|Philpott, Robert||Jan 30, 2006 9:02 am|
|Subject:||RE: [security-services] Agenda for 31-Jan SSTC con-call|
|From:||Philpott, Robert (rphi...@rsasecurity.com)|
|Date:||Jan 30, 2006 9:02:16 am|
Good catch - sorry - Here's the link to Ashish's doc:
Senior Consulting Engineer
RSA Security Inc.
From: Paul Madsen [mailto:paul...@rogers.com]
Sent: Monday, January 30, 2006 11:57 AM
To: Philpott, Robert
Cc: Ashish Patel
Subject: Re: [security-services] Agenda for 31-Jan SSTC con-call
Hi Rob, the link under Ashish's name below points to Scott's Extensions
document rather than the Shared Credential proposal document
Philpott, Robert wrote:
Dial in info: +1 865 673 6950; Access code: 270-9441#
FYI - Spam on public comment distribution list has been reported to
OASIS and they are working on it.
1. Roll call
2. Approve minutes from 17-Jan SSTC con-call
* Re: [security-services] Draft minutes for 17 January 2006
SSTC telecon, with attendance data
* **Attendance correction noted at: **Re:
[security-services] Draft minutes for 17 January 2006
SSTCtelecon, with attendance data (correction)
3. Heads up: New IBM research report on security of SAML 2.0
* Main focus is on use of artifact binding with web SSO
* IBM has requested a meeting with SSTC to discuss findings
* Chairs will set up meeting and have asked IBM to provide
paper to TC
4. Constrained Delegation (saml-dev discussion thread continued on
* ScottC: RE: [saml-dev] Constrained delegation
* PrateekM: Re: [security-services] FW: [saml-dev]
* **ConorC: RE: [security-services] FW: [saml-dev]
* **ScottC: RE: [security-services] FW: [saml-dev]
5. **Potential Errata in Conformance for SAML Authority &
* **TomW: RE: [security-services] SAML Authority and
Requester Conformance question
6. **AshishP: Shared credential draft document******
7. saml-dev discussion re: "strongly matches"
* TomS and ScottC: RE: [saml-dev] strongly matches
8. **AI Review (attached)******
9. Any Other Business?
#0247: As per 17-Jan call: Prateek has received some feedback on the
constrained delegation profile and will produce a revision next week.
Owner: Prateek Mishra
#0243: Clean up text in Section 188.8.131.52.1 (RequestedAuthNContext)
Owner: Scott Cantor
#0246: revise the PE 10 wording proposal "clarifying that anyURI is
indeed the right interpretation" for the Reason attribute.
Owner: Jahan Moreh
#0180: Need to update SAML server trust document
30-Aug: Jeff will not have time anytime soon to update the draft that
was posted. It was suggested that the info in the doc is useful, so
the AI is being left open in the hope that someone will volunteer in
the near future to take over as editor.
#0234: Nick to prepare some text for PE 23.
Owner: Nick Ragouzis
#0245: Per 17-Jan con-call: Greg W. to propose some clarifying text
for the attribute profile section re: the issues discussed on the call.
Owner: Greg Whitehead
#0244: Per 17-Jan con-call: Tom W. to send out a suggestion for
shoring up the conformance language to clear up the
Owner: Thomas Wisniewski
#0238: Plan for red-line versions of SAML 2.0
Owner: Eve Maler
Per 8-Nov con-call: Eve-supposed to research on whether this was OK,
she thinks OASIS said yes. CYA notification as to non-normative vs
normative. Just haven't found the time. Keep my name on AI with speed
caveat. Scott- I will help (if necessary)
#0242: Recommended text for SAML Attr Sharing Profile
Owner: Rob Philpott
#0230: SAML Conformance SSL/TLS requirements
Owner: Eric Tiffany
Eric is concerned because implementation will be able to run over TLS,
but spec actually says you must implement TLS.
#0240: Status of SAML 2.0 submission to ITU T
Owner: Olivier Dubuisson
Per 17-Jan-06 con-call:
Abbie has asked Eve for help filling out a form having to do with
Liberty's PAOS spec, on which SAML depends. She will probably delegate
Per 18-Jan email: Reassigned to Olivier Dubuisson
Olivier (and Abbie) - working the issue w/ITU-T. Olivier will just
need help from Eve in working the Liberty mgmt board.
Paul Madsen e:paulmadsen @ ntt-at.com