Re: [oasis-member-discuss] RESEND - Re: [oasis-member-discuss] Proposed Submission of OASIS WS-Security v1.1 to ITU

["Mason, Howard (UK)" <Howard.Mason@baesystems.com>]

The only counter argument might be the free-of-charge availability of ITU specs, but I assume that the OASIS document will also be updated to align with the eventual JTC1 version and will also retain free availability. 

Howard Mason (via Blackberry)
Corporate IT Office
Tel: +44 1252 383129
Mob: +44 780 171 3340
Eml: howard.mason@baesystems.com

BAE Systems plc
Registered Office: 6 Carlton Gardens, London, SW1Y 5AD, UK
Registered in England & Wales No: 1470151

----- Original Message -----
From: Jeff Mischkinsky <jeff.mischkinsky@oracle.com>
To: Jamie Clark <jamie.clark@oasis-open.org>; oasis-member-discuss@lists.oasis-open.org <oasis-member-discuss@lists.oasis-open.org>
Cc: Paul C Lipton <paul.lipton@ca.com>; Hiroshi Yoshida <hyoshida@jp.fujitsu.com>; Joel J. Fleck <joel.fleck@hp.com>; Kelvin Lawrence <klawrenc@us.ibm.com>; Paul Cotton <Paul.Cotton@microsoft.com>; Jeff Mischkinsky <jeff.mischkinsky@oracle.com>; Mark Little <mlittle@redhat.com>; Claus von Riegen <claus.von.riegen@sap.com>; Blake Dournaee <Blake.Dournaee@intel.com>
Sent: Fri Apr 02 01:24:30 2010
Subject: [oasis-member-discuss] RESEND - Re: [oasis-member-discuss] Proposed Submission of OASIS WS-Security v1.1 to ITU


                    *** WARNING ***

  This message has originated outside your organisation,
  either from an external partner or the Global Internet. 
      Keep this in mind if you answer this message.


[ sorry, i hit the send before finishing the signatures, left off  
Intel ]
We, the undersigned, strongly support the submission of WS-Security  
1.1 for de-jure standardization. We note that WS-I previously  
submitted several of its profiles (the WS-Basic Profiles) to JTC 1 via  
the JTC 1 PAS Transposition Process. These profiles have now been  
adopted as ISO/IEC International Standards.

We believe that the Web Services community will be best served if the  
OASIS Web Services specifications are submitted in a way that they can  
be reviewed and processed consistently in the same de-jure  
organization; in particular, we believe that an organization directly  
focused on web services, and which can appropriately work with other  
domain/topic-specific groups, is the most appropriate approach.  We  
see advantages in submitting them to either ITU-T SG17 (because of the  
telecommunication security and identity management concerns) or JTC 1  
SC 38 (because of the web services focus), but believe that WS- 
Security 1.1 should be submitted to JTC 1, and as decisions are  
reached to submit further OASIS Web Services specifications, JTC 1 SC  
38 should continue to be the recipient.

OASIS has successfully submitted other OASIS Standards to JTC 1 using  
the PAS Transposition Process while retaining technical ownership of  
their evolution. This need not preclude collaboration with ITU-T to  
make WS-Security a component of security standards suite.

We note that the OASIS Liaison policy (http://www.oasis-open.org/committees/liaison_policy.php 
) contains an option that the "OASIS President may approve the request  
with changes to the proposed submission method, schedule or designated  
receiving organization".
[See section 3.4, "Policy for submitting OASIS Standards for adoption  
by other organizations"]

We would like to respectfully request that the submission request be  
approved and that the receiving organization be JTC 1.

Once JTC 1 receives the submission request from OASIS, it should be  
able to start the PAS Transposition Process (which includes a 6-month  
ISO/IEC national body letter ballot) within a few weeks.

We also recommend that JTC 1 assign administrative responsibility for  
this PAS Transposition to the newly created JTC 1 SC 38(Distributed  
Application Platforms and Services - DAPS).
  [See  http://www.iso.org/iso/standards_development/technical_committees/other_bodies/iso_technical_committee.htm?commid=601355 
]

Sincerely,

       Paul Lipton, CA                  (paul.lipton@ca.com)
       Hiroshi Yoshida, Fujitsu Limited (hyoshida@jp.fujitsu.com)
       Joel Fleck, HP                   (joel.fleck@hp.com)
       Blake Dournaee, Intel            (Blake.Dournaee@intel.com)
       Kelvin Lawrence, IBM             (klawrence@us.ibm.com)
       Paul Cotton, MS                  (paul.cotton@microsoft.com)
       Jeff Mischkinsky, Oracle         (jeff.mischkinsky@oracle.com)
       Mark Little, Red Hat             (mlittle@redhat.com)
       Claus Von Riegen, SAP            (claus.von.riegen@sap.com)

On Mar 04, 2010, at 6:13 PM, jamie.clark@oasis-open.org wrote:

