[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: WS-SX TC Minutes, Feb 20 2008
WS-SX TC Minutes, Feb 20 2008 Thanks to Nortel for sponsoring the call. Summary of new Action Items: Action: Marc to write description of why bootstrap policy is
different than policies for other actions 1. Call to order/roll call Gained Voting Status Geoff Bullen, M/S Prateek Mishra, Oracle David Stagge, VHA Lost Voting Status: Michael McIntosh , IBM Attendance: Anthony Nadalin, IBM Vijay Gajjala, M/S Colleen Evans, M/S Symon Chang; BEA Systems, Inc. Hal Lockhart; BEA Systems, Inc. Denis Pilipchuk; BEA Systems, Inc. Corinna Witt; BEA Systems, Inc. Toshihiro Nishimura; Fujitsu Limited* Kelvin Lawrence; IBM Bruce Rich; IBM Mike Lyons; Layer 7 Technologies Inc.* Jan Alexander; Microsoft Corporation Geoff Bullen; Microsoft Corporation Marc Goodner; Microsoft Corporation Chris Kaler; Microsoft Corporation Frederick Hirsch; Nokia Corporation* Abbie Barbir; Nortel Lloyd Burch; Novell* Steve Carter; Novell* Rich Levinson; Oracle Corporation Ashok Malhotra; Oracle Corporation Prateek Mishra; Oracle Corporation Martin Raepple; SAP AG* David Staggs; Veterans Health Administration 2. Reading/Approving minutes of last meeting (Feb 6) http://www.oasis-open.org/archives/ws-sx/200802/msg00010.html Adopted unanimously. 3. TC Logistics (10 minutes or less) 2 week cycle continues 4. Issues list http://docs.oasis-open.org/ws-sx/issues/Issues.xml
a) Review of action items Editors to ask the OASIS TC Administrator to publish the
editors drafts there. Done. Chairs to respond to RX/TX chairs with the information
regarding referencing the specs using the new namespaces. http://www.oasis-open.org/archives/ws-sx/200802/msg00012.html
Done. b) Issues in Review status i141 - Support for nonce and created nested assertion in
usernametoken i148 - Syntax of XPath for Signed, Encrypted and Required
Elements i150 - Add conformance statements to new versions of
Trust/SC/SP i151 - Update SP per Policy 1.5 guidelines i152 - Update policy references to 1.5 for SC, Trust and SP i153 - Generalized Interactive Challenge for WS-Trust ER012 - Review normative RFC 2119 language in WS-Trust ER013 - Review normative RFC 2119 language in
WS-SecureConversation ER014 - Review normative RFC 2119 language in
WS-SecurityPolicy ER017 - Conflict Nonce reuse description in the current
WS-SC 1.3 Approved, marked as closed. c) New issues None. d) Active issues i154 - Examples doc issues Response from Tony, http://www.oasis-open.org/archives/ws-sx/200802/msg00017.html Rich working through those Geoff expects to have an answer regarding copyright statements
by next call i156 - Generalized Interactive Challenge for WS-Trust -
Concern 2 New proposal: http://www.oasis-open.org/archives/ws-sx/200802/msg00020.html
i157 - Generalized Interactive Challenge for WS-Trust -
Concern 3 Why are we calling out difference in user experience here?
It’s still just different authN mechanisms each distinguished by a URI. From protocol point of view they are the same, from user
perspective it can be different Could also be different from perspective of algorithm used Hal suggests adding note that it can’t be known this
is additional authN is needed in advance Marc to get proposal onto list well in advance of next call i158 - Generalized Interactive Challenge for WS-Trust -
Concern 4 New proposal: http://www.oasis-open.org/archives/ws-sx/200802/msg00020.html
i159 - Generalized Interactive Challenge for WS-Trust -
Concern 5 New proposal: http://www.oasis-open.org/archives/ws-sx/200802/msg00020.html
i160 - Unclear behavior for RequireSignatureConfirmation
Assertion where there is no Signature No progress, expect proposal by next call. i161 - Add sp:RequireAsync into sp:Trust13 assertion http://www.oasis-open.org/archives/ws-sx/200802/msg00019.html Closed with no action. i162 - No way to specify the policies for renew and cancel Why not put policy in the WSDL specific to the cancel, renew
action? Why not do that for bootstrap as well then? It’s different because request comes in on a different
action with credentials that need to be swapped But the renew, cancel have different policies than bootstrap
policy For bootstrap there is a change of credentials from the request,
two policies one before token is issued, one after Further discussion… Difference with bootstrap is temporalness, the policies for
the other actions are fixed in time Disagreement that this makes sense, consensus it’s difficult
to talk through on the call This needs list discussion Action: Marc to write description of why bootstrap policy is
different than policies for other actions i163 - Document how to support out of band encryption key known
to both parties Updated description: http://www.oasis-open.org/archives/ws-sx/200802/msg00014.html
i164 - Provide means to specify which signing transform to
use for attachments Proposal 1 accepted, status changed to pending. f) Pending issues None. 5. AOB Drafts, suggest changing SP 1.3 reference in SC back to SP
1.2 then producing a v.Next of SC with the SP 1.3 reference. It may not be
explicitly needed, but it reduce complexity in understanding relationship of
the specs. Agreement on that plan going forward, next update of specs
will include a v.Next of SC. Note that the issue count is going down, should plan on
starting publication cycle soon. 6. Adjournment |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]