Call Oct 20 2009

0) Attending

Paul Madsen
Mark Anderson
Tatsuki Sakushima
Eve Maler
George Fletcher
John Bradley
Scott Cantor
John Tolbert
Ari Kermaier

1) Approval of minutes from last call

     http://kantarainitiative.org/confluence/display/concordia/Call+Oct+6+2009
Mark moves to approve. Eve seconds. Minutes approved

2) Quorum situation (Joni)

    http://kantarainitiative.org/confluence/display/concordia/Participant+Roster
following quorum exercise, number voting members is 11, so quorum is 5

3) Co-chair status (Joni)

    - vote for approving NRI's Tatsuki Sakushima underway
Motion opened yesterday, actually got the necessary ballots immediately, 6 in favour. Ballot stays open till end of week

4) LOA survey (Paul)

    - current status
Paul has an AI to compose an email letter to those previously identified interview ccandidates asking them to perform the draft survey and give feedback

5) Authz survey (John T)

    - http://kantarainitiative.org/confluence/display/concordia/Authorization+survey+draft
    - current status
    - next steps
John: Seems to have stabilizied, little input since a week ago. Fairly happy with it in current form, would be happy to have it released
Eve: audiences are different, but may create confusion
Ari: has another candidate for assurance survey
John: has an AI to work with staff to create the authz survey on SurveyMonkey

6) SAML/OpenID proxying assurance guideline

Hoping for some list discussion

7) Possible new work items

    - SAML/OAuth hybrid (Paul)
    - Metadata (Scott?)
Scott: metadata work percolating behind the scenes. XRD entering CD, pieces firming up. Some prototyping being done, MSFT on its HTML Object
Does have a couple of docs either submitted to OASIS or within his project about using existing SAML metadata mechanisms to restrict OpenID RPs in order to
Same thing done for Infocard.
George: so a RP whitelist wouldnt be sufficient?
Scott: thats what it would be. SSL infrastructure is meaningless
Paul: can Concordia contribute?
Scott: probably not. Perhaps if the conversations happening back-channel need to be firmed up in the future.....
    - whitelisting? (linked to above?)
yes
    - others?

8) AOB

Brett & I have reached out to Don Schmidt about a webinar on WS-Fed's adoption of SAML metadata. No response yet