[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: SSTC/SAML concall Draft Minutes Tue 2-Jun-2009
comments to the list please. =JeffH ============================================================================ SSTC/SAML concall Tue Jun 2 09:12:38 PDT 2009 ---------------------------------------------------------------------------- Hal Lockhart presiding Minutes by Jeff Hodges (=JeffH) NOTE: next TC concall/meeting is Tue 30-Jun-2009 AI summary ------------ AI -- Scott Cantor to post affirmation to list of no comments in public review on those docs AI -- Tom Scavo to assemble list of comments from PR on the two HOK docs and begin processing them AI -- Charis to make request noted in Motion 2. AI -- Dwayne to add a page for the XSPA page in the SAML wiki Motions Passed -------------- 1. Moved to re-affirm these specs as CD due to passing public review with no comments.. SAML V2.0 Attribute Extensions Version 1.0 SAML V2.0 Metadata Extension for Entity Attributes Version 1.0 SAML V2.0 Metadata Interoperability Profile Version 1.0 2. Moved to request TC Admin to launch an electronic ballot to move the docs from Motion 1 to CD maturity level. 3. Moved to move modified XSPA profile to CD 4. Moved to have a 15-Day review of revised XSPA profile (xspa-saml-1.0-pr02.doc version 1) due to there being no substantive changes. 5. Moved to sstc-saml-approved-errata-2.0-draft-49 to CD, confirmed changes therein are not substantive, and to proceed to 15-Day public review. > Proposed Agenda SSTC Conference Call > June 2, 2009, 12:00pm ET > > Dial in info: +1 215 446 3648 > Access code 270-9441# > > Roll Call & Agenda Review > > Need a volunteer to take minutes > > 1. Minutes > > 1.1 Minutes from SSTC/SAML conference call May 5, 2009: > http://lists.oasis-open.org/archives/security-services/200905/msg00018.html > http://lists.oasis-open.org/archives/security-services/200906/msg00005.html (with corrected meeting attendance) prior minutes duly approved by unan consent. > 2. Announcements > > > 2.1 Public Review of SAML 2.0 Profiles has closed. > > http://lists.oasis-open.org/archives/security-services/200903/msg00062.html > > Question to Scott regarding last action item (Scott to talk to Mary about getting a Jira instance for SSTC.) Scott Cantor (sc): did talk to her, she said "no problem, you don't do anything, I just create it...". So SC will tug her sleeve again. Nate Klingenstein (nk): wrt pub review, had long disc wrt changes they could/should make to HOK, how does that affect ? review, did I miss anything? Tom Scavo (ts): didn't miss anything, need to compile comments on the docs, yes? Hal Lockhart (hl): ques is whether we need to do short or long subsequent reviews, but in any case need to compile all the comments w/sources and such sc: at least two or three docs didn't rec any comments.. hl: docs need to be re-affimed as CDs sc: next step is to ask for vote for CS, yes? hl: yes sc: let's do that today since calls are infrequent? don't recall any comments on any but the delegation restriction one. that one is on hold until can produce new WD of it wrt #2, 5, 6 in the above-referenced message -- no comments on them? SAML V2.0 Attribute Extensions Version 1.0 SAML V2.0 Metadata Extension for Entity Attributes Version 1.0 SAML V2.0 Metadata Interoperability Profile Version 1.0 sc motion: move to reaffirm above as CD modulo received no comments on them Jeff Hodges (jh): second [no objection to unanimous consent to motion -- passed] AI -- SC to post affirmation to list of no comments in public review on those docs AI -- ts to assemble list of comments from PR on the two HOK docs and begin processing them sc motion: req tc admin to conduct elec ballot to move the 3 docs to CS maturity level ts: 2nd [pass w/unan consent] AI -- chairs, begin process on above listed docs > 2.2 Comment requested on removing DTD definitions from XML Signature 1.1 and on elliptic curve http://lists.oasis-open.org/archives/security-services/200904/msg00012.html > > Feedback requested. hl: still not too late to comment. sc: dtds are gone hl: still debating elliptic curve, thus not to late to comment. > > 2.3 Reminder - Meetings will be every four weeks - Next call July 7. hl: nope, next call is 30-Jun (!!) > > 2.4 Announcement: Upcoming SAML 2.0 IOP event, July 14-Sept. 4 > http://lists.oasis-open.org/archives/security-services/200905/msg00020.html > > Kyle of drummond group: nxt IOP for SAML is 14-Jul-2009, registration is still open > 3. Discussion > > 3.1 Review of planned work. Discuss future work plans and indication of specs in the pipeline and approximate date for first drafts. [worked down SAML Wiki page: <http://wiki.oasis-open.org/security>] ts: noted general request that someone add a page for the XSPA page in the wiki, AI -- Dwayne to add a page for the XSPA page in the SAML wiki hl: OASIS BoD have debated at length non-implementable (informational?) docs, so have to work in framework, this applies to Tech Overview -- any objection to putting the latter into Pub Review at any point? will leave in case anyone wants to champion it, can attach to future pub review... jh: what about simplesign? sc: there's comments in queue on it, no cycles for it now. sc: impl'd by two as-specificed, not sure about AOL's impl, not aware of other impls hl: so no intent to progress at this time, not hl: wrt token card profile sc: on hold for IMI TC work hl: SAML V2.0 Holder-of-Key Assertion Request Profiles sc: active & moving fwd. there's a opengroup doc that depends on