OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes for SSTC Telecon, Tuesday 27 May 2003

Minutes for Telecon, Tuesday 27 May 2003
Dial in info: +1 865 673 3239 #238-3466
Minutes taken by Steve Anderson


    - Minutes from 20 May 2003 call accepted
    - Accept Prateek's edits removing the word SSO from lines 523-524
    - Accept changes to Conformance Spec, section 2.5, table 2
    - Accept Prateek's changes to schema files
    - Advance draft specification to committee specification
    - Return to bi-weekly meeting schedule, beginning with this call
  Previous Action Items Still Open:
    - #0038: Continue developing Metadata specs
    - #0013: Request use of WS-Trust for CC Proposal
    - #0047: Update Issues List from V1.0
    - #0004: [AI-39] Propose WSDL for metadata

  New Action Items:
    - Chairs to propose language for interpretation of "successfully using"
    - Rob to post V1.1 end game schedule to list
                             Raw Notes

> Agenda:
> 1. Roll call

- Attendance attached to bottom of these minutes
- Quorum achieved
- 2/3 membership NOT present
    - discussion of how to proceed, lacking 2/3 membership present
    - email vote? how long will that take
    - Hal: section 1.n of the OASIS TC process allows for immediate voting,
      to last 5 days
    - Steve: 5 calendar / working?
- Phill arrived, 2/3 membership NOW present

> 2. Accept minutes from previous meeting, 20 May
>    < http://lists.oasis-open.org/archives/security-services/
>      200305/msg00131.html >

- [VOTE] unanimous consent, accepted

> 3. Action item review (see attached action items)
>    Closed Items:
>    #0042: Conformance edits for candidate ctte spec
>    #0043: Core edits for candidate ctte spec
>    #0044: Bindings edits for candidate ctte spec
>    #0045: Security Considerations edits for candidate ctte spec
>    #0046: Differences document edits
>    Open Action Items:

- Rob: proposes we skip these for now, since they don't impact the CS doc set
- [note that there was discussion of AI0047, see below]

>    #0038: Continue developing Metadata specs
>    Owner: Jahan Moreh
>    Status: Open
>    Assigned: 06 May 2003
>    Due: ---
>    Comments:
>       Rob Philpott 2003-05-06 14:40 GMT
>       29-April: Continue developing Metadata specs (not required for V1.1
>       last call).
>       Rob Philpott 2003-05-06 16:53 GMT
>       1-May: Jahan posted draft -06 of the spec and schema file to the
>       repository. See document references associated with this action item.
>    #0013: Request use of WS-Trust for CC Proposal
>    Owner: Maryann Hondo
>    Status: Open
>    Assigned: 23 Mar 2003
>    Due: ---
>    Comments:
>       Rob Philpott 2003-03-24 02:30 GMT
>       We need to formulate appropriate language for a request to WS-Trust
>       folks on SSTC mailing list. MaryAnn agreed to represent the question
>       to the WS-Trust Authors on our behalf. Question to WS-Trust authors: 
>       (0) SSTC is interested in using portions of WS-Trust specification. 
>       (1) Clarify their intent on submission to standards body and relevant
>       time frame 
>       (2) Will the WS-Trust specification be submitted to a standards body
>       within the next three months 
>       (3) Alternatively, would WS-Trust authors consider releasing WS-Trust
>       specification (appropriate waiver of copyright) to the SSTC to build a
>       derivative work.
>       Rob Philpott 2003-04-08 05:09 GMT
>       Carlisle completed the draft. 
>       The AI has been transferred to Maryann who will now follow up with
>       the authors.
>       Rob Philpott 2003-04-15 21:54 GMT
>       Maryann notified the authors of our request on 14-April and asked to
>       set up an authors con-call to discuss it. The con-call will take place
>       sometime after the RSA Conference.
>       Rob Philpott 2003-04-29 22:07 GMT
>       29-April: Author's con-call is scheduled for 30-April
>       Rob Philpott 2003-05-06 21:17 GMT
>       6-May: Lengthy discussion during con-call. See minutes 
>       (200305/msg000091 - see reference link).
>    #0047: Update Issues List from V1.0
>    Owner: Rob Philpott
>    Status: Open
>    Assigned: 20 May 2003
>    Due: ---
>    Comments:
>       Rob Philpott 2003-05-20 22:06 GMT
>       In a private mail exchange, "Eve L. Maler" wrote: 
>         It would be nice to update/extract items from it (and I also think we 
>         should build a more official list of items we have promised to deal 
>         with and design components we have promised to remove in V2.0), 
>         but I don't think our last-call schedule should depend on it. 

- Jeff: feels we should have a 1.1 issues list
- Eve: but an 'ongoing issues list' doesn't impact as heavily
- Jeff: would like to fold in the deferred items
- Rob: intends to do that, but just haven't been able to complete it
- will do ASAP
- no strong objections heard to proceeding without it for now

>    #0004: [AI-39] Propose WSDL for metadata
>    Owner: Prateek Mishra
>    Status: Open
>    Assigned: 17 Mar 2003
>    Due: ---
>    Comments:

> 4. Review spec, schema updates NOT discussed on 20-May
>    a. Bindings - Prateek recommended change "SUMMARY: I am making the
>       editorial recommendation that we remove the word SSO from lines
>       523-524." 
>       1. See: http://lists.oasis-open.org/archives/security-services/
>          200305/msg00135.html 

- Prateek: this was the result of multiple edits
- Rob: shall we vote on these edits to accept them?
- [MOTION] Accept Prateek's edits removing the word SSO from lines 523-524
- [VOTE] no objections, passes

>    b. Conformance Spec - Section 2.5/Table 2 updates 
>       1. See: http://lists.oasis-open.org/archives/security-services/
>          200305/msg00137.html 

