[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [security-jc] Security Forum program semi-final program
Darran Rolls wrote: > It does make sense if the focus is on explaining WS-Security only. My > understanding was the program addressed security standards initiatives > within OASIS and W3C, how they fit together and inter-relate. If the > focus has shifted to one of explaining these relationships relative to > WS-Security alone, I agree with the analysis. I agree, too. And I think that Hal's comment on the primary importance of the OASIS/W3C relationship is key. That goal has been met. We can declare victory. But the event focus must no longer be on OASIS security standards, how they all fit together, the overlaps and the disconnects. That's fine. But I think that this turn of focus diminishes the events relevance as an SJC topic. Seems to me that it is now more appropriately a WSS topic, or perhaps it belongs in the TAB or someplace else. I see nothing much here for the SJC to do. > > > I know this is effort has a short window. I also understand > that we can't do everything in a single day. I do however feel rather strongly that if this event represents a discussion model for "security standards", it should at least include a complete list of those standards with a short description or each (if nothing else). Hmmm. I don't know. I can see the benefit of the exposure. But there's no one on the program that I would want to rely on to speak accurately about the security technology XCBF is using. It may be a blessing for XCBF to be omitted. > > > > As a secondary assessment from this decision, should the SJC consider > directing all OASIS security initiatives to explain their relevance to > and relationship with WS-Security (not incidentally a bad thing)? > That's the rub Darran. The SJC doesn't direct or dictate. Thankfully, it has no power to do so. But the SJC does have the power to foster cooperation. And I do agree that it could be beneficial for someone to collect such information. It could be the SJC I guess. But I'd rather see a pull from the WSS here than a push from the SJC. Perhaps the SJC could just suggest to the WSS TC that they might want to ask the other TCs this question and possibly to consider in their plans what the other TCs believe are their interests in this area. Doing this might lead to some illumination, foster a sense of cooperation between the TCs, change perspectives and lead to greater buy in for the WSS work. Constructive engagement is the ticket. (Writing this just made me recall the Bob Silverman joke on an old adage, "You can lead an ass to knowledge, but you can't make him think." :-) Phil > > -------------------------------------------------------- > > Darran Rolls http://www.waveset.com > > Waveset Technologies Inc drolls@waveset.com > > (512) 657 8360 > > -------------------------------------------------------- > > > > -----Original Message----- > From: Hal Lockhart [mailto:hal.lockhart@entegrity.com] > Sent: Friday, July 19, 2002 8:32 AM > To: Darran Rolls; Karl F. Best; tab; security-jc@lists.oasis-open.org > Subject: RE: [security-jc] Security Forum program semi-final program > > > > Since the focus was on WS-Security specifically and the time on the > program, I suggested that we not address SPML. I think it is unlikely > that WS-Security will deal with provisioning in the near term. > > Hal > > > -----Original Message----- > > From: Darran Rolls [mailto:Darran.Rolls@waveset.com] > > Sent: Thursday, July 18, 2002 4:10 PM > > To: Karl F. Best; tab; security-jc@lists.oasis-open.org > > Subject: RE: [security-jc] Security Forum program semi-final program > > > > > > Karl > > > > Is there a reason why SPML is not on the security standards overview? > > Does the forum panel not consider life-cycle management of the > > underlying identity important to the proposed security stack? > > > > -------------------------------------------------------- > > Darran Rolls http://www.waveset.com > > Waveset Technologies Inc drolls@waveset.com > > (512) 657 8360 > > -------------------------------------------------------- > > > > > > > -----Original Message----- > > > From: Karl F. Best [mailto:karl.best@oasis-open.org] > > > Sent: Thursday, July 18, 2002 11:07 AM > > > To: tab; security-jc@lists.oasis-open.org > > > Subject: [security-jc] Security Forum program semi-final program > > > > > > FYI - the forum program. Speaker names to be filled in as they are > > > confirmed. This should be posted on the web (OASIS and/or conference > > > web site) by tomorrow. Press releases etc. on the way. > > > > > > </karl> > > > ================================================================= > > > Karl F. Best > > > OASIS - Director, Technical Operations > > > +1 978.667.5115 x206 > > > karl.best@oasis-open.org http://www.oasis-open.org > > > > > > > > > > > > Forum on Security Standards for Web Services > > > -------------------------------------------- > > > [insert abstract here] > > > > > > program chairs: Karl Best, OASIS; and Janet Daly, W3C > > > > > > 9:00-9:30 Welcome by program chairs and by OASIS and W3C management > > > > > > 9:30-10:15 Technical plenary. Why are security standards > > necessary for > > > web services. How do the pieces fit together? > > > Phillip Hallam-Baker, Verisign > > > > > > 10:15-10:30 break > > > > > > 10:30-12:30 Use cases and requirements. Presentations from various > > > industries who use security standards for web services. > > > Speakers TBA. > > > > > > 12:30-1:30 lunch > > > > > > 1:30-3:30 Overview of the security standards. > > > > > > - XML Digital Signature, XML Encrytion: Joseph Reagle, W3C > > > - WS Security: speaker TBD > > > - SAML: speaker TBD > > > - IETF SSL, BEEP, FASL, Kerberos: speaker TBD > > > - XKMS: Philip Hallam-Baker, Verisign > > > - XACML, Rights Language: Hal Lockhart, Entegrity > > > > > > 3:30-3:45 break > > > > > > 3:45-4:30 Expert panel. A response to the use cases/requirements and > > > the specifications. Do they match? What's missing? > > > > > > chair and speakers TBD > > > > > > 4:30-5:00 Audience reaction/feedback > > > > > > 5:00-5:30 Wrapup by panel and closing statements from conference > > > sponsors. > > > > > > > > > > > > ---------------------------------------------------------------- > > > To subscribe or unsubscribe from this elist use the subscription > > > manager: <http://lists.oasis-open.org/ob/adm.pl> > > > > ---------------------------------------------------------------- > > To subscribe or unsubscribe from this elist use the subscription > > manager: <http://lists.oasis-open.org/ob/adm.pl> > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC