[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [VER 2] WS-SX TC Minutes, Feb 22 2006
WS-SX TC Minutes, Feb 22 2006 [VER 2] 1. Added roll call provided by Abbie Barbir. Summary of new Action items: None. 1. Call to order/roll call Present: Jong Lee, BEA Systems, Inc.* Hal Lockhart, BEA Systems, Inc.* Corinna Witt, BEA Systems, Inc.* Symon Chang, Blue Titan Software* Steve Anderson, BMC Software* Rich Levinson, Computer Associates* Yakov Sverdlov, Computer Associates* Dana Kaufman, Forum Systems, Inc.* Toshihiro Nishimura, Fujitsu Limited* Irving Reid, Hewlett-Packard* Greg Whitehead, Hewlett-Packard* Ching-Yun (C.Y.) Chao, IBM* Henry (Hyenvui) Chung, IBM* Kelvin Lawrence, IBM* Michael McIntosh, IBM* Anthony Nadalin, IBM* Michael Perks, IBM* Scott Cantor, Internet2* Mike Lyons, Layer 7 Technologies Inc.* Jan Alexander, Microsoft Corporation* Paul Cotton, Microsoft Corporation* Colleen Evans, Microsoft Corporation* Vijay Gajjala, Microsoft Corporation* Marc Goodner, Microsoft Corporation* Martin Gudgin, Microsoft Corporation* Chris Kaler, Microsoft Corporation* Jonathan Marsh, Microsoft Corporation* Asir Vedamuthu, Microsoft Corporation* Norman Brickman, Mitre Corporation* Jeff Hodges, Neustar, Inc.* Frederick Hirsch, Nokia Corporation* Abbie Barbir, Nortel Networks Limited* Paul Knight, Nortel Networks Limited* Lloyd Burch, Novell* Steve Carter, Novell* Howard Bae, Oracle Corporation* Ashok Malhotra, Oracle Corporation* jeff mischkinsky, Oracle Corporation* Prateek Mishra, Oracle Corporation* Vamsi Motukuru, Oracle Corporation* Alex Hristov ,Otecia John Hughes*, PA Consulting* Darren Platt, Ping Identity Corporation* Martijn de Boer, SAP AG* Martin Raepple, SAP AG* Werner Dittmann, Siemens AG* Tony Gullotta, SOA Software Inc.* Jiandong Guo, Sun Microsystems* Hubert Le Van Gong, Sun Microsystems* Eve Maler, Sun Microsystems* Don Adams, Tibco Software Inc.* Hans Granqvist, VeriSign * Phillip Hallam-Baker, VeriSign * 2. Reading/Approving minutes of last meeting (Feb 15) http://lists.oasis-open.org/archives/ws-sx/200602/msg00093.html Adopted unanimously. 3. Charter clarification ballot(s) status The second charter ballot end successfully: http://www.oasis-open.org/apps/org/workgroup/ws-sx/ballot.php?id=950 The OASIS staff is working on getting the second set of charter changes applied. 4. Issues list http://docs.oasis-open.org/ws-sx/issues/Issues.xml a) Review of action items ai-06 - Chairs to hold a F2F attendance ballot starting Mar 1 and closing at least two weeks before the F2F. Pending. ai-09 - Editors to check that XPath examples in WS-SecurityPolicy are fully namespace qualified. Pending. Tony hopes to have this done this week. ai-2006-01-25-04 - Tony Nadalin will look into the possibility of hosting an interop event at the April F2F location Closed. There will no interop at the April F2F. The F2F meeting will be Tue-Wed Apr 4-5. Tony and Kelvin will provided F2F logistics information. ai-2006-02-08-03 - Marc Goodner to post WS-SX issue template to TC site and Chairs to put it in a prominent location to make it easier to find. DONE. ai-2006-02-08-04 - TC members to review the initial interop scenarios by the Feb 15 TC meeting so that the TC can decide at that meeting whether the TC has "critical mass" for an Apr F2F interop event. Closed. AI-2006-02-15-01 - Gudge to draft a revised proposal for Issue 9 Pending. AI-2006-02-15-02 - Prateek to give a proposed use case for Issue 10 before the next call. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200602/msg00108.html AI-2006-02-15-03 - C.Y Chao to propose to the TC whether Issue 015 should be closed or not due to revealing the information might be a security risk. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200602/msg00121.html AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 by Feb 17. Pending. It will take Prateek a couple of weeks to put together a proposal for this technical issue. AI-2006-02-15-05 - Chairs to add information to the public page on how to access previous versions of the Issues List. Pending. AI-2006-02-15-06 - Prateek to provide additional broader scenarios for at least WS-Trust. Pending. AI-2006-02-15-07 - TC members to come to the April F2F with data on when they would be ready to carry out SC/Trust interop. Pending. b) Issues in Review status None. c) New issues i033 Identify security header components that are encrypted http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i033 Gudge stated that he did not think timestamp, supporting tokens and SignedSupporting tokens are ever encrypted. Prateek then suggested that the material in Appendix C might be in error. Prateek agreed that timestamps are not encrypted in the Appendix C example. But Prateek felt that supporting tokens ARE encrypted in the Appendix C examples Prateek said that the real issue is that there might not be enough information in section 7.4 and 7.5. Gudge stated that a lot of this information is in Section 6.7. But Gudge agreed that information in Appendix C could be repeated in other sections. Change status to Active. Owner is Prateek Mishra. Prateek asked for email discuss of his proposal. i034 Editorial comments on WS-Trust http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i034 Change