Concordia telecon 11 Mar 2008
From Project Concordia
Contents |
Attendance
Eve Maler (Sun), Scott Cantor (Internet2), Damien Carru and Ari Kermaier (Oracle), Shivaram Mysore (TrustStix), Vijay Sitam (FuGen), Allen Schaaf (PKMI TC), Bill Washburn (OIDF)
Technical interop needs
Scenario 1 (1a, 1b)
Scott has what he needs to put his endpoints up, other than the specifics of assertion contents (e.g., are we simulating a particular vertical?) so that people can put together attractive little demos. For simplicity, let's stick to only the claims that are part of the set of self-asserted card claims, using the URLs they are labeled with (even if there are other standard ways to label them, e.g. with SAML2 attribute profiles etc.).
AI: Scott to send brief proposal about using a couple of common name attributes to the list; Mike (in absentia!) to confirm what the appropriate URLs are for the self-asserted-claim attribute formats.
Scott believes we agreed already just to exchange certificates and metadata manually.
Scenario 2
We don't have a documented flow on this one yet, although we do have a few interop participants -- and more could follow if this gets clarified. If we do SP-initiated flows, we should use Pat's suggestion of wauth (vs. Paul's suggestion of WS-SecurityPolicy). We're dependent on Mike J. to flesh this out. So far, apart from the new testing of SAML2 with WS-Fed, it seems like a fairly trivial scenario since no one has alerted us to any deployed usage where, e.g., SAML2 features not appearing in WS-Fed are "tunneled" in WS-Fed extensions.
Logistics
Santa Clara get-together
We think some people will be getting together on Thursday and/or Friday while in Santa Clara; we ask them to advertise this, and a call-in number if possible, to the list!
Next call
We'll meet next week on March 18. Eve can't join the call; Scott will run it. The purpose will be to coordinate endpoint testing.
Collateral/handouts and USB sticks
We don't have a lot of time to put anything printed together. Eve will plan for a selection of the presentation slides to to be printed as a one-pager. Will we have signage on the individual tables?
AI: Eve to ask Dervla about table signage.
Ari speaks in favor of the USB stick idea, so as to avoid lots of printed materials (though Eve points out the manufacturing costs of all those USB sticks!). A one-pager, printed sparingly, would probably be most sensible -- plus advertising the Concordia URL to get more info, open source links, etc.
Deployer involvement
Eve notes that some General Motors folks will be getting involved both in the RSA workshop presentation and on an ongoing basis to help coordinate further deployer input/feedback, and to give us a "report card" on what we've done so far.