it, have public comments on it, intend to move forward hl: Level of Assurance Authentication Context Profiles for SAML 2.0 status of draft 2 from march? [no answer] sc: is this one that's on agenda as another doc? is this one Paul just posted? that's paul's doc hl: this is actively being progressed.. sounds like we have 3 or 4 that will be ready for pub rev "soon" any other profiles to propose soon? fredrick hirsch (fh): there might be something more, can't say just yet.... > 3.2 XSPA Profile updated > http://lists.oasis-open.org/archives/security-services/200905/msg00022.html david staggs (ds): public comment period on this doc ended on 13-Mar, analyzed all comments, made approp updates, discussed cmts at last meeting, have spreadsheet for all 34 comments, have changes for comments, there's lots of interest in XSPA (calling from Healthcare SOA comments and will be talking about the spec on Thu this week) want to propose a motion to move doc forward. last update was recently posted. would be helpful to do vote today due to infrequent TC calls these days. ds: motion to move modified XSPA profile to CD (would be CD2 rev) dwayne: 2nd hl: any objs [motion passed by unan consent] hl: can get by w/short pub review. 15-day ds: is cd2 a "major change" from cd1 ? hl: term is "substantive changes".... ds: don't believe made "substantive changes".... hl: [eads process para on this] e.g. schema changes are substative, else judgement call will entertain motion to have 15-day review, comments are limited to the changes only, and is judgement of tc that haven't made substan changes so moved by DS, 2nd Dwayne hl: any obj's ? [motion passed by unan consent] hl: expectation is that you create a diff -- do CD version, and diff with prev CD let hl know when done that. then hl will contact Mary. enumeration of changes may be sufficient. e.g. just put spreadsheet in repository, send hl links to new CD version and spreadsheet. ds: have source file with "tracking" turned on.... > 3.3 Any more comments to on saml-loa-authncontext-profile: > > - remove 800-63 schemas http://lists.oasis-open.org/archives/security-services/200904/msg00013.html > > - Paul to remove specific references to NIST LOA values in a new draft. hl: paul not on call ... any comments on above? RLBob Morgag (rlm): propsal on email in last week or so, add to this doc a new notion that in addition to being able to express LOA using AC, a metadata publisher say can express that an IDP has been "vertified" to use a particular profile, using attrs from the attrs-for-metadata draft see.. http://lists.oasis-open.org/archives/security-services/200905/msg00013.html have heard from other members of their federation that this would be a good thing. john bradley (jb): this isi the "why should i trust you" problem... rlm: yes, essentially. metadata signing addresses this, but folks wishing for more explicit attestation hl: how does this work? sc: have an assnertion (assn) about entity, has attribute (attr) in it, attestation, can do anything you want with assn of course, is just a common claim one can reference. this would be another saml-tc-defined attr hl: a reg attr statement can refer to any system entity. this one is particular to an entity that issues assns sc: yes, not a big deal rlm: paul supported it on list jb: provides for IC and other RPs to adopt it (by doing it here) rlm: usual nitpicking wrt actual attr name... sc: may want to do something similar to orig saml attr work. sc is fine with this proposal > 3.4 Assorted threads on saml-dev/comment list > > > 3.6 Draft Approved Errata posted > http://lists.oasis-open.org/archives/security-services/200905/msg00023.html sc: anyone doing errata shud do all this in parallel, rather than waiting to end. tried to emulate ELM's example, hopefully essentially equivalent used 49 as increment number to try to keep it consistent removed refs to non-normative redlined spec altered lang that there _may_ be redlined specs available otherwise is just a sync up with working draft. hl: can put info wrt errata in wiki? AI - SC to put in wiki info wrt making errata process easier hl: do you have list of what orig specs are being altered by this errata? sc: every normative doc we pub'd as orig spec... hl: tc process reqs us to supply doc that proposes changes, and optionally provide mod'd specs incorp'g errata sc: doing the latter is burdensome hl: need to formulate motion to see that boiler plate fixes are made... in order to proc approved errata, need doc w/ "corrections". we would need to vote -49 to CD, 2nd vote to confirm that corrections do not constitute substan change, 3d vote to 15-day pub review, 4th full-majority vote to replace the existing errata doc today, can do first 3 things. entertain motion to do all first three things (noted above). all these errata items we process sc: so moved jh: 2nd hl: any obj's? [motion passed by unan consent] > 3.5 SAML simplesign useful in practice? > http://lists.oasis-open.org/archives/security-services/200905/msg00015.html hl: any more to be said on this? sc: trying to get the xmlsec wg to do a simplesign-like thing, that's where question comes in > > > 4. Other business hl: any discussion wrt recent threads on saml-dev and comments@ lists? [silence, none] > 5. Action Items > none open [see summary at beginning of these minutes for AIs opened during this meeting] [meeting adjourned] ============================================================================
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]