Re: [oasis-member-discuss] RESEND - Re: [oasis-member-discuss] ProposedSubmission of OASIS WS-Security v1.1 to ITU

[robert_weir@us.ibm.com]

Note that JTC1 has the concept of "freely available specifications", with 
an index here:  
http://standards.iso.org/ittf/PubliclyAvailableStandards/index.html

JTC1 SCs can request that approved ISO/IEC standards be added to this 
list.  It is commonly done for ISs that originated via PAS transposition 
from a consortium where the original specification was also freely 
available.

Regards,

-Rob

"Mason, Howard (UK)" <Howard.Mason@baesystems.com> wrote on 04/03/2010 
01:41:46 PM:


> 
> Re: [oasis-member-discuss] RESEND - Re: [oasis-member-discuss] 
> Proposed Submission of OASIS WS-Security v1.1 to ITU
> 
> The only counter argument might be the free-of-charge availability 
> of ITU specs, but I assume that the OASIS document will also be 
> updated to align with the eventual JTC1 version and will also retain
> free availability. 
> 
> Howard Mason (via Blackberry)
> Corporate IT Office
> Tel: +44 1252 383129
> Mob: +44 780 171 3340
> Eml: howard.mason@baesystems.com
> 
> BAE Systems plc
> Registered Office: 6 Carlton Gardens, London, SW1Y 5AD, UK
> Registered in England & Wales No: 1470151
> 
> ----- Original Message -----
> From: Jeff Mischkinsky <jeff.mischkinsky@oracle.com>
> To: Jamie Clark <jamie.clark@oasis-open.org>; oasis-member-
> discuss@lists.oasis-open.org <oasis-member-discuss@lists.oasis-open.org>
> Cc: Paul C Lipton <paul.lipton@ca.com>; Hiroshi Yoshida 
> <hyoshida@jp.fujitsu.com>; Joel J. Fleck <joel.fleck@hp.com>; Kelvin
> Lawrence <klawrenc@us.ibm.com>; Paul Cotton 
> <Paul.Cotton@microsoft.com>; Jeff Mischkinsky 
> <jeff.mischkinsky@oracle.com>; Mark Little <mlittle@redhat.com>; 
> Claus von Riegen <claus.von.riegen@sap.com>; Blake Dournaee 
> <Blake.Dournaee@intel.com>
> Sent: Fri Apr 02 01:24:30 2010
> Subject: [oasis-member-discuss] RESEND - Re: [oasis-member-discuss] 
> Proposed Submission of OASIS WS-Security v1.1 to ITU
> 
> 
>                     *** WARNING ***
> 
>   This message has originated outside your organisation,
>   either from an external partner or the Global Internet. 
>       Keep this in mind if you answer this message.
> 
> 
> [ sorry, i hit the send before finishing the signatures, left off 
> Intel ]
> We, the undersigned, strongly support the submission of WS-Security 
> 1.1 for de-jure standardization. We note that WS-I previously 
> submitted several of its profiles (the WS-Basic Profiles) to JTC 1 via 
> the JTC 1 PAS Transposition Process. These profiles have now been 
> adopted as ISO/IEC International Standards.
> 
> We believe that the Web Services community will be best served if the 
> OASIS Web Services specifications are submitted in a way that they can 
> be reviewed and processed consistently in the same de-jure 
> organization; in particular, we believe that an organization directly 
> focused on web services, and which can appropriately work with other 
> domain/topic-specific groups, is the most appropriate approach.  We 
> see advantages in submitting them to either ITU-T SG17 (because of the 
> telecommunication security and identity management concerns) or JTC 1 
> SC 38 (because of the web services focus), but believe that WS- 
> Security 1.1 should be submitted to JTC 1, and as decisions are 
> reached to submit further OASIS Web Services specifications, JTC 1 SC 
> 38 should continue to be the recipient.
> 
> OASIS has successfully submitted other OASIS Standards to JTC 1 using 
> the PAS Transposition Process while retaining technical ownership of 
> their evolution. This need not preclude collaboration with ITU-T to 
> make WS-Security a component of security standards suite.
> 
> We note that the OASIS Liaison policy (http://www.oasis-open.org/
> committees/liaison_policy.php 
> ) contains an option that the "OASIS President may approve the request 
> with changes to the proposed submission method, schedule or designated 
> receiving organization".
> [See section 3.4, "Policy for submitting OASIS Standards for adoption 
> by other organizations"]
> 
> We would like to respectfully request that the submission request be 
> approved and that the receiving organization be JTC 1.
> 
> Once JTC 1 receives the submission request from OASIS, it should be 
> able to start the PAS Transposition Process (which includes a 6-month 
> ISO/IEC national body letter ballot) within a few weeks.
> 
> We also recommend that JTC 1 assign administrative responsibility for 
> this PAS Transposition to the newly created JTC 1 SC 38(Distributed 
> Application Platforms and Services - DAPS).
>   [See  http://www.iso.org/iso/standards_development/
> 
technical_committees/other_bodies/iso_technical_committee.htm?commid=601355 

