CCOW MeetingMinutes

Tuesday, October5, 2010

Attendees:

Name / Affiliation / E-mail Address / Quarter
Alex de Jong / Siemens / alex.dejong @siemens.com / X
David Fusari / Microsoft / / X / X / X / X
John Moehrke / GE / / X
Michael Russell / DukeUniversity / / X / X / X
Kevin Seegmiller / Carefx / / X / X / X / X
David Staggs / VA (SAIC) / / X / X / X / X
HisaoYoshimura / Japan / Hisao_Yoshimura @mb2.nkc.co.jp / X

Quarter 1-4.

Meeting called to order.

Introductions

Agenda

  • Administrative issues
  • Support of SAML Assertions in CCOW ballot reconciliation
  • Discussion on future projects

I. Administrative Issues:

Points discussed:

Discussion of attendance at the next Working Group Meeting (WGM) scheduled for January 9-14, 2011 in Sydney, Australia. No one at the meeting or on the listserve has been able to secure funding for travel to Australia. Therefore, Co-Chair attending the Steering Committee meeting shall report the TC will not hold a meeting in Australia.

Guidelines for meeting minutes

  • Attendance
  • Points discussed
  • Issues resolved
  • Meeting handouts
  • Follow-up items & assignments
  • Schedules for the next meeting

II. Ballot Reconciliation:

Points discussed:

Support of SAML Assertions in CCOW

CCOW support of SAML Assertions (HL7 project number 206)

Ballot results:

Affirmative / Negative / Abstain / Not Voted
68 / 0 / 38 / 6
60.71% / 0.00% / 33.93% / 5.36%

We have quorum and received no negative ballots. Therefore the ballot has passed. [Note request for a new ballot based on reconciliation made below.]

Four comments were submitted (one empty) and were reviewed. The results of the reconciliation will be combined and posted to the ballot page.

Link to reconciled ballot comments:

Detailed discussion

1. The TC reviewed comments made during the ballot. Specifically, on the Technology and Subject-Independent Component Architecture document:

Section 9.11.7 the final paragraph was re-written because the content on context changing was covered in other sections of the document. TC members discussed the wording that implied the context manager would set the user ID into context after decoding the base-64 token. The standard only allows the Authenticating Application to set the user ID into context, so the wording of the section was clarified and Interaction Diagram 1”Sequence Diagram of Authentication Using a SAML Assertion” was updated to reflect the new wording. It is expected that the context manager would still need to decode the base-64 token in order to perform the validity tests.

The TC members discussed the return of a requested token by the Context Manager that does not pass the validation tests:

A SAML token stored in context can be included in the context items returned with the user subject if the participant has used a secure bind and it is listed in the audience field of the token. However, if the token has timed out and was not refreshed by the authenticating application, the token would not be included.

The TC members discussed the steps used when authenticating with a SAML assertion:

Section 14.8.1 included text describing how the user identity is set into context and whether the saving of the SAML token is under local configuration. The section was rewritten to clarify the process.

The remaining comments on the document were discussed and noted in the spreadsheet.

2. The TC then reviewed comments made on the Subject Data Definitions document:

The TC members discussed the role of the authenticating application, the context manager, and the mapping agent.

Section 2.3.1 was changed slightly to reflect the discussion based on the submitted comments. The token is validated by the context manager. The authenticating application sets the user into context. Based on the discussion, the option of allowing the authenticating application to logout was added if the token has expired.

3. Because of the changes, especially to the Interaction Diagram 1”Sequence Diagram of Authentication Using a SAML Assertion,” Mike Russell suggested that the standard be re-balloted even though it received the votes required for passage.

MOTION: That the balloted documents under review be updated based on the comments submitted then re-submitted for re-ballot during the next ballot cycle. (Michael Russell) Second. (David Fusari)

Motion PASSED.

David Staggs was given the task to work with the HL7 staff to re-ballot the standard after making the changed discussed at the meeting.

III. Future Projects:

Points discussed:

Possible future projects were solicited by David Fusari

The TC members discussed two possible future projects that would be helpful to the CCOW community:

Use of CCOW with web applications. David Fusari suggested the TC examine the process flow associated with using CCOW with web applications. This project was considered earlier by the TC. Now would be a better time to review the effort since the use of web applications has matured.

Use of CCOW with SOAP. A second project was suggested involving the use of CCOW with the simple object application protocol (SOAP). The effort would describe a SOAP binding and include text to describe the interaction.

Both projects were considered useful and will be discussed before the next meeting.

There being no additional work for the TC, a motion to adjourn was made by David Fusari and seconded by Kevin Seegmiller.

Meeting adjourned.