and is hampered from pursuing it right away therefore). Keep AI open. Eve will ask Hubert to bring it up in the interim meeting. > #0278: Ari to respond to comments on x.509-attribute profile version > 11 > Owner: Ari Kermaier > Status: Open > Assigned: 2007-03-12 > Due: --- Ari and Tom agreed that Tom will produce rev 12, including lots of editorial corrections and some resolutions on Tom's more substantive comments. AI: Website editor (Paul -- but can delegate back to Eve if necessary) to add links to all the latest new documents, most particularly the errata redlines so that new readers of the specs see that first. AI: Ashish Patel to report on next steps on his/Paul's draft that has gone through public review. ADJOURNED at x:43. -- Eve Maler +1 425 947 4522 Technology Director eve.maler @ sun.com CTO Business Alliances group Sun Microsystems, Inc.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]