OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [VER 2] OASIS WSS TC Minutes 2005-09-06 (with roll call)


OASIS WSS TC Minutes 2005-09-06

[VER 2]
1. Added roll call.

New Action Items

AI 2005-09-06-01 Ron and Abbie to post SAML interop proposal to TC
archive.

AI 2005-09-06-02 Ron to check if additional text is needed re TokenType.

AI 2005-09-06-03 Gudge/Vijay/Tony/Ron to propose revised text Issues 405
and 429.  This should also look at the following items from Issue 430:
>(2) line 1083, s/ValueType/TokenType/ as this an STR attribute
>(3) line 1088-1090, its not clear which element is linked to the
"ValueType" attribute.

AI 2005-09-06-04 Vijay to provide Editors with how Microsoft products
define the term "X.509 thumbprint extension".

AI 2005-09-06-05 Frederick/Paul to supply revised proposal for handling
of xml:id (Issue 334).

AI 2005-09-06-06 Vijay/Chris to start building an email that enumerates
all the public comments on WSS 1.1 and how they were processed.

AI 2005-09-06-07 Tony to check if the comments in Issue 432 were done or
not.  

Outstanding Action Items

AI 2005-08-23-04 Gudge will attempt to propose revised text for Issue
427.

1. Call to order/roll call

Attendance List
Maneesh	 Sahu		Actional Corporation
Gene		Thurston	AmberPoint
Hal		Lockhart	BEA Systems, Inc.
Denis		Pilipchuk	BEA Systems, Inc.
Corinna	Witt		BEA Systems, Inc.
Rich		Levinson	Computer Associates
Thomas	DeMartini	ContentGuard
Dana		Kaufman	Forum Systems, Inc.
Toshihiro	Nishimura	Fujitsu Limited
Kefeng	Chen		GeoTrust
Kojiro	Nakayama	Hitachi
Derek		Fu		IBM
Kelvin	Lawrence	IBM
Mike		McIntosh	IBM
Anthony	Nadalin	IBM
Ron		Williams	IBM
Don		Flinn		Individual
Kate		Cherry	Lockheed Martin
Paul		Cotton	Microsoft Corporation
Chris		Kaler		Microsoft Corporation
Frederick	Hirsch	Nokia Corporation
Abbie		Barbir	Nortel
Vamsi		Motukuru	Oracle Corporation
Prateek	Mishra	Oracle Corporation
Ben		Hammond	RSA Security
Rob		Philpott	RSA Security
Pete		Wenzel	SeeBeyond
Ronald	Monzillo	Sun Microsystems
Symon		Chang		TIBCO Software, Inc.
John		Weiland	US Dept of the Navy
Hans		Granqvist	VeriSign
John		Linn		RSA Security
Vijay		Gajjala	Microsoft Corporation
Martijn	de Boer	SAP

Status Changes
Regained voting status after today's meeting
Vijay		Gajjala	Microsoft Corporation
Martijn	de Boer	SAP

Lost voting status after today's meeting
Steve	Anderson	BMC Software

2. Reading/Approving minutes of last meeting (Aug 23rd) [1]
[1] http://lists.oasis-open.org/archives/wss/200508/msg00033.html

[VER 3] of the minutes were adopted unanimously.

3. OASIS European Adoption Forum (Jane Harnad from OASIS)
http://www.oasis-open.org/events/adoption_forum_2005/

Jane joined the meeting to encourage members to participate in the
Adoption Forum on Oct 17. This will be annual event. UDDI and eGov TC's
are meeting this year in conjunction with the Forum.

4. Review of actions from prior meeting

AI 2005-08-23-01 Gudge to send the material on RFC 4120 changes to
technical contacts from the TC's Kerberos interop to determine if they
are able to move to the new RFC.
DONE. See:
http://lists.oasis-open.org/archives/wss/200509/msg00029.html 

AI 2005-08-23-02 Corinna and Gudge to work with Editor's to propose
revised text for this editorial problem for Issue 405.
DONE. See:
http://lists.oasis-open.org/archives/wss/200509/msg00015.html 

AI 2005-08-23-03 Gudge to ask a professional cryptographic expert to
look at the contradiction in Issue 419 and make a recommendation to the
TC.
DONE. See:
http://lists.oasis-open.org/archives/wss/200509/msg00014.html 

AI 2005-08-23-04 Gudge will attempt to propose revised text for Issue
427.
Pending.