> To OASIS members, member announce lists:
>
> OASIS has been asked, by the members listed below, to submit the  
> following OASIS Standard to the International Telecommunications  
> Union, Telecommunication Standardization Sector (ITU-T), Study Group  
> 17 on Security:
>
> Web Services Security v1.1 [n1]
>
> The OASIS Liaison Policy sets requirements for submissions of OASIS  
> specifications to external standards organizations. [n2]  In the  
> case of a work produced by a closed Technical Committee,
> OASIS rules require that five or more organizational members make  
> this request.  The request is attached below;  it includes more  
> detailed information on the proposed submission and its terms.
>
> OASIS has determined that the request meets the policy's initial  
> requirements.  Our  rules provide that any such request be posted to  
> OASIS members for comment.   The member review starts today, 4 March  
> 2010, and ends 3 April 2010.  This is an open invitation to members  
> to comment. Under our Liaison Policy, OASIS will make a final  
> determination to confirm the submission at the close of the review  
> period.
>
> More information about the specification, and the WS-Security TC who  
> originated it, may be found at the public home page of the TC.   
> [n3]  Additional non-normative information about the proposed  
> submission may also be posted to the [oasis-member-discuss] list,  
> during the review period.
>
> Comments on this proposed submission should be send to oasis-member-discuss@lists.oasis-open.org 
> .  That list is publicly archived [n4], and any OASIS member may  
> subscribe. [n5]   A link to this notice is cross-posted to relevant  
> OASIS announcement lists.
>
> The submission request is appended below.
>
> Respectfully,  JBC
>
> ~ James Bryce Clark
> ~ General Counsel, OASIS
> ~ http://www.oasis-open.org/who/staff.php#clark
>
> [n1]  WS-Security v1.1 as approved: http://www.oasis-open.org/specs/index.php#wss
> [n2]  Liaison Policy:  http://www.oasis-open.org/committees/liaison_policy.php#submitwork
> [n3]  Archived TC pages:  http://www.oasis-open.org/committees/wss
> [n4]  List archive: http://lists.oasis-open.org/archives/oasis-member-discuss/
> [n5]  Comment lists & subscriptions: http://lists.oasis-open.org/archives/
>
> --------
> Proposed Submission Request terms
> [The six questions are quoted from the OASIS Liaison Policy]
>
> Specification to be submitted:  Web Services Security v1.1, as  
> approved in February 2006.   See http://www.oasis-open.org/specs/index.php#wss
>
> Q1.  The name(s) of the submission requester(s), that is, the TC,  
> the Member Section, or the OASIS Organizational Members that support  
> the submission request as described in section 1(d).
>
> A1:  CA, IBM, Microsoft, Red Hat, SAP
>
> Q2. The name of the intended receiving standards organization. The  
> request may also suggest the committee or group in that organization  
> which should process that submission.
>
> A2:  ITU-T Study Group 17 on Security
>
> Q3. The intended status or outcome that the request seeks from the  
> receiving organization's process; and a short description of the  
> receiving organization's approval process, including estimated time
> required, stages of approval and who votes at each stage.
>
> A3:  Final approval as an ITU Recommendation without change.  
> Preservation of the content without alteration, except for non- 
> technical, front-page-type matter.  It is anticipated that the  
> submission will be transmitted to ITU-T SG17 and submitted for study  
> group consent vote at their regular plenary in April 2010,  followed  
> by an ITU member review & confirmation process that may conclude in  
> late May.
>
> Q4. An explanation of how the submission will benefit OASIS.
>
> A4:  Increased visibility and implementation of the established  
> standard, due to the positive sanction associated with the ITU  
> process.
>
> Q5. The expected licensing, copyright and other intellectual  
> property terms that will be used by the receiving organization in  
> regard to the submission.
>
> A5:  Use of the OASIS standard and will continue to be is permitted  
> under the terms of the OASIS IPR Policy. As before, our submission  
> would call to the attention of ITU and potential users of its works
> the existence of the disclosures and license statements made  
> pursuant to the OASIS process (see http://www.oasis-open.org/committees/wss/ipr.php) 
> ,  OASIS plans to contact parties listed there, to advise them of  
> the submission and the possibility of further inquiry about  
> availability from ITU-T.
>
> Q6. A statement of the intended future plans for versioning and  
> maintenance of the OASIS Standard and/or Approved Errata for that  
> standard, and the expected roles of OASIS and the receiving
> organization. This must include clear statements of the rules of the  
> receiving organization applicable to maintenance of an approved  
> submitted standard, and to future versions of that standard; any
> requirements regarding the submission of future versions; and a  
> description of how OASIS and the submission requesters expect to  
> comply with those rules.
>
> A6:  If the original submission is successfully approved, OASIS  
> would enter into the usual commitments to share with ITU any  
> material errata data, and submit back to ITU for re-transposition  
> any future approved OASIS Standard versions or Approved Errata. As  
> before, a condition of the OASIS submission would be the requirement  
> that any changes to the established Specification be submitted  
> through the OASIS TC process, in order to preserve the continuity of  
> the work for the established base of implementers who rely on it. In  
> this case, because the originating TC has completed its work, any  
> such changes would be conditioned on the competent convening of a  
> new OASIS TC, under all applicable OASIS rules, and the approval of  
> that TC's work through the usual OASIS process.
>
> (end of submission request)

--
Jeff Mischkinsky			          		jeff.mischkinsky@oracle.com
Sr. Director, Oracle Fusion Middleware 				+1(650)506-1975
	and Web Services Standards           			500 Oracle Parkway, M/S 2OP9
Oracle								Redwood Shores, CA 94065










---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 



********************************************************************
This email and any attachments are confidential to the intended
recipient and may also be privileged. If you are not the intended
recipient please delete it from your system and notify the sender.
You should not copy it or use it for any purpose nor disclose or
distribute its contents to any other person.
********************************************************************