OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [VER 2] WS-SX TC Minutes, Mar 08 2006


WS-SX TC Minutes, Mar 08 2006

VER 2:
1. Added roll call provided by Abbie.

Summary of new Action items:

ACTION 2005-03-08-01 Prateek Mishra to respond to Jan's message re Issue
10:
http://lists.oasis-open.org/archives/ws-sx/200603/msg00016.html

ACTION 2006-03-08-02 Mike to provide better description(s) and a
complete proposal(s) for issue 016 and issue 017 by the F2F meeting.

ACTION 2006-03-08-03 Werner and Gudge to work on a new proposal for
Issue 27.

ACTION 2006-03-08-04 Hal to provided a proposal for Issue 32 before Mar
15 meeting.

ACTION 2006-03-08-05 Frederick to provide alternative proposal for Issue
36 for the Mar 15 meeting.   

ACTION 2006-03-08-06 Jan Alexander to supply clarifying text for Issue
038 before the Mar 22 meeting.

ACTION 2006-03-08-07 Gudge will provide text to clarify the usage of
"dialect" for Issue 40 for the Mar 15 meeting.    

1. Call to order/roll call

Present:
Frank Siebenlist, Argonne National Laboratory* 
Jong Lee, BEA Systems, Inc.* 
Hal Lockhart, BEA Systems, Inc.* 
Denis Pilipchuk, BEA Systems, Inc.* 
Symon Chang, Blue Titan Software* 
Steve Anderson, BMC Software* 
Rich Levinson, Computer Associates* 
Yakov Sverdlov, Computer Associates* 
Dana Kaufman, Forum Systems, Inc.* 
Toshihiro Nishimura, Fujitsu Limited* 
Irving Reid, Hewlett-Packard* 
Greg Whitehead, Hewlett-Packard* 
Ching-Yun (C.Y.) Chao, IBM* 
Henry (Hyenvui) Chung, IBM* 
Heather Hinton, IBM* 
Kelvin Lawrence, IBM* 
Michael McIntosh, IBM* 
Anthony Nadalin, IBM* 
Scott Cantor, Internet2* 
Mike Lyons, Layer 7 Technologies Inc.* 
Kate Cherry, Lockheed Martin* 
Jan Alexander, Microsoft Corporation* 
Paul Cotton, Microsoft Corporation* 
Colleen Evans, Microsoft Corporation* 
Mark Fussell, Microsoft Corporation* 
Vijay Gajjala, Microsoft Corporation* 
Marc Goodner, Microsoft Corporation* 
Martin Gudgin, Microsoft Corporation* 
Chris Kaler, Microsoft Corporation* 
Asir Vedamuthu, Microsoft Corporation* 
Norman Brickman, Mitre Corporation* 
Jeff Hodges, Neustar, Inc.* 
Frederick Hirsch, Nokia Corporation* 
Abbie Barbir, Nortel Networks Limited* 
Paul Knight, Nortel Networks Limited* 
Lloyd Burch, Novell* 
Steve Carter, Novell* 
Howard Bae, Oracle Corporation* 
Ashok Malhotra, Oracle Corporation* 
Prateek Mishra, Oracle Corporation* 
Vamsi Motukuru, Oracle Corporation* 
Alex Hristov, Otecia Incorporated* 
John Hughes*, PA Consulting* 
Darren Platt, Ping Identity Corporation* 
Werner Dittmann, Siemens AG* 
Eve Maler, Sun Microsystems* 
Hans Granqvist, VeriSign * 
Phillip Hallam-Baker, VeriSign *
 
2. Reading/Approving minutes of last meeting (Mar 1)
http://lists.oasis-open.org/archives/ws-sx/200603/msg00024.html

Adopted unanimously.

3. F2F planning 
See information provided in:
http://lists.oasis-open.org/archives/ws-sx/200602/msg00131.html 

ai-06 - Chairs to hold a F2F attendance ballot starting Mar 1 and
closing at least two weeks before the F2F. 
DONE.  See:
http://www.oasis-open.org/apps/org/workgroup/ws-sx/ballot.php?id=963
So far only 43 members have voted.  Kelvin asked for all voting members
to reply ASAP.  People that want to attend by phone should abstain on
the current ballot.

