1 message in org.oasis-open.lists.security-servicesRE: [security-services] Agenda for 31...| From | Sent On | Attachments |
|---|---|---|
| Philpott, Robert | Jan 30, 2006 9:02 am |
| Subject: | RE: [security-services] Agenda for 31-Jan SSTC con-call | |
|---|---|---|
| From: | Philpott, Robert (rphi...@rsasecurity.com) | |
| Date: | Jan 30, 2006 9:02:16 am | |
| List: | org.oasis-open.lists.security-services | |
Good catch - sorry - Here's the link to Ashish's doc:
Rob Philpott
Senior Consulting Engineer
RSA Security Inc.
Tel: 781-515-7115
Mobile: 617-510-0893
Fax: 781-515-7020
Email: rphi...@rsasecurity.com
I-name: =Rob.Philpott
-----Original Message-----
From: Paul Madsen [mailto:paul...@rogers.com]
Sent: Monday, January 30, 2006 11:57 AM
To: Philpott, Robert
Cc: Ashish Patel
Subject: Re: [security-services] Agenda for 31-Jan SSTC con-call
Hi Rob, the link under Ashish's name below points to Scott's Extensions
document rather than the Shared Credential proposal document
Paul
Philpott, Robert wrote:
Dial in info: +1 865 673 6950; Access code: 270-9441#
FYI - Spam on public comment distribution list has been reported to
OASIS and they are working on it.
1. Roll call
2. Approve minutes from 17-Jan SSTC con-call
* Re: [security-services] Draft minutes for 17 January 2006
SSTC telecon, with attendance data
services/200601/msg00040.html>****
* **Attendance correction noted at: **Re:
[security-services] Draft minutes for 17 January 2006
SSTCtelecon, with attendance data (correction)
services/200601/msg00045.html>
3. Heads up: New IBM research report on security of SAML 2.0
* Main focus is on use of artifact binding with web SSO
* IBM has requested a meeting with SSTC to discuss findings
and proposals
* Chairs will set up meeting and have asked IBM to provide
paper to TC
4. Constrained Delegation (saml-dev discussion thread continued on
main list):
* ScottC: RE: [saml-dev] Constrained delegation
dev/200601/msg00009.html>
* PrateekM: Re: [security-services] FW: [saml-dev]
Constrained delegation
services/200601/msg00046.html>****
* **ConorC: RE: [security-services] FW: [saml-dev]
Constrained delegation
services/200601/msg00047.html>******
* **ScottC: RE: [security-services] FW: [saml-dev]
Constrained delegation
services/200601/msg00048.html>******
5. **Potential Errata in Conformance for SAML Authority &
Requester******
* **TomW: RE: [security-services] SAML Authority and
Requester Conformance question
services/200601/msg00041.html>******
6. **AshishP: Shared credential draft document******
* draft-saml-protocol-ext-01.pdf
open.org/apps/org/workgroup/security/download.php/15207/draft-saml-
protocol-ext-01.pdf>
7. saml-dev discussion re: "strongly matches"
* TomS and ScottC: RE: [saml-dev] strongly matches
dev/200601/msg00011.html>****
8. **AI Review (attached)******
9. Any Other Business?
10. Adjourn
---------------
#0247: As per 17-Jan call: Prateek has received some feedback on the
constrained delegation profile and will produce a revision next week.
Owner: Prateek Mishra
<New AI>
---------------
#0243: Clean up text in Section 3.3.2.2.1 (RequestedAuthNContext)
Owner: Scott Cantor
<New AI>
---------------
#0246: revise the PE 10 wording proposal "clarifying that anyURI is
indeed the right interpretation" for the Reason attribute.
Owner: Jahan Moreh
<New AI>
---------------
#0180: Need to update SAML server trust document
Owner:
30-Aug: Jeff will not have time anytime soon to update the draft that
was posted. It was suggested that the info in the doc is useful, so
the AI is being left open in the hope that someone will volunteer in
the near future to take over as editor.
---------------
#0234: Nick to prepare some text for PE 23.
Owner: Nick Ragouzis
---------------
#0245: Per 17-Jan con-call: Greg W. to propose some clarifying text
for the attribute profile section re: the issues discussed on the call.
Owner: Greg Whitehead
<New AI>
---------------
#0244: Per 17-Jan con-call: Tom W. to send out a suggestion for
shoring up the conformance language to clear up the
requester/responder mismatch.
Owner: Thomas Wisniewski
<New AI>
---------------
#0238: Plan for red-line versions of SAML 2.0
Owner: Eve Maler
Per 8-Nov con-call: Eve-supposed to research on whether this was OK,
she thinks OASIS said yes. CYA notification as to non-normative vs
normative. Just haven't found the time. Keep my name on AI with speed
caveat. Scott- I will help (if necessary)
#0242: Recommended text for SAML Attr Sharing Profile
Owner: Rob Philpott
---------------
#0230: SAML Conformance SSL/TLS requirements
Owner: Eric Tiffany
Eric is concerned because implementation will be able to run over TLS,
but spec actually says you must implement TLS.
---------------
#0240: Status of SAML 2.0 submission to ITU T
Owner: Olivier Dubuisson
Per 17-Jan-06 con-call:
Abbie has asked Eve for help filling out a form having to do with
Liberty's PAOS spec, on which SAML depends. She will probably delegate
this.
Per 18-Jan email: Reassigned to Olivier Dubuisson
Olivier (and Abbie) - working the issue w/ITU-T. Olivier will just
need help from Eve in working the Liberty mgmt board.
---------------
--
Paul Madsen e:paulmadsen @ ntt-at.com
NTT p:613-482-0432
m:613-302-1428
aim:PaulMdsn5
References
Visible links 1. http://www.oasis-open.org/apps/org/workgroup/security/download.php/16297/draft-saml-shared-credential-discussion-01.doc