OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

id-cloud message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Corrected -- MINUTES OASIS IDCloud TC Meeting 05 March 2012

----------------------------------------
DRAFT MINUTES
OASIS IDCloud TC Meeting
05 March 2012, 02:00pm to 03:00pm ET
----------------------------------------

Scribe: Gershon Janssen

1. Roll Call and Agenda Review

Name                  Status
----                  ------
Abbie Barbir          Member
Anil Saldhana         Member
Anthony Nadalin       Member
Brian Marshall        Member
David Kern            Member
David Turner          Member
Dr. Dominique Nguyen  Member
Gershon Janssen       Member
Matthew Rutkowski     Member
Roger Bass            Member
Cathy Tilton          Member

Observers:
None.

Guest speaker:
Mary Ruddy

11 people joined the meeting.

This meeting quorates.

Member status status changes:

Lost voting rights:
None.

Gained voting rights:
None.

Now: 10 voting members in TC.


2. Approval of Minutes

- 6 Feb 2012 Meeting Minutes
http://lists.oasis-open.org/archives/id-cloud/201202/msg00049.html

MOTION:
Abbie moves to approve the 06/Feb minutes.  Anil seconds. No discussion;
motion carries.

- 20 Feb 2012 Meeting Notes
http://lists.oasis-open.org/archives/id-cloud/201203/msg00001.html

MOTION:
Abbie moves to append them to today's meeting notes; Anil seconds. No
discussion; motion carries.


3. Introduction to Oasis Trust Elevation TC and Q&A

Abbie Barbir and Mary Rubby provide an introduction to the Trust Elevation
TC.


4. Comments received on the Use Case document public review 

http://lists.oasis-open.org/archives/id-cloud-comment/201203/threads.html
[Martin Chapman, Oracle]
http://lists.oasis-open.org/archives/id-cloud-comment/201202/threads.html
[Dr.Michael Poulin]

Tony: 
- normative normally referred to as the RFC2119 like normative; we might
need to clarify normative in the context of this document
- the term normative is wanted in these use cases.

Matt:
- I would be in favor of clarifying our use of term normative

Abbie: 
- Clarifying normative to the context of this document; will it not clash
with the formal meaning of normative?
- TAB changed a Committee Note to non-normative; a note will never be
normative

Tony: 
- Normative is used within the context of use case; so how these ought to
work
- Suggestion to put normative explanation in the document in order to
clarify.

Matt:
- the term normative to many people who deal with specs and RFC language is
a loaded term, even though it was used in prose with the plain spoken use
definition it will always be contentious

Abbie: 
Adj.1.normative - relating to or dealing with norms; "normative discipline";
"normative samples"
2.normative - pertaining to giving directives or rules; "prescriptive
grammar is concerned with norms of or rules for correct usage"
prescriptive
grammar - the branch of linguistics that deals with syntax and morphology
(and sometimes also deals with semantics)
abbie: normative [nmtv]
adj
1. implying, creating, or prescribing a norm or standard, as in language
normative grammar
2. expressing value judgments or prescriptions as contrasted with stating
facts normative economics
3. of, relating to, or based on norms
normatively  adv
normativeness  n

Gershon:
- suggests: clarifying normative is fine, but why not stay away from this
word so it's clear to everybody and we do not get into this discussion?

Abbie: 
- replace it with required

Matt: 
- propose to rewrite the section where normative is used.

TC agreed to this.

Tony: 
- another PR or not? a 15 day review should be sufficient.

MOTION:
Abbie moves to address the comments and to proceed to publish a Committee
Note. Dominique seconds. No discussion. Motion carries.


5. Gap Analysis

Insufficient time; agenda item deferred.

6. Issues from JIRA

Insufficient time; agenda item deferred.


7. Adjourn

Meeting adjourned.



APPENDED DRAFT MINUTES

----------------------------------------
OASIS IDCloud TC Meeting
20 February 2012, 02:00pm to 03:00pm ET
----------------------------------------

Scribe: Gershon Janssen

1. Roll Call and Agenda Review

Name              Status
----              ------
Anil Saldhana     Member
Gershon Janssen   Member
Matthew Rutkowski Member
Roger Bass        Member
Dominique Nguyen  Member
Cathy Tilton      Member


Observers:
None.

6 people joined the meeting.

This meeting does not quorate.

Member status status changes:

Lost voting rights:
Brian Marshall
David Turner

Gained voting rights:
Cathy Tilton


Now: 10 voting members in TC.


2. Approval of Minutes

- 06 Feb 2012 Meeting: 
http://www.oasis-open.org/apps/org/workgroup/id-cloud/email/archives/201202/
msg00049.html

Deferred to next meeting as this meeting does not quorate.


3. Gap Analysis Editor's Draft [Gershon]

Word:
http://www.oasis-open.org/committees/document.php?document_id=45205&wg_abbre
v=id-cloud
PDF:
http://www.oasis-open.org/committees/document.php?document_id=45206&wg_abbre
v=id-cloud
 

Textual remarks:
- change to "Redhat" instead of "RedHat"
- oAuth should be OAuth

Structure remarks:
- Mention long names or full names in a separate table or reference section.
- Include links to their (i) website (ii) link to their standard version.
- Create 2 tables.

Approach for next steps:
- Ask ourself a set of questions: e.g. where do we believe the standards
fall short; what do we perceive as missing.
- Do more gap analysis offline via the email threads
- Also continue with the informal gap analysis meetings

- Suggestions for approaches: 
  - (i) per use case or (ii) per standard
  - first pass: go through all as a group; write down what we know. After
that, publish as a draft and validate if our assumptions are true or not.

- Scheduling informal meeting:
  - Matt: Fridays are good; Wednesdays are also good. Tuesdays are good as
well.

- Gershon talks about Trust and Trust Frameworks
- Dominique: you asked me to have Abbie talk about Trust Framework and he
accepted. Dominique will check with Abbie to talk about trust frameworks
during our next TC meeting.



4. Gap Analysis Discussion

- Use case 19:
  - if one can audit in the cloud, the accesses on a simple piece of blog
data, one has basically the foundation for auditing other data
  - within a enterprise there are compliance regulations
  - within a cloud these standards do not exist
  - cloud standards e.g. SNIA not doing auditing yet. DMTF CIMI is
considering this
  - would be worth considering the format.
  - reporting access management type events; audit requirements: timestamp,
identity, identity of resource invovled (e.g. document, storage device)
  - also if encryption is applied (how it is protected)
  - also hardware side: on which server this is running on (e.g. virtual
image running on vCloud, etc.)
  - audit 3 spaces (i) storage (ii) computing (iii) network space
  - include / extend with management for keys? yes should do this as its a
difficult issue. key life cycle management.
  - syslog as a log format; SNIA for network storage for cloud; DMTF Cloud
management working group with spec CIMI (management interface standard)
  - Data Model and topology aligned.
  - CloudAuditing Workgroup at DMTF, working with CIMI to provide audit type
event and reports to be carried by their management interfaces.
  - group working on audit reports, privacy information obfuscations, soa,
etc.
  - group does not talk about access control.
  - privacy management; KMIP (key life cycle management)
  - quantum; open networking management standard


5. Other Business

- Gershon to participate in CloudScape conference this week; will talk about
ID-Cloud.


6. Adjourn

Meeting adjourned.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]