> ]
> 
> Sincerely,
> 
>        Paul Lipton, CA                  (paul.lipton@ca.com)
>        Hiroshi Yoshida, Fujitsu Limited (hyoshida@jp.fujitsu.com)
>        Joel Fleck, HP                   (joel.fleck@hp.com)
>        Blake Dournaee, Intel            (Blake.Dournaee@intel.com)
>        Kelvin Lawrence, IBM             (klawrence@us.ibm.com)
>        Paul Cotton, MS                  (paul.cotton@microsoft.com)
>        Jeff Mischkinsky, Oracle         (jeff.mischkinsky@oracle.com)
>        Mark Little, Red Hat             (mlittle@redhat.com)
>        Claus Von Riegen, SAP            (claus.von.riegen@sap.com)
> 
> On Mar 04, 2010, at 6:13 PM, jamie.clark@oasis-open.org wrote:
> 
> > To OASIS members, member announce lists:
> >
> > OASIS has been asked, by the members listed below, to submit the 
> > following OASIS Standard to the International Telecommunications 
> > Union, Telecommunication Standardization Sector (ITU-T), Study Group 
> > 17 on Security:
> >
> > Web Services Security v1.1 [n1]
> >
> > The OASIS Liaison Policy sets requirements for submissions of OASIS 
> > specifications to external standards organizations. [n2]  In the 
> > case of a work produced by a closed Technical Committee,
> > OASIS rules require that five or more organizational members make 
> > this request.  The request is attached below;  it includes more 
> > detailed information on the proposed submission and its terms.
> >
> > OASIS has determined that the request meets the policy's initial 
> > requirements.  Our  rules provide that any such request be posted to 
> > OASIS members for comment.   The member review starts today, 4 March 
> > 2010, and ends 3 April 2010.  This is an open invitation to members 
> > to comment. Under our Liaison Policy, OASIS will make a final 
> > determination to confirm the submission at the close of the review 
> > period.
> >
> > More information about the specification, and the WS-Security TC who 
> > originated it, may be found at the public home page of the TC. 
> > [n3]  Additional non-normative information about the proposed 
> > submission may also be posted to the [oasis-member-discuss] list, 
> > during the review period.
> >
> > Comments on this proposed submission should be send to oasis-
> member-discuss@lists.oasis-open.org 
> > .  That list is publicly archived [n4], and any OASIS member may 
> > subscribe. [n5]   A link to this notice is cross-posted to relevant 
> > OASIS announcement lists.
> >
> > The submission request is appended below.
> >
> > Respectfully,  JBC
> >
> > ~ James Bryce Clark
> > ~ General Counsel, OASIS
> > ~ http://www.oasis-open.org/who/staff.php#clark
> >
> > [n1]  WS-Security v1.1 as approved: http://www.oasis-open.org/
> specs/index.php#wss
> > [n2]  Liaison Policy:  http://www.oasis-open.org/committees/
> liaison_policy.php#submitwork
> > [n3]  Archived TC pages:  http://www.oasis-open.org/committees/wss
> > [n4]  List archive: http://lists.oasis-open.org/archives/oasis-
> member-discuss/
> > [n5]  Comment lists & subscriptions: 
http://lists.oasis-open.org/archives/
> >
> > --------
> > Proposed Submission Request terms
> > [The six questions are quoted from the OASIS Liaison Policy]
> >
> > Specification to be submitted:  Web Services Security v1.1, as 
> > approved in February 2006.   See http://www.oasis-open.org/specs/
> index.php#wss
> >
> > Q1.  The name(s) of the submission requester(s), that is, the TC, 
> > the Member Section, or the OASIS Organizational Members that support 
> > the submission request as described in section 1(d).
> >
> > A1:  CA, IBM, Microsoft, Red Hat, SAP
> >
> > Q2. The name of the intended receiving standards organization. The 
> > request may also suggest the committee or group in that organization 
> > which should process that submission.
> >
> > A2:  ITU-T Study Group 17 on Security
> >
> > Q3. The intended status or outcome that the request seeks from the 
