[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [VER 2] WS-SX TC Minutes, Feb 22 2006
WS-SX TC Minutes, Feb 22 2006
[VER 2]
1. Added roll call provided by Abbie Barbir.
Summary of new Action items:
None.
1. Call to order/roll call
Present:
Jong Lee, BEA Systems, Inc.*
Hal Lockhart, BEA Systems, Inc.*
Corinna Witt, BEA Systems, Inc.*
Symon Chang, Blue Titan Software*
Steve Anderson, BMC Software*
Rich Levinson, Computer Associates*
Yakov Sverdlov, Computer Associates*
Dana Kaufman, Forum Systems, Inc.*
Toshihiro Nishimura, Fujitsu Limited*
Irving Reid, Hewlett-Packard*
Greg Whitehead, Hewlett-Packard*
Ching-Yun (C.Y.) Chao, IBM*
Henry (Hyenvui) Chung, IBM*
Kelvin Lawrence, IBM*
Michael McIntosh, IBM*
Anthony Nadalin, IBM*
Michael Perks, IBM*
Scott Cantor, Internet2*
Mike Lyons, Layer 7 Technologies Inc.*
Jan Alexander, Microsoft Corporation*
Paul Cotton, Microsoft Corporation*
Colleen Evans, Microsoft Corporation*
Vijay Gajjala, Microsoft Corporation*
Marc Goodner, Microsoft Corporation*
Martin Gudgin, Microsoft Corporation*
Chris Kaler, Microsoft Corporation*
Jonathan Marsh, Microsoft Corporation*
Asir Vedamuthu, Microsoft Corporation*
Norman Brickman, Mitre Corporation*
Jeff Hodges, Neustar, Inc.*
Frederick Hirsch, Nokia Corporation*
Abbie Barbir, Nortel Networks Limited*
Paul Knight, Nortel Networks Limited*
Lloyd Burch, Novell*
Steve Carter, Novell*
Howard Bae, Oracle Corporation*
Ashok Malhotra, Oracle Corporation*
jeff mischkinsky, Oracle Corporation*
Prateek Mishra, Oracle Corporation*
Vamsi Motukuru, Oracle Corporation*
Alex Hristov ,Otecia
John Hughes*, PA Consulting*
Darren Platt, Ping Identity Corporation*
Martijn de Boer, SAP AG*
Martin Raepple, SAP AG*
Werner Dittmann, Siemens AG*
Tony Gullotta, SOA Software Inc.*
Jiandong Guo, Sun Microsystems*
Hubert Le Van Gong, Sun Microsystems*
Eve Maler, Sun Microsystems*
Don Adams, Tibco Software Inc.*
Hans Granqvist, VeriSign *
Phillip Hallam-Baker, VeriSign *
2. Reading/Approving minutes of last meeting (Feb 15)
http://lists.oasis-open.org/archives/ws-sx/200602/msg00093.html
Adopted unanimously.
3. Charter clarification ballot(s) status
The second charter ballot end successfully:
http://www.oasis-open.org/apps/org/workgroup/ws-sx/ballot.php?id=950
The OASIS staff is working on getting the second set of charter changes
applied.
4. Issues list
http://docs.oasis-open.org/ws-sx/issues/Issues.xml
a) Review of action items
ai-06 - Chairs to hold a F2F attendance ballot starting Mar 1 and
closing at least two weeks before the F2F.
Pending.
ai-09 - Editors to check that XPath examples in WS-SecurityPolicy are
fully namespace qualified.
Pending. Tony hopes to have this done this week.
ai-2006-01-25-04 - Tony Nadalin will look into the possibility of
hosting an interop event at the April F2F location
Closed.
There will no interop at the April F2F. The F2F meeting will be Tue-Wed
Apr 4-5. Tony and Kelvin will provided F2F logistics information.
ai-2006-02-08-03 - Marc Goodner to post WS-SX issue template to TC site
and Chairs to put it in a prominent location to make it easier to find.
DONE.
ai-2006-02-08-04 - TC members to review the initial interop scenarios by
the Feb 15 TC meeting so that the TC can decide at that meeting whether
the TC has "critical mass" for an Apr F2F interop event.
Closed.
AI-2006-02-15-01 - Gudge to draft a revised proposal for Issue 9
Pending.
AI-2006-02-15-02 - Prateek to give a proposed use case for Issue 10
before the next call.
DONE. See:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00108.html
AI-2006-02-15-03 - C.Y Chao to propose to the TC whether Issue 015
should be closed or not due to revealing the information might be a
security risk.
DONE. See:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00121.html
AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 by Feb 17.
Pending. It will take Prateek a couple of weeks to put together a
proposal for this technical issue.
AI-2006-02-15-05 - Chairs to add information to the public page on how
to access previous versions of the Issues List.
Pending.
AI-2006-02-15-06 - Prateek to provide additional broader scenarios for
at least WS-Trust.
Pending.
AI-2006-02-15-07 - TC members to come to the April F2F with data on when
they would be ready to carry out SC/Trust interop.
