Re: [ekmi] Reminder about postponement of next week's meeting(IOGFeedback)

[Arshad Noor <arshad.noor@strongauth.com>]

The more clarity we can provide to implementers, the easier
adoption becomes for them.  I would concur on adding details
on a couple of use-cases; we can decide later where it fits
into the IOG.

WRT the crypto protocols for the transfer of symmetric keys,
since an assumption in the SKSML is that it would leverage
other standards such as XML Encryption and XML Signature
(which are implemented in OASIS' Web Services Security layer),
I felt that the specification of the crypto protocols could
be relegated to those standards.

We could reference those standards and mention them in our
document, but would defer to those standards for conformance;
do you agree?

Arshad Noor
StrongAuth, Inc.

Anil Saldhana wrote:
> The use cases document will be a valuable addition to the IOG document 
> in my opinion.  The use cases document in the current form describes the 
> applicability of SKMS without any specifics. I wonder if explanation of 
> maybe 2 use cases with specifics of SKMS/protocols/messages etc may be 
> of value in the IOG.  Or IOG is not supposed to have any details?
> 
> Another aspect that may have value is the select subset of crypt 
> protocols(that are commonly used in practice) for transport of the keys 
> that SKMS will prescribe and  appropriately provide references to their 
> description. I guess the resource section will cover this.
> 
> Arshad Noor wrote:
> 
>> I would agree, Anil.
>>
>> There is a document that does describe some use-cases, Anil:
>>
>> http://www.oasis-open.org/committees/download.php/22700/SKSML-UseCases-11.pdf 
>>
>>
>> This can, potentially, be incorporated into the Implementation and
>> Operations Guidelines (IOG) document.  Have you had a chance to
>> review this?
>>
>> Arshad Noor
>> StrongAuth, Inc.
>>
>> Anil Saldhana wrote:
>>
>>> Arshad,
>>>  looking at the TOC, I suggest adding a section for use 
>>> cases/profiles at the end. People using the specification would very 
>>> much benefit with some real-life examples of the specication. This 
>>> may be useful for specific verticals like health care, finance etc.
>>>
>>> Just a thought.
>>>
>>> Regards,
>>> Anil
>>>
>>> Arshad Noor wrote:
>>>
>>>> Just a reminder that I had mentioned in the minutes a few weeks
>>>> ago that next week's EKMI-TC con-call will clash with the OASIS
>>>> Symposium and that the TC will meet on Tuesday April 24th at
>>>> 9:00am PDT instead for this month.  We will go back to the
>>>> regular schedule of third Tuesday at 9:00am PDT in May '07.
>>>>
>>>> If you haven't had a chance, please review the DRAFT SKSML
>>>> documents uploaded a few weeks ago, as well as the proposed
>>>> "Table of Contents" for the EKMI Implementation & Operations
>>>> Guidelines document to be produced by the TC.  Your comments
>>>> and feedback are essential to the clarity of the message that
>>>> the TC will produce in these areas.
>>>>
>>>> Regards,
>>>>
>>>> Arshad Noor
>>>> StrongAuth, Inc.
>>>
>>>
>>
>