Call - Jan 07 2010
Roll
Conor, Scott, Paul, George Inman, Hubert, Phil, Prateek, David
Approve minutes from Dec 10 call
http://kantarainitiative.org/confluence/display/idwsf/Call+-+December+10+-+2009
Hubert motions, Paul seconds
WSF DS enhancement requests
- David Chadwick
http://kantarainitiative.org/pipermail/wg-idwsf/2010-January/000041.html
http://kantarainitiative.org/pipermail/wg-idwsf/2010-January/000043.html
David takes us through protocol sequence diagrams
4a) David's first req is that the IDP can return separable tokens. Conor points out that there are mechanisms to allow this.
Scott points out there are performance issues for all the separate signing
Paul - is this SSTC issue?
4b) next issue is
a boolean flag on the DS Query to allow the SP to indicate aggregation prefs.
4c) wants to be able to combine a ds Query and an AttributeQuery
Next steps
i) boolean is an attribute, warrants some sort of spec
ii) best practices for compartmentalizing tokens - discussion in SSTC
iii) how to combine messages? issue remains
Scott proposes new protocol preferable
Submission of WSF pieces to SSTC
- Phil and/or Prateek
Prateek situation is that Oracle is boradly interested in attribute flows, Phil working on IGF, acquistion of id data distinct from authentication. One gap in SAML is that propogating attributes is undefined. Thus interest in Nokia-Siemens. Thats where the discussions in SSTC tocuhed on WSF.
Phil, ultimate requriement is to be able to update attributes. What parts of WSF are relevant?
Should SAML be a full read/write spec?
Prateek, one piece of discussion was Scott's suggestion that this work happen in a separate group (within SSTC) .
Scott has hard time to believe that its relevant to move on this until vendors participate/commit. Contends very few vendors participate in SSTC
Scott & Phil agree that original N/S proposal was too simple.
Same barriers to adoption that WSF has faced would confront a subset of WSF. DOes moving into OASIS address.
Scott points out that if you build something WSF-like, you may step on IPR & open up cans o worms. Need 100% clarity over IP issues- same situation as SAML as in, with non-assertion covenants etc
If there are problems that WSF addresses, things (IP etc) are much simpler if you build on WSF specs as they stand rather than trying to submit it to OASIS etc
Prateek suggests that he and Phil need to go off and do some homework. May be a while. Suggests that cloud emergence will make this relevant.
AOB
Next call Jan 21