> > receiving organization's process; and a short description of the 
> > receiving organization's approval process, including estimated time
> > required, stages of approval and who votes at each stage.
> >
> > A3:  Final approval as an ITU Recommendation without change. 
> > Preservation of the content without alteration, except for non- 
> > technical, front-page-type matter.  It is anticipated that the 
> > submission will be transmitted to ITU-T SG17 and submitted for study 
> > group consent vote at their regular plenary in April 2010,  followed 
> > by an ITU member review & confirmation process that may conclude in 
> > late May.
> >
> > Q4. An explanation of how the submission will benefit OASIS.
> >
> > A4:  Increased visibility and implementation of the established 
> > standard, due to the positive sanction associated with the ITU 
> > process.
> >
> > Q5. The expected licensing, copyright and other intellectual 
> > property terms that will be used by the receiving organization in 
> > regard to the submission.
> >
> > A5:  Use of the OASIS standard and will continue to be is permitted 
> > under the terms of the OASIS IPR Policy. As before, our submission 
> > would call to the attention of ITU and potential users of its works
> > the existence of the disclosures and license statements made 
> > pursuant to the OASIS process (see http://www.oasis-open.org/
> committees/wss/ipr.php) 
> > ,  OASIS plans to contact parties listed there, to advise them of 
> > the submission and the possibility of further inquiry about 
> > availability from ITU-T.
> >
> > Q6. A statement of the intended future plans for versioning and 
> > maintenance of the OASIS Standard and/or Approved Errata for that 
> > standard, and the expected roles of OASIS and the receiving
> > organization. This must include clear statements of the rules of the 
> > receiving organization applicable to maintenance of an approved 
> > submitted standard, and to future versions of that standard; any
> > requirements regarding the submission of future versions; and a 
> > description of how OASIS and the submission requesters expect to 
> > comply with those rules.
> >
> > A6:  If the original submission is successfully approved, OASIS 
> > would enter into the usual commitments to share with ITU any 
> > material errata data, and submit back to ITU for re-transposition 
> > any future approved OASIS Standard versions or Approved Errata. As 
> > before, a condition of the OASIS submission would be the requirement 
> > that any changes to the established Specification be submitted 
> > through the OASIS TC process, in order to preserve the continuity of 
> > the work for the established base of implementers who rely on it. In 
> > this case, because the originating TC has completed its work, any 
> > such changes would be conditioned on the competent convening of a 
> > new OASIS TC, under all applicable OASIS rules, and the approval of 
> > that TC's work through the usual OASIS process.
> >
> > (end of submission request)
> 
> --
> Jeff Mischkinsky                         jeff.mischkinsky@oracle.com
> Sr. Director, Oracle Fusion Middleware             +1(650)506-1975
>    and Web Services Standards                    500 Oracle Parkway, M/S 
2OP9
> Oracle                        Redwood Shores, CA 94065
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 
> 
> 
> 
> ********************************************************************
> This email and any attachments are confidential to the intended
> recipient and may also be privileged. If you are not the intended
> recipient please delete it from your system and notify the sender.
> You should not copy it or use it for any purpose nor disclose or
> distribute its contents to any other person.
> ********************************************************************
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 
>