
Attendance:
Frank Siebenlist
Von Welch
Bob Cowles
Markus Lorch
Tony Genovese
Takuya Mori
Lavanya Ramakrishnan
Rebekah Lepro
Mary Thompson
Andrew McNab

Proposed agenda:

 * There has been good discussion on the attributes document. I'd like to
ask Mary to give an overview of what's been done and what the
outstanding issues are.

 * I just posted a Requirements and SAML profile document. I'll give a
*brief* overview of both and discussion open issues with SAML profile
document.

 * Status on policy document. Frank?

 * What, if anything, should we do before offical submission to GGF
editor tomorrow?

 * What to do before GGF?


Minutes:

VW: Agenda bashing - no additions

MT: New version of attributes document last night

 Two pieces to attribute - name/value & possibly condition
 Assertion - signature, "eveloping"

 Push vs pull model
 Don't need envelope for if they are stored in trusted repository

RL: two uses of attributes in XCAML, in policy and in context
 Doesn't specify how attributes get into context

MT: Need both models (push and pull)
 Haven't talked about revocation

VW: Agree we don't need both models

MT: Push model more complicated
 Issues:
  Where to put conditions?
  Do we need typed attributes? How to type them?
  Who needs to know what?
  Namespaces - seems logical but complicates things?
 
RL: Rest of world is not as far as long with attr. asseerions as they
are with e.g authn

MT: Should organize issues from mail

RL: Also have SAML email archived

MT and RL will come up with a summary of comments from OGSA-autz and SAML mailing lists on the issues and post it on GridForge before GGF9

FS: Should we look at XACML more closely since it is meant for authz

Discussion of how to use GridForge

ML: Conditions on attributes and attribute container?

RL: Validitiy and conditions - would like to discuss at GGF.

MT: Take Olle's words from email and put into document.

In summary will come up with list of issues.

VW:
Issues with authz service:

Simple response request: Relies on RespondWith
Authz Service State: relies on respondwith, uses cookie.
Conditions and Authz assertions: per assertion or per statement
SAML 1.1 update

Issues with requirements:

None known

VW: Requirements is the generic version and SAML profile is
SAML-specific - could use discussion about relationship between the
two.

FS: Won't have any policy documents today. Will lead discussion at
GGF9 to get ball rolling.

VW: Should save bulk of time at GGF9 for existing documents.

Need to figure out what/if anything we need to do with posting these
documents for GGF - VW will take on.

End meeting.