[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Draft minutes (with attendance) of 11 Sep 2007 SSTC meeting
Hi, One minor Correction. Charles Knouse is with HP now. -Lakshmi -----Original Message----- From: Eve.Maler@Sun.COM [mailto:Eve.Maler@Sun.COM] Sent: Tuesday, September 11, 2007 9:45 AM To: security-services@lists.oasis-open.org Subject: [security-services] Draft minutes (with attendance) of 11 Sep 2007 SSTC meeting Brian Campbell wrote: > Proposed Agenda SSTC Concall, September 11, 2007 Meeting called to order at x:02. > Roll Call & Agenda Review 13 (later 14) of 23 voting members present; quorum achieved. Attending (voting members): Jeff Bohren BMC Software Brian Campbell Ping Identity Scott Cantor Internet2 Frederick Hirsch Nokia Eve Maler Sun Microsystems Bob Morgan Internet2 Anthony Nadalin IBM Rob Philpott EMC Corporation Anil Saldhana Red Hat Tom Scavo National Center for Supercomputing Applications Kent Spaulding Tripod Technology Group David Staggs Veteran's Health Admin Lakshmi Thiyagarajan Hewlett-Packard Company Emily Xu Sun Microsystems Attending (non-voting members): Jeff Hodges NeuStar Ari Kermaier Oracle Attending (observers): Charles Knouse Oblix Jason Woloz > Need a volunteer to take minutes Eve volunteered. > 1. Approve minutes from August 28 > http://lists.oasis-open.org/archives/security-services/200708/msg00041 > .html Minutes APPROVED without objection. > 2. Administrative > 2.1 Potential Erratum on 2nd-level status codes > http://lists.oasis-open.org/archives/security-services/200708/msg00053 > .html The current wording in some locations appears to mandate the return of a 2nd-level code, which is excessive. Rob reported the issue and Conor followed up with suggested language. AI: Eve to locate the link to the current "working errata" document and follow up with Abbie Barbir (who we think volunteered) about getting the new crop of errata recorded. > 2.2 Potential Erratum with metadata and DNSSEC > http://lists.oasis-open.org/archives/security-services/200709/msg00014 > .html AI: Peter Davis to recommend wording on potential erratum on metadata and DNSSEC. > 2.3 SAML 2.0 WSDL on SSTC home page? > http://lists.oasis-open.org/archives/security-services/200709/msg00000 > .html We'd like to consider a reorganization of the SSTC home page, which is getting long and complicated. Maybe we can use the wiki more cleverly to get rid of the busyness. AI: Brian to do a slightly invasive edit to the SSTC home page to point to the wiki, and to the wiki to add a link to the WSDL. > 3. Document Status > 3.1 Docs on their way to OS > Metadata Profile for the OASIS Security Assertion Markup Language > (SAML) V1.x & Metadata Extension for SAML V2.0 and V1.x Query > Requesters > Ballot to submit for OASIS Standard Vote passed > http://lists.oasis-open.org/archives/security-services/200709/msg00001 > .html Submitted to OASIS admin on Friday 9/7/07 Brian has gotten the submission to Mary in time for the current review cycle. > 3.2 Docs pending public review > > Pending 15 Day Review > *SAML V2.0 Attribute Sharing Profile for X.509 Authentication-Based > Systems (CD 04) *SAMLv2.0 HTTP POST "SimpleSign" Binding (CD 02) > > Pending 60 Day Review > *SAML V2.0 Deployment Profiles for X.509 Subjects (CD 02) *Identity > Provider Discovery Service Protocol and Profile (CD 02) > > Need AI(s) to submit for public review? Brian believes that we simply need to submit them, with no other steps required. Tom wonders if Hal had already contacted Mary, but Brian didn't see a cc: about this. AI: Brian to follow up with Mary on correct next steps. > 3.3 SAML v2.0 Errata > Mary needs updated copies > http://lists.oasis-open.org/archives/security-services/200708/msg00030 > .html (AI#305) We think this was a very minor title-page cleanup, but can't recall the holdup. Brian has put the links to the latest revs on the SSTC home page. Abbie had taken the AI to do these edits. AI: Eve to check with Mary on what edits were required and take care of them (either by getting Abbie to do them or by doing them herself). > 4 Discussions > > 4.1 SAML metadata lifecycle issues > Status We haven't seen much more discussion on the list about this issue. No one wanted to speak up on the call to continue the conversation at this juncture. > 4.2 Proposal for extensions to Authentication Context Giles to attend > the Sept 25 call for discussion Hal was going to post some discussion Be prepared for this discussion during the next call. AI: Brian to follow up with Hal to make sure the latter's commentary on Giles's authn context proposal goes out to the list in time. > 5 Other business None today. > 6 Action Items (Report created 10 September 2007 11:26am EDT) > > #0305: Prepare final version(s) of the SAML v2.0 Errata document > Owner: Abbie Barbir > Status: Open > Assigned: 2007-08-23 > Due: --- See above AIs for followup. This remains open. > #0304: Incorporate appropriate use of LDAP language tags in new LDAP > attr profile > Owner: Scott Cantor > Status: Open > Assigned: 2007-08-23 > Due: --- This remains open. > #0283: Change final arrows to solid in Tech Overview diagrams > throughout. > Owner: Paul Madsen > Status: Open > Assigned: 2007-03-27 > Due: --- This was uploaded on July 31: http://www.oasis-open.org/apps/org/workgroup/security/download.php/24832 /TechOvwGraphics02.zip A check of a sample file (SSO-SP-POST) shows that the first step ("access resource") and last step ("supply resource") are dotted, as are the authentication steps ("challenge for credentials" and "user login"). Is this correct? AI: Eve to check with Paul Madsen about whether arrows are correct in the Tech Overview diagrams and about publishing a rev of the doc with the corrected versions. Meeting adjourned at x:30. -- Eve Maler +1 425 947 4522 Technology Director eve.maler @ sun.com CTO Business Alliances group Sun Microsystems, Inc.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]