Attendants:

Mark Miller (E Rights), Chair - keen on capabilities.

Ann, Sun - Interested in privacy, profiling, and mutual authentication (service to client as well).

?Drummond Reed, ?OneName? - his company addresses persistent identy, profiling, and privacy?

Joseph Reagle, W3C - involved with XML Signature and Encryption

?Jags Ranmaryn?

Roger Cutler - interested in the big picture, what are xmldsig, xenc, xkms, saml, etc?

?Bob Condor, Boeing?

Andrew Layman, MS - working on Web Services at MS, proposes this group come up with a shopping list of security features

POLA - principle of least authority (don't permit anything that isn't necessary to that which has to be permitted)

Single Sign-on - lots of demand for only having to authenticating oneself once.

Transitive/delegated security - if I delegate a service to another part, and they take some action on my behalf, how can I be sure they'll do the right thing, or can I later confirm that they did? (pre/post). For example, if I tell someone to tow my car, how can I be sure they really tow my car and not one that looks like it.

Integrity (XML Signature)

Confidentiality (XML Encryption)

Identity versus Identifiers - avoid global UIDs

Application Scenario - focussing on relationships between known B2B parties, or anonymous parties discovering each other through directories?

What is different about this (and the Web) than anything else that has done before: (discussion wanders off into peoples' quibbles with Kerberos, DCE, etc.)

1. Since we're using XML, it's a bit more transparent
2. We can't assume any closed word properties or coherence, it's decentralized
3. Delegation (services will call on other services)

Conclusion: the activity should address security where

1. the parties know each other
2. the parties don't know each other
3. ?

See the 5 conclusions that came out of the discussion.