AI 2005-08-23-05 Gudge to mail revised text for Issue 429 to the TC.
DONE. See:
http://lists.oasis-open.org/archives/wss/200509/msg00015.html

AI 2005-08-23-06 Gudge/Vijay to send results of WSS 1.1 Core interop to
The TC and to highlight if there were any issues raised.
DONE. See:
http://lists.oasis-open.org/archives/wss/200509/msg00011.html

5. Issues list review
Issues list:
http://www.oasis-open.org/apps/org/workgroup/wss/download.php/14300/OASI
S%20Web%20Services%20Security%20Issues%20List%2075.htm

Issue 310 - Change status to Closed.

Issue 334 
xml:id proposal, Frederick
http://lists.oasis-open.org/archives/wss/200508/msg00047.html 
Paul's response:
http://lists.oasis-open.org/archives/wss/200509/msg00005.html
Paul's argues for making xml:id as an optional feature for receivers.
Tony's response
http://lists.oasis-open.org/archives/wss/200509/msg00028.html 
Tony argues for making xml:id as an optional feature for senders since
it is know not to work with inclusive C14N.

AI 2005-09-06-05 Frederick/Paul to supply revised proposal for handling
of xml:id (Issue 334).

Issue 334 remains Open.

Issue 338 - Remains open. Not on OASIS 1.1 critical path.

Issue 394 - Change status to Pending Review.
SAML interop proposal:
http://lists.oasis-open.org/archives/wss/200508/msg00042.html 
TC members should review this by the next meeting.

AI 2005-09-06-01 Ron and Abbie to post SAML interop proposal to TC
archive.

Issue 404 
AI 2005-08-23-01 Gudge to send the material on RFC 4120 changes to
technical contacts from the TC's Kerberos interop to determine if they
are able to move to the new RFC.
DONE. See:
http://lists.oasis-open.org/archives/wss/200509/msg00029.html
Tony's response:
http://lists.oasis-open.org/archives/wss/200509/msg00030.html 

No objection to adopt option 2 (add the URIs).

AI 2005-09-06-02 Ron to check if additional text is needed re TokenType.

Issue 405 and 429 
AI 2005-08-23-02 Corinna and Gudge to work with Editor's to propose
revised text for this editorial problem for Issue 405.
DONE. See:
http://lists.oasis-open.org/archives/wss/200509/msg00015.html

There was a lot of discussion of whether making the wsse11:TokenType
attribute mandatory would break backwards compatibility with WSS 1.0.
Corinna argued that there was no need for the backwards compatibility
since the feature being discussed was out of scope in WSS 1.0.  

Hal supported this by adding that Kerberos is part of WSS 1.1.  

Chris K believes that some shipping WSS 1.0 products in fact did use
this facility and he is reluctant to cause WSS 1.1 to be break those
shipping products.  

Ron expressed support for make wsse11:TokenType mandatory since he did
not think the backwards compatibility was important since it was only
dealing with ad hoc or out of scope behaviour.

An important case is a WSS 1.0 sender and a WSS 1.1 receiver. Some WSS
1.0 senders apparently were using this pattern in an ad hoc way and if
we make 
wsse11:TokenType attribute mandatory then we will cause the WSS 1.0
sender messages to break.

AI 2005-09-06-03 Gudge/Vijay/Tony/Ron to propose revised text Issues 405
and 429.  This should also look at the following items from Issue 430:
>(2) line 1083, s/ValueType/TokenType/ as this an STR attribute
>(3) line 1088-1090, its not clear which element is linked to the
"ValueType" attribute.

Issue remains Open.

Issue 406 - All sub-issues are resolved.
Change status to Pending Review 
SAML profile update:
http://www.oasis-open.org/apps/org/workgroup/wss/download.php/14295/wss-
v1.1-spec-draft-SAMLTokenProfile-06.pdf 

Issue 407 - Change status to Closed.