Kelvin said that there would be a speaker phone in the meeting room.
Nortel offered a USA-based bridge for the first day of the meeting.  We
need someone else to offer to support the phone in for the second day or
part of it.

4. Issues list 
http://docs.oasis-open.org/ws-sx/issues/Issues.xml

a) Review of action items

ai-09 - Editors to check that XPath examples in WS-SecurityPolicy are
fully namespace qualified. 
Pending.

AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 before F2F 
Pending.  

AI-2006-02-15-06 - Prateek to provide additional broader scenarios for
at least WS-Trust. ETA is Mar 10. 
Pending.

AI-2006-02-15-07 - TC members to come to the April F2F with data on when
they would be ready to carry out SC/Trust interop. 
Pending.

AI-2006-03-01-01 - Jan Alexander will provide a solution to Issue 41.
DONE.  See:
http://lists.oasis-open.org/archives/ws-sx/200603/msg00015.html  

AI-2006-03-01-02 - Werner Dittman to give an example of a case for Issue
27 that is not sensible so that we can indicate that some cases do not
make sense. Werner will propose specific change to SP to give guidance
on the problem identified in Issue 27. 
DONE. See:
http://lists.oasis-open.org/archives/ws-sx/200603/msg00020.html

AI-2006-03-01-03 - Werner Dittman to work with Tony Nadalin to see if it
would be useful to include Tony's UML diagram to clarify Issue 28.
Pending.  Progress has been made. 

AI-2006-03-01-04 - Werner Dittman, Tony Gillotta and Gudge will prepare
a proposal to add some text to describe how to extend token assertions
for Issue 30.
DONE. See:
http://lists.oasis-open.org/archives/ws-sx/200603/msg00029.html 

b) Issues in Review status

None.

c) New issues

i043   Missing enumeration for validate request type in the
RequestTypeEnumdefinition
http://lists.oasis-open.org/archives/ws-sx/200603/msg00019.html

WS-Trust uses the missing URI:
>For this binding, the <RequestType> element contains the following URI:
    http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate

Proposal in this issue is adopted unanimously.
Change status to Pending.

i044	What is an authorization token?
http://lists.oasis-open.org/archives/ws-sx/200603/msg00030.html 

Paul Cotton pointed out that WS-Trust Section 4.3.1 "Zero or One
Proof-of-Possession Token Case" gives an example of an "authorization
token".

Change status to Active.  Owner is Tony Nadalin.

d) Active issues

i004  Paul Cotton  Transitive closure spec dependencies 
Pending. Due before F2F.
  
i008  Editors  Need well formed XML examples   
Pending.

i010  Prateek Mishra  Proof of possesion for security intermediaries   
Jan Alexander's reply is in:
http://lists.oasis-open.org/archives/ws-sx/200603/msg00016.html

ACTION 2005-03-08-01 Prateek Mishra to respond to Jan's message re Issue
10:
http://lists.oasis-open.org/archives/ws-sx/200603/msg00016.html

i016  Michael McIntosh  sp:SignedParts mechanism 

ACTION 2006-03-08-02 Mike to provide better description(s) and a
complete proposal(s) for issue 016 and issue 017 by the F2F meeting. 
  
i018  Michael McIntosh  absolute XPath expressions   

ACTION 2006-03-08-02 Mike to provide better description(s) and a
complete proposal(s) for issue 016 and issue 017 by the F2F meeting. 
  
i020   Describe minimum acceptable lengths for P_SHA1 inputs   
AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 before F2F 
Pending.  

i027   When to include a token?   
AI-2006-03-01-02 - Werner Dittman to give an example of a case for Issue
27 that is not sensible so that we can indicate that some cases do not
make sense. Werner will propose specific change to SP to give guidance
on the problem identified in Issue 27. 
DONE. See:
http://lists.oasis-open.org/archives/ws-sx/200603/msg00020.html

"A token assertion may carry a sp:IncludeToken attribute that requires
to include a token in the message. To support this type of token
inclusion the Web Service Security specifications [WSS10] define the
wsse:BinarySecurityToken element that holds the included token."

Gudge pointed out that the above text does not work for a SAML token.
Werner agreed that we need more generic wording in the second sentence.

"A policy shall use either token inclusion or token reference."

Gudge suggested that the above text is not correct since a policy could
say to include the token and to always refer to it via a thumbprint.   