- Rob: there were a number of elements listed in the table that are no longer
  in the spec
- there were some listed unbounded that are not, vice versa, etc
- Prateek did to a careful review of that
- didn't get a lot of review in the last review period
- [MOTION] Accept changes to Conformance Spec, section 2.5, table 2
- [VOTE] no objections, passes

>    c. Schema files: Prateek updates: 
>       i.   Assertion schema (draft-04) - fix document identifier
>       ii.  Protocol Schema (draft-05) - fix document identifier and
>            assertion schema location reference.
>       iii. See updated zip file: http://lists.oasis-open.org/archives/
>            security-services/200305/msg00140.html 

- [MOTION] Accept Prateek's changes to schema files
- [VOTE] no objections, passes

> 5. Vote to declare specifications to be SSTC Committee Specifications: 
>    "The vote to approve the work as a Committee Specification requires a
>    2/3 vote of TC members, with no more than 1/4 objecting. As with other
>    TC decisions, this decision should minuted and posted to the mail list
>    and web page. The TC chair should also notify the TC Administrator so
>    that the specification can be added to a web page listing Committee
>    Specifications." 

- Rob: all changes from minutes of last meeting are in the documents
- Eve: not caught up on what happened with ID/IDRef issue
- Irving: we decided to make the non-backwards-compatible change, removing the
  SAML id type and change to direct xsd type, and used NCName
- also took out the intermediate type definition
- [MOTION] Advance draft specification to committee specification
- [VOTE] no objections, passes
- [much rejoicing]

> 6. Target V1.1 end game schedule: 
>    a. [Target: 27-May] Post CS docs and schemas to web site

- Rob: will be posting the CS doc set this afternoon

>    b. [Target: 28-May] The TC chairs announce to OASIS that the Committee
>       Spec is available for a 30-day Public Review period. 

- Phill: will this be a PR thing, or will that be at final approval
    - Hal: for this step, we may notify other standards groups
    - might be appropriate for PR stuff when we submit to OASIS
    - Rob: OASIS will definitely be sending a notice, and folks are encouraged
      to pass along to any interested parties

>    c. [Target: 30-June] End of Public Review period - prepare new errata
>       document as needed. 
>    d. [Target: 1-July (1st Tuesday following 30-day period)] TC vote to
>       submit the Committee Spec to OASIS. 

- Rob: will be a separate vote from today
- Jeff: we'll be voting on how to handle comments/issues that arise during
  review period
- Hal: we can choose to make limited changes and submit to OASIS
- Rob: this schedule is assuming we don't encounter any major issues

>    e. [Target: 1-July] Chairs begin preparing OASIS spec submission document
>       which includes 
>        1. Reference links to specs 
>        2. Certification by at least 3 vendors successfully using the spec 

- Hal: that's 3 organizational members
- Rob: we won't need to break it down by function as we did last time, as we
  discussed in a previous meeting
- Rob: can we get a sense that we'll have that?
    - believe that Scott will
    - RLBob: Internet2 is moving that way
    - Rob: RSA is well under way
    - Irving: we aren't currently moving, but there's reasonable chance we 
      will within the next month or 2
    - Jeff: Rob should check with Karl Best on not having an attestation matrix
    - Hal: certain it will be fine, cites OASIS requirements
    - Rob: so we'll have to vote on the meaning of "successfully using", but
      not today
    - Hal: we'll have to consider compatibility with 1.1 vs. taking advantage
      of features new to 1.1
    - Jeff: sounds like an AI
    - [ACTION] Chairs to propose language for interpretation of "successfully
    - Hal: remembers that some were reticent to post intentions
    - Jeff: can either send to the list or send to chairs privately

>        3. Describe disposition of all public review comments 
>        4. IPR policy compliance statements 
>    f. [Target: 15-July] The submission document must be submitted to OASIS
>       by the 15th of the month 
>    g. [Target: 1-August] OASIS will make the announcement of the TC's
>       request for standardization of the committee spec by the 1st of the month. 
>    h. [Target: 15-August] Voting will commence by the 15th of the month. 
>    i. [Target: 31-August] Voting will complete at the end of the month. 

- Rob: any questions on schedule
- Jeff: there's an expectation that editorial comments received during the 
  review are being incorporated in real time, because there's no time provided
  for doing it at the end
- Hal: there's nothing to prevent us from approving good comments as we 
  receive them
- Jeff: we just need to waive the flag indicating what we're doing
- [ACTION] Rob to post V1.1 end game schedule to list

> 7. Return TC meetings to bi-weekly?

- [MOTION] Return to bi-weekly meeting schedule, beginning with this call
- Hal: we can make any particular 'off' week an 'on' week as necessary
- [VOTE] no objections, passes

> 8. Any other business

- none

> 9. Adjourn

- Adjourned
- next meeting 10 June


Attendance of Voting Members:

  Irving Reid Baltimore
  Hal Lockhart BEA
  John Hughes Entegrity Solutions
  Jason Rouault HP
  Bob Morgan Individual
  Prateek Mishra Netegrity
  Frederick Hirsch Nokia
  Charles Knouse Oblix
  Steve Anderson OpenNetwork
  Simon Godik OverXeer
  Rob Philpott RSA Security
  Dipak Chopra SAP
  Jahan Moreh Sigaba
  Bhavna Bhatnagar Sun
  Jeff Hodges Sun
  Eve Maler Sun
  Emily Xu Sun
  Phillip Hallam-Baker Verisign

Attendance of Observers or Prospective Members:

  Krishna  Sankar  Cisco
  Mike White Individual
  Kevin Shanley Entrust
  Darren  Platt  PingID
  Ronald Jacobson Computer Associates

Membership Status Changes:

  Padraig Moloney NASA - Lost voting status due to inactivity

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]