[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [VER 2] WS-SX TC Minutes, Apr 12 2006
WS-SX TC Minutes, Apr 12 2006 [VER 2] Added roll call. Summary of new Action items: AI-2006-04-12-01 Prateek to review the text added per Issue 30 to see if its explains sufficiently how to use the extensibility of SP to describe token characteristics (related to Issue 31). AI-2006-04-12-02 Simon Chang to make a proposal on how to describe the usage of the Username token re Issue 31. 1. Call to order/roll call Present: Jong Lee, BEA Systems, Inc.* Hal Lockhart, BEA Systems, Inc.* Corinna Witt, BEA Systems, Inc.* Symon Chang, Blue Titan Software* Rich Levinson, CA* Yakov Sverdlov, CA* Dana Kaufman, Forum Systems, Inc.* Toshihiro Nishimura, Fujitsu Limited* Ching-Yun (C.Y.) Chao, IBM* Henry (Hyenvui) Chung, IBM* Heather Hinton, IBM* Kelvin Lawrence, IBM* Michael McIntosh, IBM* Anthony Nadalin, IBM* Bruce Rich, IBM* Mike Lyons, Layer 7 Technologies Inc.* Kate Cherry, Lockheed Martin* Jan Alexander, Microsoft Corporation* Paul Cotton, Microsoft Corporation* Colleen Evans, Microsoft Corporation* Mark Fussell, Microsoft Corporation* Vijay Gajjala, Microsoft Corporation* Marc Goodner, Microsoft Corporation* Chris Kaler, Microsoft Corporation* Jonathan Marsh, Microsoft Corporation* Asir Vedamuthu, Microsoft Corporation* Norman Brickman, Mitre Corporation* Frederick Hirsch, Nokia Corporation* Abbie Barbir, Nortel Networks Limited* Lloyd Burch, Novell* Steve Carter, Novell* Ashok Malhotra, Oracle Corporation* Prateek Mishra, Oracle Corporation* Alex Hristov, Otecia Incorporated* John Hughes*, PA Consulting* Martin Raepple, SAP AG* Werner Dittmann, Siemens AG* Tony Gullotta, SOA Software Inc.* Jiandong Guo, Sun Microsystems* 2. Reading/Approving minutes of last meeting (F2F Apr 4-5) http://www.oasis-open.org/apps/org/workgroup/ws-sx/email/archives/200604/msg00051.html Adopted unanimously. 3. TC Logistics (10 minutes or less) BEA volunteered to host the Apr 19 distributed meeting. Kelvin asked for other volunteers. 4. Issues list http://docs.oasis-open.org/ws-sx/issues/Issues.xml a) Review of action items AI-2006-03-29-01 - Gudge owes Prateek a response (to message 82) for issue 33. Pending. AI-2006-03-29-04 - Marc Goodner to update interop doc with resolution of issue 47 before F2F. Pending. Folded into the work to create a merged interop document. AI-2006-04-04-01 - Chris Kaler to provide advice on minimum acceptable lengths of P-SHA1 inputs for Issue 20. Pending. Chris and Prateek expect to complete this by the next meeting. AI-2006-04-04-03 - Tony Nadalin to identify possible issues for SecurityPolicy based on the changes proposed for Issue 52. Pending. AI-2006-04-04-04 - Jan Alexander and Martin Gudgin to identify possible issues for SecurityPolicy based on creation of the NoProofKey proposed in the solution to Issue 56. Pending. AI-2006-04-04-05 - Jan Alexander and Tony Nadalin to identify possible issues for WS-Trust's processing model for the changes made for Issue 57. Pending. AI-2006-04-04-06 - Jan Alexander to start a discussion about security considerations and a section about what this means for relying parties re the proposal adopted for Issue 060. Pending. ETA before the Apr 19 meeting. AI-2006-04-04-07 - Marc Goodner with help from Prateek Mishra to create a merged interop scenarios document. Pending. ETA for merged document is May 3. AI-2006-04-04-08 - Marc Goodner with help from Prateek Mishra to document interop message flows based on a future revised version of SC/Trust. Pending. AI-2006-04-04-09 - Chairs to check with absent companies on their plans for SC/Trust interop. Pending. AI-2006-04-05-01 - Tony Gullotta will start an email discussion about issue 31 and whether it should be broadened to include other token characteristics. DONE. AI-2006-04-05-02 Gudge to propose revised text for the description of sp:BootstrapPolicy for issue 53. Pending. AI-2006-04-05-03 - Tony N and Frederick to consider adding batch facilities to SecureConversation as per Issue 64. Pending. AI-2006-04-05-04 Chairs to do further work on a F2F meeting time and location. Pending. We are aiming for late August or early September. The Chairs are looking for a hosting volunteer. Abbie (Nortel) may volunteer - he will let us know by the end of next week. BEA could host on either coast (Burlington, MA or San Jose, CA). b) Issues in Review status None. c) New issues None. d) Active issues i004 Paul Cotton Transitive closure spec dependencies Change owner to the Editors. Pending. i008 Editors Need well formed XML examples Pending. i020 Describe minimum acceptable lengths for P_SHA1 inputs AI-2006-04-04-01 - Chris Kaler to provide advise on minimum acceptable lengths of P-SHA1 inputs for Issue 20. Pending. i031 Clarification for UsernameToken assertion Previously the TC left this issue pending on Issue 30. AI-2006-04-05-01 - Tony Gullotta will start an email discussion about issue 31 and whether it should be broadened to include other token characteristics. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200604/msg00037.html Tony N pointed out that his view of the charter it says that it constrains SP to describing the wire format of the messages and that it does not include the content of the tokens. Hal wondered if this distinction was correct. Eve suggested that the additional information was necessary for some use cases. Tony G wondered where this work could be done. Prateek asked if SP was actually a framework for describing security information or if some other language was needed. Chris K felt that SP provided the extensibility for describing additional information about tokens but he agreed with Tony N that this was not in the scope of the current TC. Prateek said that he expected to explore this extensibility point. AI-2006-04-12-01 Prateek to review the text added per Issue 30 to see if its explains sufficiently how to use the extensibility of SP to describe token characteristics (related to Issue 31). Chris K suggested that we review Gudge's proposed text to see if we could add an example on how to describe the token being used. Werner asked how many different descriptions would exist. Chris K suggested that either topical experts (eg. SAML experts) or vertical industries could describe their token requirements. Simon Chang asked if we could at least do a description of the UserName token since there is no obvious community to do this. AI-2006-04-12-02 Simon Chang to make a proposal on how to describe the usage of the Username token re Issue 31. i048 Binding Assertions should support Operation subjects Tony G volunteered to start an email thread on this issue. See the F2F minutes for details of previous discussion. i055 Clarification on RequireDerivedKeys and X509Token under AsymmetricBinding http://lists.oasis-open.org/archives/ws-sx/200603/msg00121.html Pending email discussion on Venu's response: http://lists.oasis-open.org/archives/ws-sx/200604/msg00056.html i066 Security Policy Use Cases Owner is Ashok Malhotra. Paul C and Marc G have provided links to the WS-I documents that might be useful for this work. See: http://lists.oasis-open.org/archives/ws-sx/200604/msg00044.html and http://lists.oasis-open.org/archives/ws-sx/200604/msg00054.html f) Pending Issues Not discussed. 5. AOB None. 6. Adjournment The meeting adjourned at 10:45am ET. /paulc Paul Cotton, Microsoft Canada 17 Eleanor Drive, Ottawa, Ontario K2E 6A3 Tel: (613) 225-5445 Fax: (425) 936-7329 mailto:Paul.Cotton@microsoft.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]