Kantara FIWG Teleconference
Date and Time
- Date: 20, December, 2012
- Time: 13:00 PT |16:00 ET
Attendees
- John Bradley, Ping Identity
- Nate Klingstein, Internet 2
- Scott Cantor, Internet 2
- Rainer Hoerbe, KisMed Austria
- Leif Johansson, NORDUnet
- Colin Wallis, Internal Affairs Dept, NZ Government
Apologies
Agenda
- Administrative - roll call
- FEDLab SAML tests update
- UK Gov Profile
- eGov 2 Profile
- SAML 2 Int Profile (Profile updates, wiki page)
- Kantara, OIX and other meta-data aggregator projects
- AOB
Minutes
1. Administrative - roll call
Summary:
- Quorate call
- No previous minutes to approve
2. FEDLab SAML tests update
- This topic opened with Rainer presenting his paper... http://kantarainitiative.org/confluence/download/attachments/41649836/SAML+ProfTest+Concept.pdf . The objective is to create a common super set of (web accessible ) tests, whereby each deployer adds tests to a common repository, and work with FedLab to fill test 'gaps'. The actual test harness itself would restrict access to 'signed up' deployers. All test cases covered: Request/Response, Metadata etc. .[JB: Notes that some vendor products do not automatically import metadata, so have to manually import and refresh. Also that Ping has done work with Box for a connection for SaaS providers, which offers a metadata applet for SP/IDPs supporting Ping Federate]. Austria wants to start with SP/RP's first since it has many SPs with many client apps and only 3 or 4 vendor products covering the 30 or so IDPs. .[SC: As an InCommon IDP all I care about is if they consume InCommon's metatada].[JB: SP piece will take a while to build]. General difficulty with metadata tests is testing 'consumption' - each product will behave differently. [JB: OID Connect tests if the overall exchange works or nor, rather than if it is conformant]. Metadata supplied by SP must be validated/pre-checked as OK before submission to the test harness. [SC: We must have a test for the XML DSig wrapping attack (since SAML Pummel predates it). Austria trying to find funding for this, since it will take hard work to automate.
- Next call consideration: Maybe do a discussion paper to lay out a kind of project plan
- Action: Put Rainer's 'SAML Profile Test Concept' draft paper on the wiki for easier reference (completed on 20th Dec?).
- Action: Put this topic on the list for discussion at the European IIW Vienna meeting, Feb 12/13th
3. UK Gov Profile
Summary:
- List Items
- Bold
- Italicized
4. eGov 2 Profile
- Leif and Colin to reach out to Anil John (GSA) to clarify requirements outlined in recent emails
5. SAML 2 Int Profile
6. Kantara, OIX and other meta-data aggregator projects
7. AOB
- Bullet List
- Second Level Bullet List
Next Meeting
- Date: Thurs 10th, January, 2013
- Time: 13:00 PT | 16:00 ET | (Time Chart)
- Dial-In: +1-218-862-7200
- Code:
NOTE: Do not follow the code with a "#" symbol as it may cause the code not to be recognized.