Minutes of 23 January 2001 Security Services TC telecon

["Eve L. Maler" <eve.maler@east.sun.com>]

[Heather will follow this up with the attendance list.]

Minutes of the OASIS Security Services Technical Committee telecon
23 January 2001


Administrative
==============
- Membership report: new/removed members (Heather)

   No new members; 6 new prospective members

- Roll call (Heather or Krishna)

   Completed – Quorum reached with attendance of 33 members

   NOTICE: For future meetings, attendees will need to be on the phone
   by 10 minutes past the start of the call in order to be counted for
   role call (barring technical difficulties). This procedure was not
   followed today.

- Approval of minutes for the last telecon, as corrected:

    http://lists.oasis-open.org/archives/security-
    services/200101/msg00098.html

   Approved

- Approval of/additions to this agenda

   Moved coordinating editor's report to this slot.  Revised agenda
   approved.

- Coordinating editor's report: Bob B. is investigating tool support.
   Bob's suggestions have been mailed out to the list for tools and
   formats.  Please send Bob any additional comments off-line.  Bob
   will be final arbiter of formats used.

- Chair pro tem situation

   Eve will be on vacation weeks of Jan 29 and Feb 5; she will send out
   a preliminary agenda for the next meeting. Joe Pato has volunteered
   to chair next meeting; other volunteers can identify themselves and
   we will figure out how to chose a chair for the next meeting.

- Fix regular timeslot for telecons

   Discussion of current time; in general the time chosen is okay with
   most people. Proposal for 8:30am PT start time; no one from West
   Coast objected. Meeting will be alternate weeks. Discussion of which
   day of the week to meet was postponed.

   ACTION: Eve to use Evite to send out requests to search for best
   day. All requests received by COB Friday will be considered; Eve
   will mail out results sometime on the weekend.

- Fix date for first F2F meeting

   March 2 is date set for F2F. Burlington, MA at Sun.

   ACTION: Eve to set up information on how to get there, where to stay
   etc. once the group's Web page is set up.


Subgroup reports
================
To join a subgroup, you can send email with "subscribe" in the body to
the individual group, for example, security-protocol-
request@lists.oasis-open.org.  Please let the subgroup leader know
whether you're an observer or a voting member.

The Use Case subgroup bears most of the burden right now, but the
other subgroups can review its output, brainstorm requirements and use
cases of their own, and do compare/contrast analyses of S2ML and
AuthXML in the meantime.  The goal is to choose final requirements and
use cases at the March F2F.

- Coordinating editor (Bob Blakley)

   Already gave report (see above).

- Use Cases and Requirements (security-use) (Darren Platt)

   Developed plan for delivering info to group; there will be 3
   iterations at one week intervals. Result will be 2 docs: a
   subcommittee consensus doc and a non-consensus doc. Second doc will
   be submitted to TC at large in 3rd iteration, ideally two weeks
   before the March 2 F2F. Darren will send this schedule out to TC.

- Core Assertions (security-core) (Phil Hallam-Baker)

   Trying to start with architecture they already have and work
   backwards. Also "stuck" because they really need use cases
   documents. They are trying to discern between real requirements and
   wish list items.

- Protocols (security-protocol) (Tim Moses)

   Plan – Hold up due to AuthXML delays. Now have doco; plan is to
   create doco combining AUthXML and S2ML. Will reconcile overlaps and
   other issues. Plan is to have this done by Feb 2.

   Schedule – Reconcile of doco by Feb 2; telecon to discuss. Another
   telecon on Feb 16 will be used to reconcile discrepancies from use
   cases and protocol. Hope to have draft for TC to review by Feb 23.

   Dependencies – AuthXML doc dependency resolved. Now dependent on use
   cases reports (expect by Feb 9)

   Issues – None at this point.

   Discussion of overlap between protocols and core assertions. Both
   groups will have to work together to coordinate efforts.

- Bindings (security-bindings) (Prateek Mishra)

   Not a whole lot has happened. A conference call is being set up for
   next week; time to be settled through Evite. There is a dependency
   on use case and requirements. There is also an interaction with
   security services model. Agenda is to establish scope of bindings.

- Conformance Suite (security-conform) (Krishna Sankar)

   Krishna has sent a charter for the group to the overall TC and is
   now waiting for feedback from the group.

- Security Considerations (security-consider) (Jeremy Epstein or
   designate)

   Jeff Hodges acted as designate. Still getting feet on ground; Jeremy
   has a proposal to TC for scope of subcommittee and is waiting for
   feedback. Expect to have a con call next week.


Liaisons
========

- ebXML
   Maryann Hondo and Brian Eisenberg will coordinate together

- XKMS
   Phil Hallam-Baker

- XML Signature
   Probably don't need a liaison as they are almost finished their work

- XML Encryption
   Stephen Farrell and Gil Pilz will act as a liaison here

- XML Protocol
   Krishna Sankar and Brian Eisenberg will coordinate and track

- IETF BEEP
   Jeff Hodges

- Do we need to track any other efforts?

   IETF Sacred: Stephen Farrell will track this and let us know if it
   becomes relevant to this TC.

   WSDL/UDDI Working Group: Brian Eisenberg and David Orchard are on
   the advisor's committee Joe Pato is on the UDDI committee and will
   report back to the TC.

   Discussion of HIPPA and HL7 committee and its role. Consensus is
   that we should look at putting in a Health/HIPPA use case.

ACTION: Companies that are interested in designating Technical and PR
reps (could be the same person) should send this info to Eve Maler and
Marc Chanliau. This information can then be put onto the website. Eve
will act as primary liaison for now.

Kelly Emo volunteered to be a liaison to the ASP consortium.

Discussion of liaison ended with agreement that if members/observers
find additional areas that need liaison they can act as appropriate
and notify Eve if they need/want time on the agenda.


Other
=====
- Website report (Marc)

   Not much to report. Will get started as soon as he can, including
   getting information from subcommittees.

   ACTION: Marc to provide a suggested layout of the website for the
   next meeting.

- What name shall we give our suite of specifications?

   Some options mentioned: S2ML, A2ML.  We don't want to wait for the
   F2F to decide this because it will be a time sink.

   Motion: To create a separate mailing for the discussion of the name
   of this effort. Vote: 2 Yes, 3 Abstain, Remainder NO (remainder not
   counted due to attempts to withdraw motion after first 10 votes).

   ACTION: Everyone to send suggestions for names to Eve or the list by
   COB Friday.

   ACTION: Eve to create Evite poll after that for people to register
   their preferences and announce the results ~12 February.  If there
   is no overwhelmingly obvious preference, she will drop any obvious
   non-preferred options and re-do the poll for a decision by the 20
   February telecon.

Motion to adjourn at 12:38 CT.
--
Eve Maler                                          +1 781 442 3190
Sun Microsystems XML Technology Center    eve.maler @ east.sun.com