OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

tc-announce message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: WSS v1.1 Submitted for OASIS Standard

OASIS Members:

The OASIS Web Services Security Technical Committee has submitted the following specifications, which are approved Committee
Specifications, to be considered collectively as an OASIS Standard:

WSS v1.1:
- WS-Security 1.1
- Username Token Profile 1.1
- X.509 Token Profile 1.1
- Kerberos Token Profile 1.1
- SAML Token Profile 1.1
- REL Token Profile 1.1
- SOAP With Attachments (SWA) Profile 1.1
- Schema 1.1

The TC's submission is attached below.

In accordance with the OASIS Technical Committee Process, the specification has already gone through a 60 day public review period:


OASIS members now have until the 15th of January to familiarize themselves with the submission below. OASIS members should give
their input on this question to the voting representative of their organization.

By the 16th of the month we will send out a Call For Vote to the voting representatives of the OASIS member organizations, who will
have until the end of the month to cast their ballots on whether this Committee Specification should be approved as an OASIS

The normative TC Process for approval of Committee Specifications as OASIS Standards is found at

Any statements related to the IPR of this specification are posted at:


Mary P McRae
Manager of TC Administration, OASIS
email: mary.mcrae@oasis-open.org
phone: 603.232.9090


WSS TC Submission Form for Proceeding To OASIS Standard Vote for WSS 1.1 documents 

The responses on behalf of the WSS TC are below. 

Simultaneously with the approval of a Committee Specification or at a later date, a TC may resolve by Special Majority Vote to
submit the Committee Specification to the membership of OASIS for consideration as an OASIS Standard. Upon resolution of the TC to
submit the specification, its Chair shall submit the following items to the TC Administrator: 

1. Links to the approved Committee Specification in the TC's document repository, and any appropriate supplemental documentation for
the specification, both of which must be written using the OASIS templates. The specification may not have been changed between its
approval as a Committee Specification and its submission to OASIS for consideration as an OASIS Standard, except for the changes on
the title page and running footer noting the approval status and date 
WS-Security 1.1 
Username Token Profile 1.1 
X.509 Token Profile 1.1 
Kerberos Token Profile 1.1 
SAML Token Profile 1.1 
REL Token Profile 1.1 
SOAP With Attachments (SWA) Profile 1.1 
Schema 1.1   
2. The editable version of all files that are part of the Committee Specification; 

WS-Security 1.1 
Username Token Profile 1.1  
X.509 Token Profile 1.1 
Kerberos Token Profile 1.1 
SAML Token Profile 1.1 
REL Token Profile 1.1  
SOAP With Attachments (SWA) Profile 1.1  
Schema 1.1   

3. Certification by the TC that all schema and XML instances included in the specification, whether by inclusion or reference,
including fragments of such, are well formed, and that all expressions are valid; 
The XML examples in the documents and the 1.1 Schema are well-formed. We have run all of the examples through an XML well-formedness

4. A clear English-language summary of the specification; 
The specifications describe a mechanism for securing web services message exchanges using a variety of existing security
technologies and methodolgies. The document set is the 1.1 revision of the original WS-Security 2004 OASIS standard. Several token
profiles have been added. The 1.0 Errata has been factored in. Feedback from the public has been included and steps have been taken
to enhance the readability and usability of the specification. An additional 1.1 Schema has been produced and a few XML Elements
have been added to the language. 

5. A statement regarding the relationship of this specification to similar work of other OASIS TCs or other standards developing
This work builds upon, but does not attempt to duplicate, the work of several standards efforts. Including: 

WS-Security 2004 (OASIS WSS TC) 
XML Encryption (W3C) 
SAML (OASIS Security Services TC) 
Kerberos (IETF) 

6. Certification by at least three OASIS member organizations that they are successfully using the specification; 
Certifications have been received from the following companies. We are including URLs that point to the certification statements in
the e-mail archive. 

BEA Systems  -  http://lists.oasis-open.org/archives/wss/200511/msg00064.html 
IBM  -  http://lists.oasis-open.org/archives/wss/200511/msg00063.html 
Microsoft  -  http://lists.oasis-open.org/archives/wss/200511/msg00070.html

7.  The beginning and ending dates of the public review(s), a pointer to the announcement of the public review(s), and a pointer to
an account of each of the comments/issues raised during the public review period(s), along with its resolution; 
The Public Review began on 11th July 2005 and ended on 10th September 2005 

Here is the announcement of the Public Review  

The TC raised an issue to track every comment passed back to the TC during the public review. The documents referenced below contain
a detailed cross referenc between each comment and the decision the TC took in addressing the comment. 


8. An account of and results of the voting to approve the specification as a Committee Specification, including the date of the
ballot and a pointer to the ballot; 
The Committee Specification Ballot was created on 21st Nov 2005 
The results were 37=Yes (93%), 0=No, 0=Abstain   
The TC had 40 voting members 
The ballot is here:  http://www.oasis-open.org/committees/ballot.php?id=886

9. An account of or pointer to votes and comments received in any earlier attempts to standardize substantially the same
specification, together with the originating TC's response to each comment; 
This is the first attempt to standardize the WSS 1.1 specification 

10. A pointer to the publicly visible comments archive for the originating TC; 

11. A pointer to any minority reports submitted by one or more Members who did not vote in favor of approving the Committee
Specification, which report may include statements regarding why the member voted against the specification or that the member
believes that Substantive Changes were made which have not gone through public review; or certification by the Chair that no
minority reports exist. 

No such reports have been submitted. 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]