RE: [security-jc] TAB concerns about Security JC charter

[Hal Lockhart <hal.lockhart@entegrity.com>]

Title: RE: [security-jc] TAB concerns about Security JC charter

I largely agree with Darren.

I think the issue turns on the meaning of the word "deliverable" which is not currently defined by OASIS. I don't think anyone on the SJC has any problem with the part of the TC process that says "A TC shall have no obligation to abide by any decision arrived at in a JC to which it contributes membership."

When we were developing our charter, I assumed "deliverable" meant "candidate to become a Committee Specification or OASIS Standard". It seems to me that in its role of coordination, it is perfectly reasomable for the JC to produce documents. The opposite position, that the JC may commit nothing to writing seems absurd to me.

If the JC choses to collect or create information for the reference of its constituent TCs and/or the OASIS community at large, this seems to me to fall well within the role of coordinating. As long as we do not mandate anything, I don't see the problem.

Otherwise, it seems to me that the JC becomes a sort of debating society whose work can not be reused or even easily located, except by reviewing all the meeting minutes.

I view this concern  as overly technical and not in the spirit of what I understand the role of a JC to be.

Hal

> -----Original Message-----
> From: Darran Rolls [mailto:Darran.Rolls@waveset.com]
> Sent: Friday, December 13, 2002 12:33 PM
> To: karl.best@oasis-open.org; security-jc@lists.oasis-open.org
> Cc: OASIS TAB
> Subject: RE: [security-jc] TAB concerns about Security JC charter
>
>
> Karl
>
> In your absence, we discussed this issue at this weeks SJC meeting [1]
> and have tabled your agenda item for the next committee meeting
> (1-9-2002).  In the mean time, can you (or Krishna) elaborate on this
> decision relative to the charter of the SJC and the following
> (personal)
> observations/comments:
>
> 1.  The TAB decision means that the SJC will have to re-write it's
> charter; a charter put in place with the full support of the SJC
> members, TAB and board.  Not a big issue but something we will have to
> address quite quickly.
>
> 2.  Based on the common understanding (and extensive clear statement
> within the charter) that the SJC has no control or official "power" to
> implement/impose its "works and findings", how is our current charter
> and its stated intentions anything more than "coordination" and
> "cooperation", the intended purpose of the JC process.
>
> 3.  If this decision by the TAB is simply a desire to promote the type
> of organizational structure that is the "trademark" or the OASIS
> approach, it has my full support.  I fully understand and
> appreciate the
> delicate balance between autonomy and autocracy that we
> tread.  I would
> however like to seek your (and the TAB's) advise on how, within that
> balance/framework, we can work to promote the consistency, reuse and
> interaction that is fundamental to an end-to-end workable set of
> standards. I know that OASIS does not propose to deliver an
> "end-to-end
> set" of standards, but on the other hand a set of uncoordinated,
> overlapping standards is not such a good thing either.
>
> 4.  Assuming that interested SJC members decided to take on
> the current
> charter "deliverables" as a separate TC effort, would this be
> something
> that the TAB would take an active role in and offer what would be
> unofficial "credibility" to the effort?
>
> Some interesting thought and debate for the holidays ;-)  Have a good
> one. 
>
> [1]
> http://www.oasis-open.org/committees/security-jc/minutes/minut
> es12-12-20
> 02.html#agenda5
>
>
> --------------------------------------------------------
> Darran Rolls                      http://www.waveset.com
> Waveset Technologies Inc          drolls@waveset.com
> (512) 657 8360                   
> --------------------------------------------------------
>
>
> > -----Original Message-----
> > From: Karl Best [mailto:karl.best@oasis-open.org]
> > Sent: Monday, December 09, 2002 9:52 AM
> > To: security-jc@lists.oasis-open.org
> > Cc: OASIS TAB
> > Subject: [security-jc] TAB concerns about Security JC charter
> >
> > Security JC:
> >
> > At the OASIS TAB meeting today we discussed, among other things, the
> > Security JC scope and charter. It was pointed out that the OASIS TC
> > Process makes no provision for a JC having a charter beyond simply
> > coordinating the activities of the TCs, and additionally that the
> > Process says that a JC will have no deliverables.
> >
> > So while the TAB thinks that the JC has identified some valuable
> topics
> > to pursue (security common glossary, architecture model, etc.) and
> that
> > this work is important and needs to be done, the TAB feels
> that the JC
> > is the wrong place to be doing this work.
> >
> > The TAB suggests that interested members of the JC form a TC to do
> this
> > work and that the JC restrict itself to providing a forum for the
> > various TCs to communicate and coordinate their activities with each
> > other.
> >
> > Krishna and I would be happy to further explain the TAB's
> feelings on
> > this at the next JC meeting.
> >
> >
> > -Karl
> >
> > =================================================================
> > Karl F. Best
> > Vice President, OASIS
> > +1 978.667.5115 x206
> > karl.best@oasis-open.org  http://www.oasis-open.org
> >
> >
> >
> > ----------------------------------------------------------------
> > To subscribe or unsubscribe from this elist use the subscription
> > manager: <http://lists.oasis-open.org/ob/adm.pl>
>
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>
>