July 31, 2014 Meeting Page

From IDESG Wiki
Jump to navigation Jump to search

SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES

Meeting Date: July 31, 2014

Attendees

  • Adam Madlin
  • Adam Migus
  • Ann Racuya-Robbins
  • Cathy Tilton
  • Christopher Spottiswoode
  • Jerry Kickenson
  • Joe Stuntz
  • Martin Smith
  • Mike Garcia
  • Paul Grassi
  • Rick O'brien
  • Robert Faron
  • Ryan Galluzzo
  • Sean Brooks
  • Steve Orrin


Meeting Notes

  • Notes taken by Adam Migus
  1. Roll call; Quorum determination
  2. IPR policy reminder - https://www.idecosystem.org/system/files/filedepot/103/IDESG%20IPR%20Policy.pdf
  3. Administrative
    • Last week’s minutes were approved
    • Adam Madlin reminded everyone of the election and urged everyone to vote
    • Adam Madlin talked about the upcoming plenary September 17- 19 in Tampa, FL
      • The planning committee meets weekly to design and carry out a productive, worthwhile plenary and that planning process is going well,
      • This plenary will be focused more on committee work.
  4. Functional Model
    • Adam Madlin updated everyone on the background work he’s doing to finalize the Functional Model:
      • Kim Little has asked for committees to submit deliverables that will be ready in time for the plenary and Adam Madlin expressed a desire to make the Functional Model one of those deliverables
      • To that end, Adam reached out to the Privacy Committee who’s approval is a necessary prerequisite for submission of the Functional Model to the Plenary. He confirmed that if we get it to them 1 week (2 at the latest) then they can review it in time.
    • Review of the Functional Model document
      • Adam Madlin confirmed with Ryan that the record of comments and changes including disposition is being tracked inline in the document
      • Martin initiated a discussion about the CSP role in Table 2.
        • He suggested that run-time authentication may be considered separate from the CSP role so perhaps there should be another, separate row for “authentication provider.”
        • After some debate, Ryan suggested that a row be added
        • Adam Madlin added the row with a comment denoting that further review is pending.
      • Cathy expressed concern about the CSP role as it relates to the RP role. Specifically that in some cases RPs will do various functions included in the CSP role.
        • Debate was had about the table, the columns and how they should be interpreted:
          • A service provider can hold more than one role
          • The functions column contains all functions a role '’could’’ perform as opposed to the functions it ‘’must’’ perform
        • That debate spawned another one about whether the RP does authorization. We agreed that it generally does today but that may change as the ecosystem evolves.
        • As a result of the above we added the “Attribute Binding” function to the functions column of the RP role.
      • We ran out of time but everyone agreed to stay an extra 10 minutes to get through some of the remaining items that were thought to be less likely to provoke debate.
        • We went through and completed the rest of the document (Woot!)
        • We discussed finalizing the document and whether another meeting was even warranted.
          • Adam Migus asked that he be given some time to think through Table 2 in light of this discussion.
          • Adam Madlin suggested that remaining comments and edits could be done off-line so that we could seek committee approval next week
          • Mike asked if Adam Migus could provide comments before next week with enough lead time for he and Ryan to incorporate them into the document; Adam Migus agreed to submit all feedback by Tuesday.


Actions

  • Ryan will clean up the Functional Model document as well as add something to the preamble for Table 2 that helps the reader understand how to interpret it.
  • Adam Migus to provide comments and/or suggested changes (if any) based on today’s discussion of Table 2, by Tuesday.



Quick Links: Security Committee | Functional Model | Security Committee Meeting Notes | Security Committee Content