Concordia telecon 6 May 2008
From Project Concordia
Contents |
Attending
Eve Maler, Britta Glade, Brett McDowell, Mike Jones, Patrick Harding, Charles Andres, Anil John, Paul Madsen, Jeff Hodges, Colin Wallis, Bill Washburn, Scott Cantor, Bill Young (in listen-only mode)
Meeting logistics
Does it impose too much built-in discontinuity to switch hours every other time? Or is it the best way to give people maximum chance of exposure? Mike suggests just splitting the difference and doing a 10:30-11:30am PT call (1-hour only, since a 2-hour meeting is too much), so that we have some quasi-overlap. People on the call liked this compromise. This is the time for our upcoming telecon on May 20.
IIW session thoughts/planning
People attending IIW who are on the call: everyone except for Patrick, Colin, and Anil.
We agreed that it's a good idea to offer one or more sessions. Some ideas:
- A mini-workshop to continue to collect data from technology users as we work to select new scenarios -- Eve is willing to propose a session on this, with Tuesday morning being the preferred timeslot [UPDATE: Eve ran a session on the Wednesday and will provide notes soon]
- A "nexus" conversation among Concordia and OSIS participants to figure out synergies -- note that OSIS is having a Tuesday-afternoon intensive working session to review all the test cases, so this is either a good time for Concordia folks to contribute use cases there, or a bad time to interrupt core OSIS work that may not overlap with core Concordia work!
Update on policy management workshop
Britta reports, for Roger, that she's added a wiki page on Catalyst workshop details:
Tuesday, June 24, 1-5pm [UPDATE: This was changed by Burton Group to MONDAY!] http://projectconcordia.org/index.php/Centralized_Policy_Management_workshop_register
Gerry Gebel of Burton Group has been very supportive of this effort. IBM and BEA have, so far, indicated interest in contributing use cases. There's a press release in the works shortly to advertise the workshop.
Status on Scenario 1 profiling for SSTC
Scott and Jeff estimate that June is the likely timeframe for drafting the specs here. SSTC would see it soon thereafter. Scott would want to write a "SAML2 Token Profile for InfoCard" before any of his own code ships, but that isn't for a while yet.
Update on "managed card proxying" research
Mike observes that there's nothing preventing identity selectors from doing this kind of "proxying"; CardSpace V1 hasn't implemented it but he thinks Higgins may have. CardSpace V1 has, however, implemented the model of a self-issued (not managed) card that lets you prove that you're the owner of a managed card.
OpenID PAPE/SAML as a scenario
Paul observed on the list recently that NTT is doing stuff with OpenID in Japan, including the PAPE stuff. Given that the SAML world deals inconsistently with how to encode authentication methods and levels of assurance (authn context data structure vs. "generic" attributes), what sort of coordination can/should be effected?
Mike is convening the new PAPE WG soon in the OpenID Foundation. He notes that the scope of the effort is very narrow and the schedule should be very quick. The method just a way to pass URIs, without a standard for their values. This is pretty copacetic with the SAML deployment practice of using (at the most) authentication context class references that are URIs themselves. If we can agree on that, then the SAML-side discussion still needs to figure out whether carrying this as a generic attribute vs. as a context class ref is a better idea, but the various communities could proceed to discussing a unioned list of "URIs to support". In general, the same URI is used as input to say "please provide this kind of authn" and as output to say "here's the kind of authn I did".
PAPE's current URIs are rooted in openid.net. This is unlikely to change because of the commitment to try and avoid backwards incompatibilities, but Patrick asks for URIs to be protocol-agnostic to the extent possible.
ID-WSF bootstrapping scenarios from OpenID and InfoCard
Paul notes that OpenLiberty.org has OpenID-to-ID-WSF working now! We'll defer a larger conversation about this "scenario bucket" till our next call (or next week at IIW).
