wss message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: minutes 1/27
- From: Maryann Hondo <mhondo@us.ibm.com>
- To: wss@lists.oasis-open.org
- Date: Tue, 27 Jan 2004 12:18:25 -0500
minutes 1/27
Agenda
1. Call to order, roll call
2. Reading/approving minutes of last meeting
(Jan 13th) [1]
3. Ballot results [2] and next steps
4. Status of other documents (Editors/all)
5. Issues list status/review
6. Status of other profiles/interop planning
etc
7. Other business
8. Adjournment
#1Attendance
of Voting Members
Gene Thurston AmberPoint
Frank Siebenlist Argonne National Lab
Merlin Hughes Betrusted
Hal Lockhart BEA
Symon Chang CommerceOne
Guillermo Lao ContentGuard
TJ Pannu ContentGuard
Sam Wei Documentum
John Hughes Entegrity
Tim Moses Entrust
Toshihiro Nishimura Fujitsu
Kefeng Chen GeoTrust
Yutaka Kudo Hitachi
Paula Austel IBM
Maryann Hondo IBM
Kelvin Lawrence IBM
Anthony Nadalin IBM
Ron Williams IBM
Don Flinn Individual
Paul Cotton Microsoft
Vijay Gajjala Microsoft
Chris Kaler Microsoft
Ellen McDermott Microsoft
John Shewchuk Microsoft
Richard Levinson Netegrity
Frederick Hirsch Nokia
Abbie Barbir Nortel
Charles Knouse Oblix
Steve Anderson OpenNetwork
Vipin Samar Oracle
Jerry Schwarz Oracle
Eric Gravengaard Reactivity
Ben Hammond RSA Security
Andrew Nash RSA Security
Rob Philpott RSA Security
Martijn de Boer SAP
Blake Dournaee Sarvega
Coumara Radja Sarvega
Pete Wenzel SeeBeyond
Yassir Elley Sun Microsystems
Jeff Hodges Sun Microsystems
Ronald Monzillo Sun Microsystems
Jan Alexander Systinet
John Weiland US Navy
Phillip Hallam-Baker VeriSign
Attendance of Prospective Members or Observers
Mike McIntosh IBM
Alan Geller Microsoft
Membership Status Changes
Ramana Turlapati Oracle - Granted voting status after 1/27/2004
call
Alan Geller Microsoft - Requested membership 1/13/2004
Joe Barbush Novell - Requested membership 1/21/2004
Senthil Sengodan Nokia - Lost prospective status 1/27/2004
Tim Alsop CyberSafe - Lost prospective status 1/27/2004
cyc cyc IBM - Lost prospective status 1/27/2004
Eleanor Robinson Individual - Lost prospective status 1/27/2004
John Shewchuk Microsoft - Returned from LOA 1/27/2004
42 of 58 quorum achieved
#2
Chris:
accepting
the minutes?
no
objections
#3
Kelvin:
rundown
on the vote
mail
went to the list
2
ballots
1st)
required 2/3 no more than 1/4 against ....54-0
that one is passed
2nd)
required a majority
30 is the bar
37 is a majority
so that passed as well
Chris asked for any other comments on
the ballots (agenda item #3) before we proceed
no comment
What's next (agenda item #3)
What's missing from the checklist?
Kelvin has started and will share with
the list......there are 10 stages that the TC chairs have to prepare text
on
- SPEC with right name,
- text on what spec is about, summary
of how this works with other standards,
- need 3 orgs saying they have successfully
used the spec [has received 3, others can be added if anyone wants to]
within the IPR policy,
- provide commentary on disposition
of the public review period [Chris has pulled together a summary of the
issues & their disposition],
- summarize the ballots for committee
draft
- previous attempts to standardize
documented (none that we are aware of)
- pointer to comments archive
- statement from chairs that everyone
has received the IPR policy
- pointers to ballots and comments
(missing one)
earliest to submit would be the 15th
of Feb.
Kelvin will send proposed text for
the process doc to list first
ACTION:
Kelvin ....to send pointer to IPR policy
to list
Rob:
The chairs are expected to make sure
that everyone has been notified of the policy......
what I did was send a note to
the list and pointing to the ipr policy
Kelvin:
Did that.
look at the TC home
page, any claims are there
if anyone has any additional
IP claims they need to make a declaration
Chris:
...called for IP again....no response
#4
Updates from the editors:
Ron:
was not able to provide a diff .....not a
MS word expert...provided a new doc
primary change was to change znames to URIs
in security token ref, had been relying on
elements defined by SAML ......needed to convey that information
switched from direct references to key identifier
references
updated all the examples to be consistent
would like to do a pdf diff to localize the
changes in this revision....didn't turn out as well as hoped....still trying
Rich Levinson comment on security token dereference
transfer when doing sender vouches
Yasir
we should be looking into interop
Chris :
yes thats agenda item 6
Ron:
question on Kerberos profile
is there another profile?
Tony:
where did you see it? not on this list...there is only one here
Ron:
is there a relationship with the one
submitted outside?
Tony.
not an overlap
Ron,
having two documents is confusing
can you define the difference
Tony,
shouldn't be confusing ....not submitting
the other document to this TC
Ron,
I will raise the issues on the list....maybe
you can clarify the overlaps
Paul
it would help BSP in WS-I if you guys
had a schedule for these other profiles
Chris
noted
Kelvin and I are trying to get the paperwork
filed and then move on to get these done as soon as possible,
Kerberos and xrml are moving along and
with all Ron's changes, SAML looks like its moving too
Paul
WSI can't move to a public sched until
you do
Chris
any other comments?
