RE: [security-jc] Security JC Charter - with Joe's edits

[Hal Lockhart <hal.lockhart@entegrity.com>]

Title: Message

Joe's changes are fine with me (subject to the X9 correction). In spite of what was said on the call, his changes include the sentence I wanted from the TC Process:

 

        A TC shall have no obligation to abide by any decision arrived at in the Security JC.

 

therefore I consider my action item to be satisfied. Does anyone disagree?

 

Hal

 

-----Original Message-----
From: PATO,JOE (HP-PaloAlto,ex1) [mailto:joe_pato@hp.com]
Sent: Thursday, September 19, 2002 12:54 PM
To: 'security-jc@lists.oasis-open.org'
Subject: [security-jc] Security JC Charter - with Joe's edits

Security Joint Committee Charter

The purpose of the Security JC is to coordinate the technical activities of multiple security related TCs, is advisory only, and has no deliverables. A TC shall have no obligation to abide by any decision arrived at in the Security JC. The business of the Security JC  shall be imparted to a member TC through reports from the chair of its liaison subcommittee. Such reports shall have the same force and shall be made, received, and acted upon in the same manner as reports from any other subcommittee of the TC.[1]

The business of the Security JC will be:

To promote the use of consistent terms

 ·        Through consultation with, and the participation of member TC's, to encourage new and developing TC's to use consistent security terms and definitions in specification documentation.

 To promote re-use

 ·        To provide the definition and identification of re-usable security related specification elements.  Security related specification elements are defined as (but are not limited to) object models, use cases, extensible XML elements, cryptographic processes and deployment profiles.

 To champion an OASIS security standards model

 ·        To champion the creation of a reference model that shows how OASIS security TC specifications are inter-related.  This reference model shall define how OASIS security related specifications "fit together" and relate to other security relevant works at W3C, IETF, WS-I, X.509 etc.

 To provide consistent PR

 ·        To provide a single point of contact for addressing security related enquiries at OASIS and in doing so to help organize and coordinate security related comment and PR from OASIS.

 To promote mutuality, operational independence & ethics

 ·        The SJC will foster and maintain respect among OASIS security TCs and for them in the security community at large. The SJC will maintain a vendor neutral and vendor agnostic view in its support for diverse security technologies.

·        The SJC will promote public safeguards and believes that security technologies should be used solely for legal, ethical, and nondiscriminatory purposes. The joint committee is committed to the highest standards of systems integrity and data security in order to deter identity theft, protect personal privacy, and ensure equal rights in all security applications.

[1] This language is derived from the OASIS TECHNICAL COMMITTEE PROCESS Section 1, Clause (o). The text is reproduced here to set context for this charter. Where there may be substantive differences, the OASIS TECHNICAL COMMITTEE PROCESS document is definitive and will govern.

 

Joe Pato Principal Scientist Trust, Security & Privacy Trusted Systems Lab - HP Labs <mailto:joe.pato@hp.com> <http://www.hpl.hp.com/personal/Joe_Pato> <http://www.hp.com/security>

Hewlett Packard Labs 1 Cambridge Center, 11th Floor Cambridge, MA   02142 Phone: (617) 551-7648 HP Telnet: (650) 857-2774 Fax 1: (617) 551-7650 Fax 2: (781) 674-0142