OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ws-brsp message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes Feb 27, 2014

For your review:





27 February 2014, 11:00am to noon PDT



Scribe: Jacques Durand

0. Call to Order and roll call

Jacques Durand calls the meeting to order and welcomes everyone.


* Roll call:


Alessio Soldano

Ram Jeyaraman

Gershon Janssen

Doug Davis

Jacques Durand

Tom Rutt

Pim Van Der Eijk

Tom Link (observer)





Micah Hainline



This meeting is quorate.


Agenda adopted:


1. Administrative: min Jan 16.


2. Public Review comment disposition:

- walk through of BP12, BP20, RSP10 diffs.

- comments not addressed, BSP11.

- timeline.


3. BSP SHAH 1 question (Pim V.D.E.)






1. Administrative:

min November: approved UNAN.

min Jan 16: approval postponed (just posted)


2. Public Review comment disposition:

- walk through of BP12, BP20, RSP10 diffs.

- Tom R. just posted:


which has all the pr comments for bp 1.2 bp 2.0, and rsp 1.0 in one document.

- the spreadsheet lists every comment, and last column gives the proposed disposition /action.

- The complete comment disposition package is at:


- Diffed documents show the actual effect of disposition (tagging the ID of comment being addressed)

- discussion about the normative status of Conformance Claim mechanisms (sections 2.5 in BP1.2, BP2.0, RSP1.0):

- in current proposed disposition, Conformance Claim mechanisms are no longer normative

(proposed disposition for comments 317, 278).

- Ram J. objects to removing normative status to Claim mechanisms, as in case a mechanism is elected,

it must be clear how to conform to it.

- consensus that the normative status of Claim mechanisms should be restored.

- Jacques to reverse the former changes on 2.5 and restore the MUST and MUST NOT keywords,

while keeping these Claim mechanisms out of scope of the Profile conformance (not mentioned in the conformance clause)

Meaning they are optional, subject to out of band agreement and have no bearing on the conformance to the profile.


- comments not addressed: about 75 comments over more than 280 were considered requiring no action.


- BSP11 comments: not part of this comment disposition package. Tom & Jacques to tentatively address them

along with new disposition for BP1.2, BP2.0, RSP1.0.


- timeline: after revision of the disposiition in order to reverse the removal of normative keywords

in the Conformance claim sections 2.5, next step is to re-post a new comment disposition package and open

a Web ballot for approval of the dispositions.



3. BSP SHAH 1 question (Pim V.D.E.)

- Pim explains the issue: SHA-1 is deprecated, common use is now SHA-2 or SHA-256.

- BSP, while allowing "other" algorithms, is strongly biased in favor of SHA-1.

- is there a way to conform to BSP11 while using other than SHA-1? Some implementers need that.

- it should. But some Rxxx are clearly assuming SHA-1, so there seems to be an inconsistency

between the "openess" of BSP beyond SHA-1 and the reality.

- Need to discuss this further. BSP to be processed separately from other profiles, if more

work is needed beyond just the disposition of PR comments.


Meeting adjourned at noon.

Next meeting: tentative March 20.




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]