# 5
VJ published a new doc
comments from nishimura, updated the
issues list with closed items, saml ones pending,
Chris
#234
to Ron......version issue ... which
version of SAML
Ron,
i can say that the document describes
how to use SAML 1.0 and 1.1 it doesn't include specific requirements
Chris,
Can you look at it and see if it can
be closed?
#242
update saml profile to use new URL?
Closed
#243
update XRML
closed
#245
rename to follow naming conventions
closed
#249
closed
non global attributes does not support
element extensibility....
SAML has a work around
should schema support mixed content....
ACTION: open a new issue
this aspect should be remembered
should be a way to extend key identifiers
but maybe it should be a different kind of key identifier
allow structured sub content
#250
Ron, found when identifying a
new reference type
leave open
need a discussion on the list
#251
leave open
key identifier value types and direct
reference value types in schema have slightly different semantics
core relative, and others are token
profile relative
one issue on consistency.....
could be confusion in future ...need
guidelines about trying to create value types that are profile version
specific URIs
#252, #253 closed
trivial editorial bugs
Chris,
put in errata
should we begin a "next"?
Tony,
rolling in edits on the list?
Chris
collect errors
start a next version and start fixing
the editorial bugs there
Tony,
what's your timeframe?
Chris,
we're going to be finding errors, should
we track in errata and then roll them in?
Paul,
there is no OASIS policy on the errata
collection...and I'm a little concerned about that
it would not affect my vote, we need
not only a v-next, but we need to be able to have someone be able to
look at the original and the v-next
and be able to see both....
prefer the front matter have a pointer
that says ....for information on errata see....
Hal
need a distinction between errata and
new features
ACTION
Chris & Kelvin, find out about OASIS
policy on errata
Paul,
there is no policy, I have checked
Hal,
several TC's have ignored that
Paul,
we need (as a continuing TC) to track
this....at an absolute minimum
ACTION:
Editors will collect errata
TC will determine how to deal
with it
Don,
how do you connect it with the version?
Rob
we put a link on the web site pointing
to it
Kelvin
asked staff yesterday, typos should
be published in an errata doc
normative stuff that needs to change,
this needs to be a committee draft
Bob Morgan,
not start on a 1.next until the committed
decides to do that
Chris,
dispose of #252,253, #255
have editors capture those in a running
errata doc
any objections?
no taken as unanimous consent.
#254
soap message normalization may be used
as a transform should be a canonicalization
this is also errata
252-255 should be closed
Ron,
question on embedded references
core spec requires the specification
of a canonicalization algorithm .....
Merlin,
not sure what the purpose of embedded
is
on transform, rather not introduce that
linkage and its better to be explicit rather than implicit
common practice is to be fixed
but good practice is explicit
Ron,
wanted to understand this...when you
specify the transform we chose to specify that you must specify alg.
embedded helps when you can't put ids
on soap instances....you can wrap them in the STR
Hal,
is there agreement that if you have
an embedded you will get the same result?
Merlin,
you will get a different result
Ron,
but the security properties are the
same
str transform strips the str
what about attributes?
embedded result .... is the element
content of the embedded
Hal, the purpose of embedded was to
let us hang the usage attribute on a token...we should explicitly use the
str transform when you are using the embedded
in any case with the str transform you
are not covering the usage attribute
you need another transform to get the
signature over the usage attribute
Jerry,
it doesn't hurt to sign the same content
twice
when you sign an STR you are also signing
the sub-elements
Ron,
I found this confusing....what happens
with embedded.....
Hal,
to create a simpler rule
better practice always use the transform
and if you have attributes sign it separately without the transform
Ron,
doesn't answer the question of why to
use the transform on the embedded.
should be clarification in the text
what to do if you want to sign the attributes?
ACTION: New Issue:
STR attributes are not protected
or does the transform need to be modified?
that would be simplest
transform decides what the input is
to the digest
VJ there are some more issues that we
will get to on the next call
Item #6
Chris:
status of other profiles and interops
gotten pings from people, were not able
to participate in earlier events but are ready now
can we run the original 7 (virtual)
again
there are 3 potential interops (SAML,
XRML, core) could run simultaneously
(?) using the new schema?
yes, (Chris) we always use the newest
schema
People please send mail who would like
to participate, when and what ......
Hal,
can someone create an interop doc for
Kerberos?
Chris,
Was that Hal volunteering?
Action:
Tony & Hal to develop a Kerberos
scenario
Hal,
would like input ...what do people want
to do with Kerberos?
Kelvin:
other business
everyone should have seen that OASIS
is holding a symposium....do we want as a TC to meet there.
OASIS would like groups to come....how
many people will be there anyway for other TC items
Paul
What are the dates?
Pete,
mid-Apil 26-29
TC meeting rooms available on 28 &
29th
Paul,
asking 58 members if they want to do
an interop doesn't get you the answers you want
pick a date and then you will get the
response, unless we have a concrete proposal in two weeks we'll be at the
same point
Chris
ACTION
proposal on interop
Kelvin,
Any other business?
Rich Levinson
item #6
based on saml profile updates need to
update the saml interop doc ...will do that this week
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]