Call Nov 17 2009

Roll

Paul Madsen
Tatsuki Sakushima
Patrick Curry
Mark Anderson
John Tolbert
Joni Brennan
Ari Kermair
Scott Cantor
Eve Maler
Jonas Hogberg
RL Bob Morgan
John Bradley

Approval of minutes from last call

http://kantarainitiative.org/confluence/display/concordia/Call+Oct+20+2009
Eve moves, Mark Anderson seconds

 LOA survey (Paul)

    - current draft http://www.surveymonkey.com/s.aspx?sm=7l4_2fBoAF3NLUwxYl6QyK3Q_3d_3d
    - under external review
Patrick Curry points out other assurance work, asks how does the survey relate.
Eve clarifies the goal of the survey, ie requirements for attribute assurance. How does an RP
 acquire confidence in outsourced attributes
Patrick is interested in attribute quality. Reference to the Tao of Attributes workshop
John Bradley refers to the ISO work that may/may not replace 800 63.

Authz survey (John T)

- current draft http://www.surveymonkey.com/s.aspx?sm=WqB7vvXYH2hGMkCCVO_2fudg_3d_3d (pwd k4nt474)
- ready to go live?
Patrick Curry proposes some changes to the survey, will work with John Tolbert and we can then move to publish
4) Event planning
   - Aim for a workshop associated with industry event?
   - RSA in March 2010?
   - What focus?
AI: Paul to talk to Britta about RSA possibilities

SAML & OAuth 'hybrid'

- as discussed at IIW
- http://paulmadsen.posterous.com/saml-and-oauth-hybrid
- interest from Concordia on next steps?
Ari, Eve interested.
WRAP may muddies water, Eve believes that such a hybrid could influence the WRAP/OAuth discussions. Bob agrees
Eve refers to Bob's email to the OAuth list on STS.
AI: Paul to check deck for possible typos that Scott believes might be there

SAML/OpenID proxying assurance guideline

- current draft http://bit.ly/1hkB63
- still needs review...
Paul begs for rev iew