OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] DS-1-10 remains unresolved (wrt:AuthenticationMethods and ConfirmationMethods)

Minutes for Telecon, Tuesday 19 Mar 2002
http://lists.oasis-open.org/archives/security-services/200203/msg00137.html


> - Hal to lead thru all red issues
>     - DS-1-10 SubjectConfirmation Descriptions
>         - Hal had proposed a resolution, and can create specific text
>         - Irving: can they be removed from core and left to profiles?
>         - Jeff: DS-1-13 are intertwined
>         - Hal: they could be dealt with separately
>         - general agreement (among those on call) that SubjectConf &
>           AuthNMethod are distinct
>         - Phill was primary dissenter, but is not currently on call
>         - general agreement that lack of resolution would
                                                           ^^^^^^^^^^^^^^
                                              [note incomplete sentence!]

My & Joe's recollection was that the final line should be concluded with
"...lack of resoultion would cause folks to ~not~ vote to approve the spec
set." 

We didn't vote to include a resolution to that issue as we recall, instead we
jumped to DS-1-13. Also, this issue wasn't discussed during yesterday's
telecon, according to the minutes. 

So, this issue needs to be addressed. Presently there is not a cohesive
proposal with specific proposed document changes. Also, this is an inconclusive
thread on the list:


ISSUE: core-27: Should AuthenticationMethods andConfirmationMethods be
     listed in the same subsection?
[Jeff]
http://lists.oasis-open.org/archives/security-services/200203/msg00006.html

[Hal]
http://lists.oasis-open.org/archives/security-services/200203/msg00078.html

[Phill]
http://lists.oasis-open.org/archives/security-services/200203/msg00079.html

[Hal]
http://lists.oasis-open.org/archives/security-services/200203/msg00134.html


In addition to the above thread, here's the message that formed the basis for
DS-1-10:

New Issue: SubjectConfirmation descriptions
http://lists.oasis-open.org/archives/security-services/200201/msg00247.html


Summary:

There are two aspects to this..

1. whether ConfirmationMethods and AuthenticationMethods are in fact distinct,
and as a result should be listed and/or identified (somehow) separately. 

2. The ConfirmationMethod/AuthenticationMethod descriptions in Core-XX are
inadequate and need work. Hal proposes some new language in his "New Issue:
SubjectConfirmation descriptions", but more work is likely needed. 


We need to resolve (1), and complete (2) accordingly. Joe & I'll see that it
gets added to the agendas of upcoming telecons. 

JeffH

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC