[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Draft minutes, 15 January 2008
With attendance data... -- Steve Anderson BMC Software -----Original Message----- From: Frederick Hirsch [mailto:Frederick.Hirsch@nokia.com] Sent: Tuesday, January 15, 2008 12:43 PM To: OASIS SSTC Cc: Frederick Hirsch Subject: [security-services] Draft minutes, 15 January 2008 Please review these draft minutes from SSTC teleconference, 15 January 2008. regards, Frederick Frederick Hirsch Nokia Draft Minutes SSTC Concall, Jan 15, 2008 Frederick Hirsch took minutes Roll Call & Agenda Review Attendance of Voting Members Steve Anderson BMC Software Brian Campbell Ping Identity Scott Cantor Internet2 Peter Davis NeuStar Jeff Hodges NeuStar Ari Kermaier Oracle Hal Lockhart BEA Systems, Inc Paul Madsen NTT Corporation Eve Maler Sun Microsystems Bob Morgan Internet2 Anil Saldhana Red Hat Tom Scavo National Center for Supercomputing Applications Kent Spaulding Tripod Technology Group Eric Tiffany Liberty Alliance Project Emily Xu Sun Microsystems Attendance of Non-Voting Members Frederick Hirsch Nokia Rob Philpott EMC Corporation Membership Status Changes Frederick Hirsch Nokia - Granted voting status after 1/15/2008 call Rob Philpott EMC Corporation - Granted voting status after 1/15/2008 call Anthony Nadalin IBM - Lost voting status after 1/15/2008 call Quorum achieved, 15/20 voting members. 1. Approve minutes from Dec 18, 2007 http://lists.oasis-open.org/archives/security-services/200712/ msg00059.html Minutes approved unanimously. 2. Administrative Hal: Brian and Hal received note from Giles, waiting for final version of spec before proceeding with authentication context profile in a few weeks. Hal: Jeff Bohren resigning as chair of provisioning TC. What does this mean for status of provisioning specification? ( http://www.oasis-open.org/apps/org/workgroup/provision/email/ archives/200801/msg00005.html ) Hal: Need champion for that specification in order for it to make progress. 2a. SAML XML.org Focus Area Suggestions from Carol Geyer http://lists.oasis-open.org/archives/security-services/200712/ msg00068.html Requests to list products and services in the SAML XML.org product directory http://lists.oasis-open.org/archives/security-services/200801/ msg00000.html 3. Document Status 3.1 Public Review of Five specifications started on December 11th. http://lists.oasis-open.org/archives/security-services/200712/ msg00040.html Review is continuing. No discussion on this call. 3.2 Errata Errata: SAML2 Attribute Profiles http://lists.oasis-open.org/archives/security-services/200801/ msg00001.html Tom described two items. First, broken URL in SAML 2 Profiles document. Need to determine alternative. Scott Cantor - was an internet draft that expired. Need to follow up for IETF status. Hal Lockhart - need to contact area director ACTION: Jeff Hodges offers to review issue and determine appropriate RFC to reference by the next call. Second, questions regarding attribute profile in SAML 2 Profiles document Tom noted that Scott answered this in email. Acknowledgment for Mark Wahl http://lists.oasis-open.org/archives/security-services/200801/ msg00002.html Scott Cantor noted that SAML V2.0 X.500/LDAP Attribute Profile document lost informal contributors acknowledgments which switching to the OASIS template. Hal asked if there are any IPR issues associated with this, only if any contributions made inappropriately. Tom - was public comment Hal so ok according to process. ACTION: Hal to check with Mark if any concern with making an acknowledgment and to verify affiliation. 3.3 Subject-based Profiles for SAML V1.1 Assertions http://lists.oasis-open.org/archives/security-services/200801/ msg00003.html One document with two profiles. Profile of SAML 1.1 Subject Element, one of SAML 1.1 assertion. Goal - give guidance to deployments that support both SAML 1.1 and SAML 2.0 simultaneously. Document restrictions on SAML 1.1 assertions so make them semantically equivalent to SAML 2.0 assertions. Subject profile: a) name qualifier, b) subject confirmation, c) strongly matches (impacts assertion profile). This may need revision, please comment. Assertion profile: SAML 2 has one Subject element as child of assertion, SAML 1.1 has multiple subjects. Profile attempts to rationalize this by requiring that every statement in SAML 1.1 assertion have an equivalent Subject element. Use notion of Very Strongly Match, based on Strongly Match to equate Subject elements. Hal - isn't matching algorithm more lenient than Strong Match, so name it differently than Very Strongly Match? Tom - order of operands to match matters, so named correctly. Goal is to have subject elements in SAML 1.1 assertion to be the same. Eve - this seems useful, may be a Concordia use case. Hal suggests posting a link to this draft to the Concordia mailing list. 4 Other business Eve - Status of technical overview? Paul Madsen - believe it is stable and ready for approval. Hal - Please review tech overview before next meeting (in two weeks) where we will vote to bring to CD status. May also agree to have public review 5 Action Items (Report created 14 January 2008 10:28pm EST) #0283: Change final arrows to solid in Tech Overview diagrams throughout. Owner: Paul Madsen Note: Action #283 should be closed http://lists.oasis-open.org/archives/security-services/200712/ msg00062.html Closed #0311: Propose specific document changes required for PE-65 Owner: Scott Cantor Remain Open #0316: Take a look at the red line versions of erratum docs Owner: Abbie Barbir Status: Open #0319: Check with Paul on the status of issue #0283 (tech overview) Owner: Eve Maler Closed Next call 29 January. Adjourned --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]