Proposed Submission of OASIS WS-Security v1.1 to ITU

[jamie.clark@oasis-open.org]

To OASIS members, member announce lists:

OASIS has been asked, by the members listed below, to submit the following OASIS Standard to the International Telecommunications Union, Telecommunication Standardization Sector (ITU-T), Study Group 17 on Security: 

Web Services Security v1.1 [n1]

The OASIS Liaison Policy sets requirements for submissions of OASIS specifications to external standards organizations. [n2]  In the case of a work produced by a closed Technical Committee, 
OASIS rules require that five or more organizational members make this request.  The request is attached below;  it includes more detailed information on the proposed submission and its terms.

OASIS has determined that the request meets the policy's initial requirements.  Our  rules provide that any such request be posted to OASIS members for comment.   The member review starts today, 4 March 2010, and ends 3 April 2010.  This is an open invitation to members to comment. Under our Liaison Policy, OASIS will make a final determination to confirm the submission at the close of the review period.

More information about the specification, and the WS-Security TC who originated it, may be found at the public home page of the TC.  [n3]  Additional non-normative information about the proposed submission may also be posted to the [oasis-member-discuss] list, during the review period.  

Comments on this proposed submission should be send to oasis-member-discuss@lists.oasis-open.org.  That list is publicly archived [n4], and any OASIS member may subscribe. [n5]   A link to this notice is cross-posted to relevant OASIS announcement lists.

The submission request is appended below.

Respectfully,  JBC

~ James Bryce Clark
~ General Counsel, OASIS
~ http://www.oasis-open.org/who/staff.php#clark

[n1]  WS-Security v1.1 as approved: http://www.oasis-open.org/specs/index.php#wss 
[n2]  Liaison Policy:  http://www.oasis-open.org/committees/liaison_policy.php#submitwork   
[n3]  Archived TC pages:  http://www.oasis-open.org/committees/wss   
[n4]  List archive: http://lists.oasis-open.org/archives/oasis-member-discuss/  
[n5]  Comment lists & subscriptions: http://lists.oasis-open.org/archives/ 

--------
Proposed Submission Request terms
[The six questions are quoted from the OASIS Liaison Policy]

Specification to be submitted:  Web Services Security v1.1, as approved in February 2006.   See http://www.oasis-open.org/specs/index.php#wss

Q1.  The name(s) of the submission requester(s), that is, the TC, the Member Section, or the OASIS Organizational Members that support the submission request as described in section 1(d).

A1:  CA, IBM, Microsoft, Red Hat, SAP

Q2. The name of the intended receiving standards organization. The request may also suggest the committee or group in that organization which should process that submission.

A2:  ITU-T Study Group 17 on Security

Q3. The intended status or outcome that the request seeks from the receiving organization's process; and a short description of the receiving organization's approval process, including estimated time
required, stages of approval and who votes at each stage.

A3:  Final approval as an ITU Recommendation without change. Preservation of the content without alteration, except for non-technical, front-page-type matter.  It is anticipated that the submission will be transmitted to ITU-T SG17 and submitted for study group consent vote at their regular plenary in April 2010,  followed by an ITU member review & confirmation process that may conclude in late May.

Q4. An explanation of how the submission will benefit OASIS.

A4:  Increased visibility and implementation of the established standard, due to the positive sanction associated with the ITU process.

Q5. The expected licensing, copyright and other intellectual property terms that will be used by the receiving organization in regard to the submission.

A5:  Use of the OASIS standard and will continue to be is permitted under the terms of the OASIS IPR Policy. As before, our submission would call to the attention of ITU and potential users of its works
the existence of the disclosures and license statements made pursuant to the OASIS process (see http://www.oasis-open.org/committees/wss/ipr.php),  OASIS plans to contact parties listed there, to advise them of the submission and the possibility of further inquiry about availability from ITU-T.

Q6. A statement of the intended future plans for versioning and maintenance of the OASIS Standard and/or Approved Errata for that standard, and the expected roles of OASIS and the receiving
organization. This must include clear statements of the rules of the receiving organization applicable to maintenance of an approved submitted standard, and to future versions of that standard; any
requirements regarding the submission of future versions; and a description of how OASIS and the submission requesters expect to comply with those rules.

A6:  If the original submission is successfully approved, OASIS would enter into the usual commitments to share with ITU any material errata data, and submit back to ITU for re-transposition any future approved OASIS Standard versions or Approved Errata. As before, a condition of the OASIS submission would be the requirement that any changes to the established Specification be submitted through the OASIS TC process, in order to preserve the continuity of the work for the established base of implementers who rely on it. In this case, because the originating TC has completed its work, any such changes would be conditioned on the competent convening of a new OASIS TC, under all applicable OASIS rules, and the approval of that TC's work through the usual OASIS process.

(end of submission request)