Gudge suggested that Werner was trying to say "Using the Requirexxx
assertion only makes sense when the tokens are not in the message."

ACTION 2006-03-08-03 Werner and Gudge to work on a new proposal for
Issue 27.

i028   Multiple supporting tokens of the same type?   
AI-2006-03-01-03 - Werner Dittman to work with Tony Nadalin to see if it
would be useful to include Tony's UML diagram to clarify Issue 28. 
Pending.

i030   Need a mechanism to identify token assertions   
AI-2006-03-01-04 - Werner Dittman, Tony Gillotta and Gudge will prepare
a proposal to add some text to describe how to extend token assertions
for Issue 30. 
DONE. See:
http://lists.oasis-open.org/archives/ws-sx/200603/msg00029.html  

Discussion will continue by email.      
   
i031   Clarification for UsernameToken assertion 
Pending on Issue 30.  
   
i032  Hal Lockhart  WS-SP should permit Policy to specify the use of
keys derived from passwords  

ACTION 2006-03-08-04 Hal to provided a proposal for Issue 32 before Mar
15 meeting. 
   
i033  Prateek Mishra  Identify security header components that are
encrypted   
Pending email discussion since the Feb 22 meeting.
  
i034  Frederick Hirsch  Editorial comments on WS-Trust   
Change status to Pending.  Assigned to Editors.

i036  Frederick Hirsch  Clarify term pre-authentication

ACTION 2006-03-08-05 Frederick to provide alternative proposal for Issue
36 for the Mar 15 meeting.   

i037  Frederick Hirsch  Add element extensibility to
RequestSecurityTokenResponseCollection/IssuedTokens schema  

Proposal:
1) Insert before line 879:
/wst:RequestSecurityTokenResponseCollection/{any}
This is an extensibility mechanism to allow additional elements, based
on schemas, to be added. 

2) Insert before line 931
/wst:IssuedTokens/{any}
This is an extensibility mechanism to allow additional elements, based
on schemas, to be added. 

3) Update schema accordingly. 
(No change may be needed if the schema already indicates the open
content.)

Adopted unanimously.

Change status to Pending. Assigned to Editors. 
  
i038  Frederick Hirsch  Clarify that ComputedKey optional   

This issue asks the question:

"Can a computed key mechanism be implicit and not indicated with a
ComputedKey element? (lines 744, 757)"

Jan said the answer to this question is NO and the text should be
clarified.

ACTION 2006-03-08-06 Jan Alexander to supply clarifying text for Issue
038 before the Mar 22 meeting.

i039  Frederick Hirsch  Define URI for no-correlation anonymous context
case   

Jan Alexander suggested that we could close this issue with no change.
Frederick proposed to close this issue as currently formulated.  

Issue 039 is closed with no action.  Change status to Closed.
 
i040  Prateek Mishra  What values can be carried in a
/wst:RequestSecurityToken/wst:Claims element? 
http://lists.oasis-open.org/archives/ws-sx/200602/msg00117.html 

Prateek would like the "dialect" extensibility point to be described as
just that.  Note that the proposal in msg00117 is wrong.

ACTION 2006-03-08-07 Gudge will provide text to clarify the usage of
"dialect" for Issue 40 for the Mar 15 meeting.    
  
i041  Martin Raepple  Clarification on token propagation of SCT required

AI-2006-03-01-01 - Jan Alexander will provide a solution to Issue 41.
DONE.  See:
http://lists.oasis-open.org/archives/ws-sx/200603/msg00015.html  
See also:
http://lists.oasis-open.org/archives/ws-sx/200603/msg00022.html

Proposal:
- Sec. 3.3: Add a paragraph that explains how the requester uses
wsp:AppliesTo for Token Propagation if the STS has no prior knowledge of
which parties the requester needs a token for
- Sec. 3.3: Add an SCT request example that uses wst:AppliesTo for this
scenario

Adopted unanimously.  Change status to Pending. 

5. Other business 

None.

6. Adjournment 

The meeting adjourned at about 8:35am PST.

/paulc

Paul Cotton, Microsoft Canada
17 Eleanor Drive, Nepean, Ontario K2E 6A3
Tel: (613) 225-5445 Fax: (425) 936-7329
mailto:Paul.Cotton@microsoft.com

 





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]