status to Active. Owner is Frederick. We expect to process this editorial proposal next week. i035 Requester cannot fault upon response http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i035 The TC discussed this issue and decided the document did not require any change. Change status to Closed with no changes to the document. i036 Clarify term pre-authentication http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i036 Change status to Active. Owner is Frederick. i037 Add element extensibility to RequestSecurityTokenResponseCollection/IssuedTokens schema http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i037 Change status to Active. Owner is Frederick. Gudge noted the "..." on line 871 which indicates extensibility but there is no corresponding explanation of the schema being open. i038 Clarify that ComputedKey optional http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i038 Change status to Active. Owner is Frederick. i039 Define URI for no-correlation anonymous context case http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i039 If you leave out the URI it means that there is no coorelation. Change status to Active. Owner is Frederick. i040 What values can be carried in a /wst:RequestSecurityToken/wst:Claims element? http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i040 Change status to Active. Owner is Prateek. d) Active issues i003 Prateek Mishra Use of term "binding" in specs ws-sc, ws-sp, ws-trust editorial Gudge posted a detailed reply in: http://lists.oasis-open.org/archives/ws-sx/200602/msg00122.html There was no objection to adoption of the changes in Gudge's proposal. Change status to Pending. Editors are to implement these changes. i004 Paul Cotton Transitive closure spec dependencies ws-sc, ws-sp, ws-trust editorial i008 Editors Need well formed XML examples i009 Hal Lockhart Support for different key pairs for sign and encrypt in SP AI-2006-02-15-01 - Gudge to draft a revised proposal for Issue 9 Pending. i010 Prateek Mishra Proof of possesion for security intermediaries AI-2006-02-15-02 - Prateek to give a proposed use case for Issue 10 before the next call. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200602/msg00108.html This use case motivates the possible solutions proposed by Prateek. i015 C.Y. Chao Support error handling in RequestSecurityToken extension mechanism See http://lists.oasis-open.org/archives/ws-sx/200602/msg00121.html Change status to Closed with no action. i016 Michael McIntosh sp:SignedParts mechanism Pending comments on email list. i017 Michael McIntosh sp:RequiredElements mechanism http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i017 See Mike's proposal to withdraw the issue in: http://lists.oasis-open.org/archives/ws-sx/200602/msg00018.html Change status to Closed with no action. i018 Michael McIntosh absolute XPath expressions Pending comments on email list. i020 Describe minimum acceptable lengths for P_SHA1 inputs AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 by Feb 17. Pending. It will take Prateek a couple of weeks to put together a proposal for this technical issue. i021 Editors Correct section numbers in SP Work is in progress and should surface very soon. i022 XML tags of properties according to the properties See email thread at: http://lists.oasis-open.org/archives/ws-sx/200602/msg00078.html Change status to Closed with no action. i023 Properties for Algorithm Suite missing or wrong See email from Gudge at: http://lists.oasis-open.org/archives/ws-sx/200602/msg00061.html Change status to Pending. Editors to implement proposed changes in above email. i024 [Protection Order] Property using same source for keys i025 Chap. 6.5 [Token protection] conflicts with chapter 8.3 and 8.4 Werner's response to Gudge's proposal: http://lists.oasis-open.org/archives/ws-sx/200602/msg00079.html Change status to Pending. Editors to implement proposed changes in above email. Changes should go in Section 8. Werner noted that this issue is related to Issue 33. Gudge noted that the location of the new text for this issue might be where any text solving Issue 33 would go. i026 Chapter 6.7 [Security Header Layout] See Gudge's proposal in: http://lists.oasis-open.org/archives/ws-sx/200602/msg00062.html Change status to Pending. Editors to add Section from 7.2 to section 6. i027 When to include a token? i028 Multiple supporting tokens of the same type? See thread at: http://lists.oasis-open.org/archives/ws-sx/200602/msg00077.html The TC agreed to await proposals for specific changes to Appendix A. i029 Which token to use to encrypt/sign in case of multiple tokens defined in a supporting token assertion? i030 Need a mechanism to identify token assertions i031 Clarification for UsernameToken assertion i032 Hal Lockhart WS-SP should permit Policy to specify the use of keys derived from passwords http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i032 Hal is working on a proposal for this issue. 5. Other business None. 6. Adjournment The meeting adjourned at about 8:49am PST. /paulc Paul Cotton, Microsoft Canada 17 Eleanor Drive, Nepean, Ontario K2E 6A3 Tel: (613) 225-5445 Fax: (425) 936-7329 mailto:Paul.Cotton@microsoft.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]