FIWG Meeting Minutes 2012-01-05

Attendees:

John Bradley
Hank Mauldin
Mary Ruddy
Nate Klingenstein
Scott Cantor

Apologies:
Bob Morgan

Staff:
Anna Ticktin

MINUTES:

1. ADMINISTRATIVE:
    

  • Roll Call---quorum reached
  • Motion of Minutes approval from last call FIWG Meeting Notes 2011-12-08
  • Scott moves to accept the previous meeting minutes as recorded. Hank seconds. Without further discussion or opposition, the motion carries.
  • Bob Morgan has been nominated and has confirmed his willingness to stand as Co-chair of the FIWG with John.
  • Scott moves to elect Bob Morgan as Co-Chair. With no discussion or objection, the motion carries.

2.  SAML2int profile

  • Scott moves to take on this work as an FIWG work item. Hank seconds. With no further discussion or objections, the motion passes.
  • John will circle with Joni to confirm how the FIWG should move forward with future publication of it's SAML2int work.
  • Nate pointed out that the existing profile language requires that assertions MUST be signed. Due to recently discovered vulnerabilities in XML Encryption, best practices have changed since this language was drafted, and the language needs to be modified as well. The tentative recommendation would be to sign the response, optionally encrypt assertions, and optionally sign assertions for situations where the assertion may be forwarded alone, e.g. delegation. John pointed out that for some legal purposes in some countries, signature of an encrypted object is not sufficient for non-repudiation, and as a result, signature of the assertion remains important in that instance as well. The workgroup will discuss this further.
  • John will begin this thread and circulate via the list.

3. Meta-data format for openID Connect

  • The (two) challenges before the FIWG : How do we represent OpenID Connect in SAML meta data and how do we come up with something plausibly acceptable in JASON?

3. AOB

  • None

Adjourned