Minutes from 10 April meeting

[Eve.Maler@Sun.COM]

EVERYONE: Please note ACTION items below.  Some are due IMMEDIATELY!

Attending:
Jeff
Hal
Darren
Eve
Prateek
Krishna
Bob

Bob will "PDF and line number" both the requirements document
and the SAML draft (which are now separate documents).

Darren has a slight extension on turning in his draft to Bob.

Bob will need to do the following things to the SAML draft:

- Remove the requirements and use cases chapter and the
  issues list appendix
- Replace the old glossary with Jeff's new glossary
- Replace the core assertions section with the new material
- Make any changes to the outline authorized by the decisions
  taken at F2F #1

ACTION: Eve to check with Tim (copying security-leaders) on
whether the Protocols section has also changed and what
precisely among the currently available draft should be put in.

ACTION: Jeff to respond to this thread suggesting the proper
file names for the requirements document and SAML draft

ACTION: All leaders to send Bob (copying security-leaders)
either the source document or a URL to the source document for
whatever it is that's supposed to go into the F2F #2 draft, even
if it's the same as what went into the previous draft.

Categories of issues:

Specific issues already identified
Specific issues not already brought up
General issues people haven't thought of yet

Agenda additions:

We will have an "open mike" on the afternoon of the first day.
It could be a brainstorming session that could possibly generate
new issues to be dealt with on the second day.  This may be
helpful for driving consensus once we get to the second day.  No
"debate"; just position statements.  They can be all over the
map.  There's a limit of 5 minutes per person, and people should
point out precisely what issues they want added to the list.  No
presentation software; just "chalk talk."

ACTION: Prateek to ask Marc C. to get flip charts and papers
that can stick to the wall.

Goals for the second day, in priority order:
0. Clarify the M.O. for this meeting!
1. Resolution of use-case issues
2. Votes on the glossary terms that have editorial notes
   (as we have time); give priority to the ones mentioned
   in the domain model
3. Resolution of core assertion/protocol issues (if we have
   time)
4. Move to accept the noncontroversial parts of the
   requirements document

Take a straw poll at the end of the first day to figure out
prioritization of new issues, if they look somehow as
substantial as any of the old ones.  Three categories: high,
medium, low.  We will assume that the old issues are high
priority.

ACTION: Security leaders be prepared to meet at 8am the second
day to work on the specifics of that day's agenda.