dss message

Subject: DSS-TC 23 February 2004 meeting minutes

From: Krishna Yellepeddy <kyellepe@us.ibm.com>
To: "OASIS DSS TC" <dss@lists.oasis-open.org>
Date: Tue, 24 Feb 2004 10:15:53 -0600

MEETING MINUTES FOR DSS Telephone conference
Date:   Monday, 23 February 2004
Time:   12:00 pm - 01:00pm Eastern Time

Attendees:
Voting Members:
John Messing
Pieter Kasselman
Michael McIntosh
Anthony Nadalin
Krishna Yellepeddy
Juan Carlos Cruellas
Trevor Perrin
Nick Pope
John Ross
Frederick Hirsch
David Finkelstein
Dimitri Andivahis
Ed Shallow

Prospective member:
Paul Madsen

Agenda:
1 Welcome by chair (Nick Pope)

2. Confirm Minutes Secretary (Krishna Yellepeddy)
Confirmed.

3. Roll Call.
Quorum achieved ( 13 voting members, 11 needed)

4. Approval of Agenda
No discussion

5. Approval of Minutes of DSS TC conference call:
- 12 January 2004    - Approved
- 26 January 2004 - Approved
- 9 Feb 2004 - Approved

6. Review of outstanding actions (see below)
03-12-15-3 - Paul Madsen policy-wise server profile: how to use DSS
protocol when all hash mechanism, etc., issues are handled by
server. Paul to send a note to the list
Paul - have sent a draft profile to the list.   Item closed.

04-02-07-1 - Trevor to raise issue on list: of one server might support more than
one timestamping mechanism on list.


Discussion about profile identifier being included in main structure of requests.
. Like not to see it as
a mandatory element, but as an optional element. Agreement to make mandatory
for server to recognize this element, but optional for client to include in protocol .

   Item closed.

04-02-07-2 - All to review bindings and let TC know if agree with SOAP Message
Security binding is needed

We have HTTP binding, do we need SOAP binding ?
   ACTION 04-02-23-1 - Trevor to take description of SOAP binding from another protocol defined
by OASIS ( e.g. SAML),   and add this to DSS core document with the editorial note that additional/special attention needed for this.

Additional item not in minutes
04-02-07-3 - Nick to raise with Juan Carlos use of QNames Property Identifiers

Juan - Agreement among members for use of URI instead of QName for identifying properties.
Trevor - Not a good idea to put a DSS related URI in other namespaces.
Nick - Persons writing profile use their judgement to decide whether to use own URI
  or URI existing in other namespace.


7. Discussion on profiles

7.1 Nomination of the coordinator
- Agreement to appoint Trevor Perrin as technical coordinator requires formal
confirmation

   CONFIRMED.

7.2 Report on the status of the work for each of the profiles.
-Time-stamp

Trevor - if we have a generic profile that supports any time stamp and have
a specific profile   with a specific timestamp definition, which time stamp
elements do clients and servers use ?

ACTION 04-02-23-2 - Trevor to put in wording for handling this in Time Stamp profile

- Code-signing
   Pieter expects to look at this in the next 2 weeks. Continue discussion at future
meetings.

- EPM
   Ed - A few issues to settle before this profile can be completed. Issues: are
   timestamps concrete or abstract and how we inherit from multiple profiles
Can we de-scope the profile and say we'll expand it later ?

Final conclusion was to de-scope - write a base line EPM profile with a couple
of inputs and outputs and release this basic profile. Work over the summer to
release the rest.

- WSsecurity
Frederick: This should come out after the more foundational ones.
   Tony: WSS defines a SOAP profile, SAML defines a SOAP profile.   We need to look
   at both.

- XAdES
   Juan Carlos - posted discussion document to the list with scope, requirements and
   whole life cycle of XAdES digital signatures.
Nick - how far from XAdES profile being available ?
Juan Carlos - end of March, early April for first round.

ACTION  04-02-23-3 - Juan Carlos, Nick, Ed to discuss feasibility of protocol that supports both
ASN.1 and XML and report at next meeting.

- German Signature Law
This profile not expected in first round.

   ACTION  04-02-23-3 - Nick to get an idea of timetable from Andreas Kuehne

- Policy wise server

   ACTION  04-02-23-4 - on all. See how this profiles fits in with other profiles.

- Entity seal
John Messing - Entity seal is much broader than Judicial Signing.
   Nick - worth mentioning Notarial profile
       John Messing - The use of a DSS eNotary profile is to be discussed at the next eNotaries TC.

- Judicial signing
See comments on entity seal.

7.3 Coordination document report on status
         Trevor reported that no this document was currently a collection of the profile outlines.

8. Report on status of Core document.
   We made core document available by end of 2003, as per schedule. Aiming for first set of profiles
by end of March/April.
Frederick - let's aim for an Oasis committee draft before starting the formal process for
standardization. You can have more than one committee draft.

We had agreement on the goal of preparing a committee draft of Core document and timestamp profile
   by end of March. Profiles for code signing, EPM, XAdES, Entity seal a month or so later.

9 Work plan
Note: In the F2F last summer we had aimed to have the first set of profiles ready

for end March. When can initial drafts be expected? A couple of months are probably needed to polish off these drafts.

   See 8. above

10. Approval and implementation plans

Note: The rules for approval of an OASIS standard is that: "Certification by at least three OASIS member organizations that they are successfully using the specification consistently with the OASIS IPR Policy;"
How would this be applied to DSS?

Will discuss this in next meeting.

11. Any other business
None

12. Confirm next conference call: 8th March 04

   CONFIRMED

Close

Regards,
Krishna