[dix] DRAFT: WAE BOF minutes

Sat, 15 Jul 2006 10:38:28 -0700

The meeting started off with the usual agenda review. Agenda was accepted as proposed. 

The first item was Terminology.
Reading assignment: read RFC 2828
        Internet Security Glossary
        http://www.ietf.org/rfc/rfc2828.txt
Other Glossaries mentioned:
        Internet Security Glossary, Version 2
        http://www.ietf.org/internet-drafts/draft-shirey-secgloss-v2-04.txt

        SAMLv2: Glossary
        http://docs.oasis-open.org/security/saml/v2.0/saml-glossary-2.0-os.pdf

        "identity gang" lexicon
        http://identitygang.org/Lexicon


The next item was Problems we want to solve (see agenda)
A few things were added:
        - whitelisting
        - claim minimality
        - proof of server identity

Sam Hartman made his presentation, there were a few questions.

There was then discussion on Problems we want to solve.
****** edit here -- right title? same as before

Additional problems
        non-browsing HTTP support
        support for existing infrastructure
        Cross Application Credential (XAC)

Grouping of problems was then started.
Dick Hardt's slide was presented.

Ekr proposed grouping the problem up as:

EKR1: fix http auth
        - anti-phishing
        - passwords and other

EKR2: cross-site identity, Eliot's dad, SSO

EKR3: Claim & Attribute Transferral

More detailed discussion on each problem then ensued:

EKR1: Fix HTTP Auth
AD questions to audience concluded with:
        - Liaise w/ W3C on GUI
        - Liaise w/ APWG
        - Layer / Arch TBD
        - can stand alone, but coordinate w/ EKR2 and EKR3
        EKR1 does not require EKR2

EKR2: cross-site identifier
(Eliot's dad problem was broken off to be EKR4)
        - raw assertions of identity are easier to trust than attributes
        - name subordination
        - existing technology, but glue work
        Question: Is there glue work to be done by the IETF?
- no one thinks there is no glue work, 15 think there is, 15 are not sure 
        12 ok on work if EKR1 not happening,

EKR3:Claim & Attribute Transferral
        - existing claims and syntaxes may be used
        - binds attribute assertions to underlying communication
        - not limited to HTTP
        Question: Is there glue work to be done here by the IETF?
        12 support, a couple object

EKR4:
        - eliot's dad problem
        part of EKR1 & EKR 2
Discussion if EKR1 and EKR2 required different BOFs at next IETF meeting. Clearly different drafts would be required. Best to combine group working on them. 

Meeting concluded 15 minutes late.



_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix

Reply via email to