Pending.
b) Issues in Review status
None.
c) New issues
i033 Identify security header components that are encrypted
http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i033
Gudge stated that he did not think timestamp, supporting tokens and
SignedSupporting tokens are ever encrypted. Prateek then suggested that
the material in Appendix C might be in error. Prateek agreed that
timestamps are not encrypted in the Appendix C example. But Prateek
felt that supporting tokens ARE encrypted in the Appendix C examples
Prateek said that the real issue is that there might not be enough
information in section 7.4 and 7.5.
Gudge stated that a lot of this information is in Section 6.7. But
Gudge agreed that information in Appendix C could be repeated in other
sections.
Change status to Active. Owner is Prateek Mishra.
Prateek asked for email discuss of his proposal.
i034 Editorial comments on WS-Trust
http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i034
Change status to Active. Owner is Frederick. We expect to process this
editorial proposal next week.
i035 Requester cannot fault upon response
http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i035
The TC discussed this issue and decided the document did not require any
change.
Change status to Closed with no changes to the document.
i036 Clarify term pre-authentication
http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i036
Change status to Active. Owner is Frederick.
i037 Add element extensibility to
RequestSecurityTokenResponseCollection/IssuedTokens schema
http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i037
Change status to Active. Owner is Frederick.
Gudge noted the "..." on line 871 which indicates extensibility but
there is no corresponding explanation of the schema being open.
i038 Clarify that ComputedKey optional
http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i038
Change status to Active. Owner is Frederick.
i039 Define URI for no-correlation anonymous context case
http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i039
If you leave out the URI it means that there is no coorelation.
Change status to Active. Owner is Frederick.
i040 What values can be carried in a
/wst:RequestSecurityToken/wst:Claims element?
http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i040
Change status to Active. Owner is Prateek.
d) Active issues
i003 Prateek Mishra Use of term "binding" in specs ws-sc, ws-sp,
ws-trust editorial
Gudge posted a detailed reply in:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00122.html
There was no objection to adoption of the changes in Gudge's proposal.
Change status to Pending. Editors are to implement these changes.
i004 Paul Cotton Transitive closure spec dependencies ws-sc, ws-sp,
ws-trust editorial
i008 Editors Need well formed XML examples
i009 Hal Lockhart Support for different key pairs for sign and encrypt
in SP
AI-2006-02-15-01 - Gudge to draft a revised proposal for Issue 9
Pending.
i010 Prateek Mishra Proof of possesion for security intermediaries
AI-2006-02-15-02 - Prateek to give a proposed use case for Issue 10
before the next call.
DONE. See:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00108.html
This use case motivates the possible solutions proposed by Prateek.
i015 C.Y. Chao Support error handling in RequestSecurityToken
extension mechanism
See http://lists.oasis-open.org/archives/ws-sx/200602/msg00121.html
Change status to Closed with no action.
i016 Michael McIntosh sp:SignedParts mechanism
Pending comments on email list.
i017 Michael McIntosh sp:RequiredElements mechanism
http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i017
See Mike's proposal to withdraw the issue in:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00018.html
Change status to Closed with no action.
i018 Michael McIntosh absolute XPath expressions
Pending comments on email list.
i020 Describe minimum acceptable lengths for P_SHA1 inputs
AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 by Feb 17.
Pending. It will take Prateek a couple of weeks to put together a
proposal for this technical issue.
i021 Editors Correct section numbers in SP
Work is in progress and should surface very soon.
i022 XML tags of properties according to the properties
See email thread at:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00078.html
Change status to Closed with no action.
i023 Properties for Algorithm Suite missing or wrong
See email from Gudge at:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00061.html
Change status to Pending. Editors to implement proposed changes in
above email.
i024 [Protection Order] Property using same source for keys
i025 Chap. 6.5 [Token protection] conflicts with chapter 8.3 and 8.4
Werner's response to Gudge's proposal:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00079.html
Change status to Pending. Editors to implement proposed changes in
above email. Changes should go in Section 8.
Werner noted that this issue is related to Issue 33. Gudge noted that
the location of the new text for this issue might be where any text
solving Issue 33 would go.
i026 Chapter 6.7 [Security Header Layout]
See Gudge's proposal in:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00062.html
Change status to Pending. Editors to add Section from 7.2 to section 6.
i027 When to include a token?
i028 Multiple supporting tokens of the same type?
See thread at:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00077.html
The TC agreed to await proposals for specific changes to Appendix A.
i029 Which token to use to encrypt/sign in case of multiple tokens
defined in a supporting token assertion?
i030 Need a mechanism to identify token assertions
i031 Clarification for UsernameToken assertion
i032 Hal Lockhart WS-SP should permit Policy to specify the use of
keys derived from passwords
http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i032
Hal is working on a proposal for this issue.
5. Other business
None.
6. Adjournment
The meeting adjourned at about 8:49am PST.
/paulc
Paul Cotton, Microsoft Canada
17 Eleanor Drive, Nepean, Ontario K2E 6A3
Tel: (613) 225-5445 Fax: (425) 936-7329
mailto:Paul.Cotton@microsoft.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]