[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Draft minutes from 7 Apr 2009 SSTC call
On Apr 6, 2009, at 7:49 PM, <Mail Display Name> <hal.lockhart@oracle.com> wrote: > Roll Call & Agenda Review Official attendance to be supplied. Quorum reached handily. > Need a volunteer to take minutes Eve agreed to take minutes. > 1. Minutes > > 1.1 Minutes from SSTC/SAML conference call March 24, 2009 > http://lists.oasis-open.org/archives/security-services/200903/msg00059.html Minutes APPROVED by unanimous consent. > 2. Announcements > > 2.1 Public Review of SAML 2.0 Profiles > http://lists.oasis-open.org/archives/security-services/200903/msg00062.html > Review ends May 25th > > 2.2 Thomas Hardjono has nominated himself for Co-Chair > http://lists.oasis-open.org/archives/security-services/200904/msg00005.html > > 2.3 Reminder - Meetings will be every four weeks - Next call May 5 If there's a period of intense work, we can always increase the frequency temporarily, but Hal has removed the alternate meetings from our online calendar through August. > 3. Document Status > > 3.1 Diff version of LOA Authncontext Profile Draft 2 uploaded > http://lists.oasis-open.org/archives/security-services/200903/msg00053.html > > > 4. Discussion > > 4.1 Election of Co-Chair Hearing no other nominations besides Thomas, a motion was made by Rob and seconded by Bob to accept Thomas Hardjono as co-chair. Eve spoke in favor. Motion APPROVED by unanimous consent. Thomas introduced himself. Starting in December 2008, he's been working with the MIT Kerberos Consortium. He started to work with SAML in 2002, while at VeriSign. (Phill Hallam-Baker was his peer in the CTO's office there.) Thomas had spent more time on the XACML and XRML efforts at OASIS in that era. His motivation for nominating himself was to begin contributing more actively to the community, and a formal co-chair role is recognized as constructive contribution by his new employer. Hal with work with Thomas to get him up to speed on procedures and such. > 4.2 question on MNI request for SP Lite/IdP Lite > http://lists.oasis-open.org/archives/security-services/200903/msg00055.html (Kyle Meadors isn't on the call.) Ari notes that the Liberty folks are still discussing the matter. The MUST NOT clauses in question seem ill-considered in retrospect. At the time, the discussion had to do with relieving SPs of an MNI burden if they didn't generally deal with any kind of persistent state. Scott recalls that we didn't want to set this as OPTIONAL because it would somehow make second-class citizens of some implementations (in marketing terms), which indeed does seem weird. But given experience with last year's conformance testing, Ari observes that some implementors do seem committed to testing both full and lite. Hal suggests that the answer is to define some additional conformance/ operational mode. Dealing with this in errata doesn't seem appropriate. Scott isn't not heavily focused on this issue, and so isn't offering assistance to do this. There's a difference between the capability of supporting a feature and deployment with the feature turned on (or otherwise explicitly exposed). We don't want to get into deployment configuration/ variation questions. > 5. Other business XSPA Profile of SAML: http://lists.oasis-open.org/archives/security-services/200904/msg00007.html David will add a column to his spreadsheet (attached to the message referenced above) where he'll propose dispositions, in such a way that people can easily track and comment on those proposals. Hal suggests that we field responses to comments on the list. Don't miss David's mail, which has a photo from the floor of HIMSS. Distinguishing Basic HTTP authentication mechanisms from form-auth: http://lists.oasis-open.org/archives/security-services/200904/msg00008.html In a project to use SAML with WebDAV, a question has come up. Let's continue the discussion on the list. RSA conference: Hal is speaking on XACML on the Friday. Come on down! And the big day-long identity workshop being held on the Monday had 1000 signups. > 6. Action Items > > None open Scott agreed to clean up the errata, so this is pending. Eve Maler eve.maler @ sun.com Emerging Technologies Director cell +1 425 345 6756 Sun Microsystems Identity Software www.xmlgrrl.com/blog
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]