[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes Feb 27, 2014
For your review: -jacques ---------------------------------------- DRAFT MINUTES OASIS WS-BRSP TC Meeting 27 February 2014, 11:00am to noon PDT ---------------------------------------- Scribe: Jacques Durand 0. Call to Order and roll call Jacques Durand calls the meeting to order and welcomes everyone. * Roll call: Alessio Soldano Ram Jeyaraman Gershon Janssen Doug Davis Jacques Durand Tom Rutt Pim Van Der Eijk Tom Link (observer) Excused: Micah Hainline This meeting is quorate. Agenda adopted: 1. Administrative: min Jan 16. 2. Public Review comment disposition: - walk through of BP12, BP20, RSP10 diffs. - comments not addressed, BSP11. - timeline. 3. BSP SHAH 1 question (Pim V.D.E.) Minutes: 1. Administrative: min November: approved UNAN. min Jan 16: approval postponed (just posted) 2. Public Review comment disposition: - walk through of BP12, BP20, RSP10 diffs. - Tom R. just posted: https://www.oasis-open.org/apps/org/workgroup/ws-brsp/download.php/52343/bp12-bp20-rsp10-PrConsolodatedCommentResolutions.xlsx which has all the pr comments for bp 1.2 bp 2.0, and rsp 1.0 in one document. - the spreadsheet lists every comment, and last column gives the proposed disposition /action. - The complete comment disposition package is at: https://www.oasis-open.org/apps/org/workgroup/ws-brsp/download.php/52338/bp12-bp20-rsp10-PrResolutions.zip - Diffed documents show the actual effect of disposition (tagging the ID of comment being addressed) - discussion about the normative status of Conformance Claim mechanisms (sections 2.5 in BP1.2, BP2.0, RSP1.0): - in current proposed disposition, Conformance Claim mechanisms are no longer normative (proposed disposition for comments 317, 278). - Ram J. objects to removing normative status to Claim mechanisms, as in case a mechanism is elected, it must be clear how to conform to it. - consensus that the normative status of Claim mechanisms should be restored. - Jacques to reverse the former changes on 2.5 and restore the MUST and MUST NOT keywords, while keeping these Claim mechanisms out of scope of the Profile conformance (not mentioned in the conformance clause) Meaning they are optional, subject to out of band agreement and have no bearing on the conformance to the profile. - comments not addressed: about 75 comments over more than 280 were considered requiring no action. - BSP11 comments: not part of this comment disposition package. Tom & Jacques to tentatively address them along with new disposition for BP1.2, BP2.0, RSP1.0. - timeline: after revision of the disposiition in order to reverse the removal of normative keywords in the Conformance claim sections 2.5, next step is to re-post a new comment disposition package and open a Web ballot for approval of the dispositions. 3. BSP SHAH 1 question (Pim V.D.E.) - Pim explains the issue: SHA-1 is deprecated, common use is now SHA-2 or SHA-256. - BSP, while allowing "other" algorithms, is strongly biased in favor of SHA-1. - is there a way to conform to BSP11 while using other than SHA-1? Some implementers need that. - it should. But some Rxxx are clearly assuming SHA-1, so there seems to be an inconsistency between the "openess" of BSP beyond SHA-1 and the reality. - Need to discuss this further. BSP to be processed separately from other profiles, if more work is needed beyond just the disposition of PR comments. Meeting adjourned at noon. Next meeting: tentative March 20. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]