Issue 408 - Change status to Pending review.
Note to issues list Editor: Please add links to Tony's email indicating
which documents resolved these issues.

Issue 409 - Change status to Pending review.
Note to issues list Editor: Please add links to Tony's email indicating
which documents resolved these issues.

Issue 410 - Change status to Pending review.
Note to issues list Editor: Please add links to Tony's email indicating
which documents resolved these issues.

Issue 411 - Change status to Pending review.
Note to issues list Editor: Please add links to Tony's email indicating
which documents resolved these issues.

Issue 412 - Change status to Closed.

Issue 413, 414, 415, 416, 417 and 418 - Change status to Pending review.
Note to issues list Editor: Please add links to Tony's email indicating
which documents resolved these issues.

Issue 419 - Change status to Closed. No further changes required.
AI 2005-08-23-03 Gudge to ask a professional cryptographic expert to
look at the contradiction in Issue 419 and make a recommendation to the
TC.
DONE. See:
http://lists.oasis-open.org/archives/wss/200509/msg00014.html

Issue 420, 421, 422, 423, 424 and 426 - Change status to Pending review
Note to issues list Editor: Please add links to Tony's email indicating
which documents resolved these issues.

Issue 425 - Ron has proposed text on line 568+ in the Sep 5 SAML profile
document.  Change status to Pending review.

Issue 427 - Remains Open.
AI 2005-08-23-04 Gudge will attempt to propose revised text for Issue
427.
Pending. 

Issue 428 
Frederick asked for more time at the last meeting but has not yet done
anything.  Since there is no concrete proposal we will change status to
Closed.

Issue 430 - Remains Open.
http://lists.oasis-open.org/archives/wss/200509/msg00013.html 

Issue 431 - X.509
http://lists.oasis-open.org/archives/wss/200509/msg00013.html 

(1) lines 255, "X.509 thumbprint extension", rfc 2459 does not provide a
definition for this term. Is there a normative definition of this term
available?

So far no one has been able to find the definition of this.  

AI 2005-09-06-04 Vijay to provide Editors with how Microsoft products
define the term "X.509 thumbprint extension".

(2) [PKIPATH] reference is broken.

Editors to fix the reference.

Issue is changed to Pending.

Issue 432 - WSS Core 1.1 comments
http://lists.oasis-open.org/archives/wss-comment/200508/msg00021.html

This series of comments were missed in the last round.  

AI 2005-09-06-07 Tony to check if the comments in Issue 432 were done or
not.  

Since we believe they were done we change the status to Pending.

6. Public review status/outlook (review ends Sept 10th)

AI 2005-09-06-06 Vijay/Chris to start building an email that enumerates
all the public comments on WSS 1.1 and how they were processed.

Vijay asked that TC members should double check that their submitted
comments are in the Issue list.

Paul asked what will happen when the comments period ends and when we
have revised documents.  Hal pointed out that the scope of the second
review can be held to the changes made and the review period is about
two weeks.  Kelvin suggested the following plan (steps not necessarily
in the right order):
a) decide how substantive the changes to the documents are 
b) have fully updated documents available
c) vote on new CD documents
d) decide on whether a second (shorter) public review is required on the
new CD's
e) compose and send a summary email to TC staff on results of public
review 

7. Final 1.1 interop status
http://lists.oasis-open.org/archives/wss/200509/msg00011.html 
See Prateek's response:
http://lists.oasis-open.org/archives/wss/200509/msg00035.html

Prateek's pushback should be added to the Issues list for future
processing.

8. One Time Password proposal [2]
[2] http://lists.oasis-open.org/archives/wss/200508/msg00026.html
Status: There was no time to discuss this and Kelvin indicated that he
would put this item earlier on the Sept 20 agenda.

9. WS-Addressing Last Call feedback invite [3]
[3] http://lists.oasis-open.org/archives/wss/200508/msg00039.html

Noted.

10. Other business

None.

11. Adjournment

The meeting adjourned at 12noon EDT.



Paul Cotton, Microsoft Canada 
17 Eleanor Drive, Nepean, Ontario K2E 6A3 
Tel: (613) 225-5445 Fax: (425) 936-7329 
mailto:pcotton@microsoft.com

---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in
OASIS
at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]