Child pages
  • September 27, 2013
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

AD-Assurance Notes from September 27

Michael Brogan, UW
Jeff Capehart, UFL
Eric Goodman, UCOP
Mark Rank, UCSF
Ron Thielen, U Chicago
David Walker, Internet2/InCommon

Next Call

October 4 at Noon ET 
+1-734-615-7474 PREFERRED
+1-866-411-0013

0195240#

Agenda:

  • Finalization of the 2013 Cookbook for public review.

Notes

  • Action Items
    • Eric will edit the Cookbook this weekend to reflect today's discussion. This will be the version that is distributed on Monday if there are no comments.
    • Every should review Eric's edits Sunday evening or by noon EDT on Monday.
    • Ann will forward the document for review Monday afternoon EDT.
  • 4.2.3.6.3 addresses non-IdP applications, in particular many MS applications.  We'll mention them in our interpretation but not provide mitigation or management assertions, as they're out of scope of AD DS.
  • Authentication Secret, Authentication Credential and IdP will be added to the Glossary.
  • Text that has been lined out will be removed.
  • The interpretation for IAP 4.2.3.6.1 between sections 3.1 (protection at rest) and 3.2 (protection in transit)
  • When we don't say how to do something, we'll say that we don't know how (and add to MS questions).
  • Change "Compensating Controls and Alternate Means Statements" to "Management Controls"
  • Remove SHA1 references, except at beginning.  Refer from there to current NIST draft.
  • Note: The list of issues above may not align completely with Eric's notes.  Eric's notes will be authoritative as he does this weekend's editing.
  • No labels