WG-FI Minutes 20171026

Owned by
Former user (Deleted)
Last updated: Oct 27, 2017

Kantara WG-FI minutes 2017-10-26

Attending: Nick Roy, Walter Hoehn (co-chair), Denis from CA, Scott Cantor, Colin Wallis (Kantara)

Voting members:

John Bradley

Scott Cantor

Rainer Hoerbe

Walter Hoehn

Nick Roy

Keith Wessel

4 of 6 needed for quorum

  1. Approval of minutes from 2017-10-12 meeting

    1. AI: Nick seek approval of minutes via email to list

  2. Disposition of comments

    1. (We can vote this out of committee via e-ballot)

    2. Reminder: it will have to have a re-consultation because of changes we’ve made based on the comments

    3. Ref#1 - OK as-is

    4. Ref#2 - Scott is of two minds:

      1. It is a requirement that people read references

      2. We never explicitly required support for blacklisting.  If you’re going to do negotiation, you have to support blacklisting.  SAML doesn’t allow null algorithms, but if you don’t have blacklisting there is the risk of being negotiating down to an algorithm you don’t want to support.  Scott believes that is something we have to say something about.

        1. AI: Scott to propose text, will look at surrounding text a bit too.  Will not duplicate the security considerations part of the referenced spec.

    5. Ref#3 - OK as-is, we will not modify the profile for the sake of making things easier for any specific vendor.  Not necessarily clear that this was the ask, but this was our interpretation.

      1. AI: Walter: add in a note that we are aware that many commercial products don’t support ECP or SLO, but their lack of support for multilateral federation goes well beyond this problem. [DONE]

    6. Ref#4 - OK as-is

    7. Ref#5 - OK as-is - we will lock it to a specific draft of MDQ

    8. Ref#6 - Will be part of Scott’s work on Ref#2  AI: Walter add commit link when available

    9. Ref#7 - OK as-is

    10. Ref#7 - OK as-is

    11. Ref#8 - OK as-is

    12. Ref#9 - OK as-is

    13. Once #2 is done, we will vote by e-ballot on the feedback/changes out of committee - then let staff know to do a comment period / publish the disposition of the comments.

    14. XML encryption 1.1 is not the right link

      1. AI: Scott will clean up

  3. Question from InCommon Deployment Profile WG about document identifier and version for saml2int

    1. There was a document ID on the pre-Kantara version of the document

    2. Do we need to put a version number on this, and if so, should it just be version 1.0?

    3. Is there a document identifier we need to use?

      1. Yes to both questions.  Andrew Hughes can help us with this.  Will need it for the implementation profile, too.

      2. AI: Walter: Slap a ‘1.0’ on the end of the implementation profile

  4. Discussion of IIP-MD10

    1. AI: Scott going to redo this

  5. Any other business?