[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Draft minutes 2 Nov 2004
Draft Minutes for 2 Nov 2004 WSS call Minutes taken by Frederick Hirsch Draft 1 Call Date: Tuesday, 02 November 2004 Time: 07:00am - 09:00am Pacific Time Our thanks to Lockheed Martin for sponsoring this call Agenda: 1. Call to order, roll call Quorum reached. 2. Reading/approving minutes of last meeting (19th October 2004) http://www.oasis-open.org/archives/wss/200410/msg00066.html Reposted with attendance list. Minutes approved without objection. * Tony Updates on 1.1 proposals/edits, issue list review Errata status - all further updates to 1.1, not errata. Errata complete today. 282 - updated in 1.1 document, 298 - made change in 1.1 in section 7.1 to clarify Hal's text 309 - did not see issue in core, need clarification on this, need pointer to exact problem 84 - review text - cases where transform is not needed, do not want to require use of transform always. 103 - updated in 1.1 310 - updated in 1.1 315 - changed in 1.1 Kelvin - Is 1.1 doc posted? Tony - Not yet, will post soon. Will be merged with VJ's changes. Tony requests clarification on 309. Hal offers to provide clarification on issue 309. Hal will review 84. 3. Standard submission status Announcement went out for standardization for two profiles. Karl is leaving OASIS end of this week, Mary McCrae is new staff contact. 4. Errata status Discussed in Tony update. 5. Other document status (SwA, Kerberos, 1.1 proposals/edits) Frederick - SwA profile 13 draft out last week, minor changes. Please give feedback http://www.oasis-open.org/archives/wss/200410/msg00068.html VJ Resolution text for issues 317, 318, 319 rolled into 1.1, already posted, Tony incorporating in newest 1.1 draft Kerberos interop will be handled by Gudge, please send comments on scenarios document. Ron - where are updates for each issue? VJ - each is marked Ron - which change bar for which issue VJ - should be clear, issues are distinct 6. Issue list review Issue list Number 52, http://www.oasis-open.org/apps/org/workgroup/wss/download.php/9897/wss-i ssues-52.htm 84 - Hal/Tony to follow up 250 - Ron sent email: http://www.oasis-open.org/archives/wss/200411/msg00005.html Proposal: Two different attributes - one to type token, other for type reference. Also change name of ValueType Please review before next meeting 263 - still open - Gudge action item 271 - Looking for someone to follow-up on this issue Hal can encode domain in username, even though not standard. To do completely would be difficult Ron asks if member of Wells-Fargo in TC? Kelvin - No Marked as closed, not that username can include other attributes if needed. 282, 298, - Tony updated, leave marked as pending, people should review update when Tony sends update to list 309 - Tony needs help finding issue in core. Token profile editors should review other token profiles to determine if any action is required. 310 - pending, VJ sent out, needs review and feedback Ron - should this issue be on X.509 token profile VJ - we had discussed having this in core as a general mechanism 315 - Tony updated, pending, needs review and feedback 317 - open Hal - leave open, sent email regarding this. http://www.oasis-open.org/archives/wss/200410/msg00069.html Requires further discussion on list AI - Hal and VJ to discuss and propose text 318, 319 - pending, VJ sent out, needs review and feedback 330 - leave pending, editorial changes to be incorporated by editors 331, 332 - open, assign to editors (Tony) 333 closed Resolved in both scenarios and SwA profile. 334 open, Ron to propose text before next WSS call (16 Nov) Ron sent message - http://www.oasis-open.org/archives/wss/200411/msg00003.html Proposal is to anticipate SAML 2.0 attribute by adding another AssertionID, which has different namespace. Should add both for SAML 1.1 and SAML 2.0. Ron - proposed as errata for 1.1 Paul - ok with that, but not earlier Already agreed to add 1.1 attribute, now deciding whether to add 2.0 as well. Ron draft specific text to enable vote on this. 336 - closed Frederick - Changed in draft 13 of SwA profile. 337 - closed Addressed in scenarios document 338 - open WSS Templates proposal Hal - define set of specific message exchanges to be reviewed for security issues. Would like TC to accept this as work item Frederick - is this a charter change Hal - completely consistent, yet charter lists deliverables, so might need to change list of deliverables for charter. Paul Cotton - looked at minutes of first F2F, made list of other possible deliverables, decided on concrete deliverables for TC, amended charter, charter specifies only normative deliverables, others were postponed. Not clear whether this requires charter change, but perhaps intent was to limit charter to normative deliverables Hal - this proposed work is non-normative Paul - question about adding work to work plan until other work is done, concern about slowing 1.1 work impacting WS-I Basic Security Profile work. Additional issue of transition to new IPR policy, prefer completion of technical work before transition. Not in scope of charter right now, concerned about IPR. Kelvin - decision of TC, yet need to determine priorities, including profiles to complete Hal - not sure what is holding up Minimalist profile. Kerberos and SwA are almost done, in interop. Concerned about risks regarding insecure applications. Ron - do this in context of existing profiles, which describe their vulnerabilities already, are we already doing this? Frederick - questions similarity to WS-I Basic Security Profile scenarios document Hal - related but does not profile detailed templates for message content, more detailed level of detail. Have produced draft. Don Flynn - Sounds like non-normative primer. Hal - template should only work on completed work, but yes resourcing might be an issue. Don - should be separate document, not hold up other work. Hal - looking for resolution whether it should be done in this TC John Weiland - ebXML is doing something similar? Hal - less specific, and more high level. Could be good source of requirements Ron - Why profiling efforts that are already occurring isn't useful Hal - concern is that engineers don't have enough guidance Ron - asked whether BSP profiles completed Hal - WS-I focus has been on interoperability Ron - questions whether profiles are template activity or need for independent activity Don - possible interactions among profiles Hal - clarify WSS Profiles and WS-I basic security profile (BSP) Ron - thought BSP was mapping security to exchange pattern Frederick - WS-I security scenarios document Hal - not as much detail, not on current WS-I BSP plan. Hal - propose we discuss on next WSS call Issue still open, TC members need to review and discuss with colleagues, need to decide at later meeting Paul - Microsoft will need more than 2 weeks Frederick - agree that time is needed for review Kelvin - Hal will work on it, answer questions Hal - any objection to Hal continuing work, posting material to list Paul - no objection Kelvin - using list for discussion is ok, as long as consistent with IPR policy 339 - open, http://lists.oasis-open.org/archives/wss/200410/msg00067.html Proposal to add pkipath reference for X.509 token profile 1.1, not an errata item. URL and copy of document to create reference were provided in email. Action item on editors to update X.509 token profile. 7. SwA interop summary Blake - 4 participants, Actional, Sun, IBM, Oracle participated. 4 scenarios, interop for 1st three, last scenarios added later so not everyone could implement. Send summary to list: Sent issues list: http://www.oasis-open.org/archives/wss/200411/msg00004.html Frederick - Action item to send mail listing issues and impact related to SwA profile. Maneesh from Actional noted some issues, Action item to post to list these issues 8. Interop planning status (SwA2, Kerberos) SwA2 - Scheduled for 15 Nov for second interop Gudge - Scenarios document to list, please post comments and corrections to list. Gudge is running interop. 9. Other business None 10. Adjournment
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]