OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

dss-x message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Draft Minutes from DSS-X TC Concall - November 12, 2007

topic: Welcome by chair (Stefan Drees)

topic: Confirmation of minutes taker

Minutes by Hal

3. Roll call

Voting Members: 8 of 11 (72%)

Meeting Attendees

Voting Members

Clemens Orthacker 	A-SIT, Zentrum fur sichere Informationstec...
Konrad Lanz 		Austria Federal Chancellery
Hal Lockhart 		BEA Systems, Inc.
Marta Cruellas 		CATCert-Agencia Catalana de Certificacio
Juan Cruellas 		Centre d'aplicacions avanades d'Internet ...
Tommy Lindberg	 	Dajeil Ltd.
Stefan Drees	 	Individual
Andreas Kuehne	 	Individual


Eric Lengvenis 		Wells Fargo
Pete Palmer 		Wells Fargo

 topic: approval of agenda

 no changes

 topic: approval of minutes

 minutes of conf call of 2007-10-15 approved

 minutes of conf call of 2007-10-29 approved

 topic: actions review

 action #41

 Juan Carlos sent email saying profiles are orthagonal

Konrad Lanz: jcc do you have a link to your mail?

 action #41 remains open

Juan Carlos Cruellas: 


Konrad Lanz: thx

 ACTION #0039

Juan Carlos Cruellas: 


Juan Carlos Cruellas: 


 action #39 remains open

 action #38

Konrad Lanz:

 action #38 is closed

 acton #37

Konrad Lanz: link to presentation ...

 action #37 closed

 action #36

 action #36 closed

 action #35

 action #35 closed

 action #19

 action #19 closed

 action #14

Konrad Lanz: @jcc re #37 is this the presentation: 


 action #14 remains open

 topic: Encryption profile

 Clemens: there is a discussion of whether to include signature
capabilities in encryption 


 ... I agree with this

 ... we should permit encryption-only implementations

 konrad: should allow dss protocol to include optional commands for

 jcc: we would have both enc profile and protocol?

 clemns: yes

 Tommy: there are benefits of combining enc and sign 

Konrad Lanz: konrad: ... and as stand alone profile

 tommy: should take account of existing frameworks, such as JSR 106

 resolution: continue work and no charter change is required

 I am interested in applicability to WS-Security

 topic: ebXML profile

 action - chairs to contact Nick to find out plan for making progress on

 topic: Individual verification reports profile

 jcc: question whether to have 2 profiles

sdrees: 07-11-12-01 contact Nick to find out plan for making progress on
ebXML profile is 

ACTION #0043

 1. define container to hold results of one signature verification

 2. provide all details on verification of a signature

 I suggest one profile with two conformance levels

 konrad: start with one profile and split if necessary

 marta: agree with having 2 conformance levels

 resolution: agreed to work on one profile with multiple conformance

 action on chairs to inform Detlef of resolution

sdrees: 07-11-12-02 send an email to detlef that the tc agreed to work
on one profile with 

multiple conformance levels is ACTION #0044

 topic: Visible signature profile

 Konrad: Uri suggests both approaches are valid, important, different,
and independent in mail 

to Konrad and Juan Carlos and to move his proposal to a seperate profile
called interoperable 

electronic document signatures

 ... I suggest we defer discussion until Uri is present

 jcc: do we have a requirements doc for visible signatures?

 konrad: need to produce one

 ... first need to agree on general direction

 action - Konrad to pursue this with Uri

sdrees: 07-11-12-03 mail to the list on requirements of visible
signature profile is ACTION 


sdrees: Stefan Drees* 2007-11-12 17:56 GMT
there may be pdf signatures that are not visible signatures, that may
separate requirements 

into two sets.

 topic: Signed Verification Response profile

 marta: the main usecase is to prove at a later point that the server
verified the signature

 ... Andreas proposed an additional usecase

 ... propose to continue discussion on list

 ... suggested an additional profile to verify purpose of signature in
jurisdiction in addition 

to crypto verification

 ... previously posted something similar about SAML

 jcc: would these features be complementary?

 marta: this is very specific operation not generally applicable

 jcc: suggest producing initial draft document

 marta: does req doc have to just contain functional reqs or also
technical reqs, such as which 

sig formats most appropriate?

 jcc: suggest you include all, can get feedback

 topic: Signature Policy profile

 no other profile issues

 no maintenance issues

 wiki is ok

Konrad Lanz: andreas:uploaded certificates to wiki

 Andreas has uploaded material to wiki

 next meeting Nov 26


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]