[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes of Dec 9, 2009 Meeting
Agenda: 1. Call to order/roll call 9 of 14 present => have quorum Meeting Attendees (more detail below) Name Company Status Kelvin Lawrence IBM Group Member Bruce Rich IBM Group Member Marc Goodner Microsoft Corporation Group Member Chris Kaler Microsoft Corporation Group Member Anthony Nadalin Microsoft Corporation Group Member Symon Chang Oracle Corporation Group Member Rich Levinson Oracle Corporation Group Member Hal Lockhart Oracle Corporation Group Member Carlo Milono TIBCO Software Inc. Group Member 2. Reading/Approving minutes from September 30th 2009 [1] minutes approved no objection 3. TC Logistics (10 minutes or less) kelvin: this is last meeting of 2009 chris: setting up JIRA - in progress 2010 schedule 4. Issues list [2] marc: carlos issue is ER23 carlos: public sector sales,customers looking to drive efficiency thru std, interop NIST decl sha-1 insufficient, will be labeled not usable they see explicit phrases around sha-1, ex base64 pwd, actually retired; want to point to explicit schemas, namespaces, uri not matching fips; uri for sha-112 vs sha-256 under dsig; elliptical curve algs: w3c 1.1 editorial on elliptical, suite b, for secret-labeled use sha384, top secret use sha512; no uri tag for sha384; propose: put in flexible term around use of particular algorithm; customers willing to create own std if not chris: new uris being specified? carlos: yes, but no approved ns uri chris: are dsig defining uri carlos: yes, there is one we can add to specs chris: is issue fixed uris hal: not entirely; spec either don't specify algs or spec variable scheme, then interop issue, but if spec exact then need to rev specs regularly carlos: dev at customers not considering stds adequately maintained hal: there is mechanism carlos: we need to say what is procedure chris: 1st figure out non-wss first, then wss ws-sp has list of algs ws-sc has specs that should be ref'd once it is only above 2 where we restrict only in derived keys we make mandatory one place in ws-trust might need attention could do a cleanup pass, to make more open if we wanted to address this wss is more difficult b/c tc is closed; limited places that need attention; possibly could have new profile for hashing pwds, etc. hal: that alg was weak, b/c input was assumed weak hal: can't argue these would be errata, would need point ver chris: agrees that is probably correct chris: main problem is ws-sc where something locked down hal: need to support both for some duration kelvin: how do we address? hal: let's target next mtg to look over and propose hal: keep algs separate from elliptical curve which is less well defined carlos: looking to "future-proof" doc, subject to constraints hal: issue is that a long-running group needed to maintain even if specs just have ptrs, someone needs to manage what's pointed to kelvin: open the issue for action 1st call in 2010 chris: next call in 2010 we will discuss proposals additional comments on above: chris: looked at specs; could be create new doc that is series of uri updates bruce: is key gen using sha-1 being discouraged; usage in deriving key, not used for dsa,rsa, recomputing symm key typically aes; hal: not sure of key deriv, but there is key recovery hash fcns should be usable for all purposes, if any NIST wants to change across board rather than several specific cases kelvin: discuss at next call chris: normative uris cannot be considered "errata" probably can do separate doc w uris kelvin: if no mechanism then tc must live forever chris: need to keep open; wss has shown we can't rev spec for IP reasons; need to keep tc around; a general maint tc cannot rev the spec hal: who are groups that can impose reqts on tc to make chgs chris: when something not modular, what to do, ex dsig was core to wss, but dsig is now chging which is creating issue around wss marc: other issues will have errata for next call kelvin: examples doc - Actions - Issues 5. Status of documents errata - ready for next mtg examples - doc is complete; probably should edit page; hal: need a final edit to say Committee Spec Kelvin: go thru kavi, make sure all up to date kelvin: need cs on front page, w updated date names: there is opt-in; send email and let us know if name left out -> rich send email about names, update front page of doc post doc to kavi, but cd's, cs puts it in place for cs, use tc-admin; assume they will review, let us know, and if ok, they will do next step -> kelvin to check if tc page needs updated versions 6. Plans for 2010 next mtg, jan 6, 2010 kelvin will gen calls for 2010 on sched 7. Other business 8. Adjournment [1] http://lists.oasis-open.org/archives/ws-sx/200910/msg00001.html [2] http://docs.oasis-open.org/ws-sx/issues/Issues.xml Status changes Gained voting none Lost voting Don Adams Frederick Hirsch Michael McIntosh Attendance Attendance has been recorded; statistics are shown below. If you wish you may set whether or not this meeting achieved quorum. If you do nothing, the quorum status will be set to because . View Event | Modify Event | Modify Attendance Meeting Statistics Quorum rule 51% of voting members Achieved quorum true Counts toward voter eligibility true Individual Attendance Members: 9 of 120 (7%) Voting Members: 9 of 14 (64%) (used for quorum calculation) Company Attendance Companies: 4 of 45 (8%) Voting Companies: 4 of 5 (80%)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]