[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [VER 2] WS-SX TC Minutes, Mar 08 2006
WS-SX TC Minutes, Mar 08 2006 VER 2: 1. Added roll call provided by Abbie. Summary of new Action items: ACTION 2005-03-08-01 Prateek Mishra to respond to Jan's message re Issue 10: http://lists.oasis-open.org/archives/ws-sx/200603/msg00016.html ACTION 2006-03-08-02 Mike to provide better description(s) and a complete proposal(s) for issue 016 and issue 017 by the F2F meeting. ACTION 2006-03-08-03 Werner and Gudge to work on a new proposal for Issue 27. ACTION 2006-03-08-04 Hal to provided a proposal for Issue 32 before Mar 15 meeting. ACTION 2006-03-08-05 Frederick to provide alternative proposal for Issue 36 for the Mar 15 meeting. ACTION 2006-03-08-06 Jan Alexander to supply clarifying text for Issue 038 before the Mar 22 meeting. ACTION 2006-03-08-07 Gudge will provide text to clarify the usage of "dialect" for Issue 40 for the Mar 15 meeting. 1. Call to order/roll call Present: Frank Siebenlist, Argonne National Laboratory* Jong Lee, BEA Systems, Inc.* Hal Lockhart, BEA Systems, Inc.* Denis Pilipchuk, BEA Systems, Inc.* Symon Chang, Blue Titan Software* Steve Anderson, BMC Software* Rich Levinson, Computer Associates* Yakov Sverdlov, Computer Associates* Dana Kaufman, Forum Systems, Inc.* Toshihiro Nishimura, Fujitsu Limited* Irving Reid, Hewlett-Packard* Greg Whitehead, Hewlett-Packard* Ching-Yun (C.Y.) Chao, IBM* Henry (Hyenvui) Chung, IBM* Heather Hinton, IBM* Kelvin Lawrence, IBM* Michael McIntosh, IBM* Anthony Nadalin, IBM* Scott Cantor, Internet2* Mike Lyons, Layer 7 Technologies Inc.* Kate Cherry, Lockheed Martin* Jan Alexander, Microsoft Corporation* Paul Cotton, Microsoft Corporation* Colleen Evans, Microsoft Corporation* Mark Fussell, Microsoft Corporation* Vijay Gajjala, Microsoft Corporation* Marc Goodner, Microsoft Corporation* Martin Gudgin, Microsoft Corporation* Chris Kaler, Microsoft Corporation* Asir Vedamuthu, Microsoft Corporation* Norman Brickman, Mitre Corporation* Jeff Hodges, Neustar, Inc.* Frederick Hirsch, Nokia Corporation* Abbie Barbir, Nortel Networks Limited* Paul Knight, Nortel Networks Limited* Lloyd Burch, Novell* Steve Carter, Novell* Howard Bae, Oracle Corporation* Ashok Malhotra, Oracle Corporation* Prateek Mishra, Oracle Corporation* Vamsi Motukuru, Oracle Corporation* Alex Hristov, Otecia Incorporated* John Hughes*, PA Consulting* Darren Platt, Ping Identity Corporation* Werner Dittmann, Siemens AG* Eve Maler, Sun Microsystems* Hans Granqvist, VeriSign * Phillip Hallam-Baker, VeriSign * 2. Reading/Approving minutes of last meeting (Mar 1) http://lists.oasis-open.org/archives/ws-sx/200603/msg00024.html Adopted unanimously. 3. F2F planning See information provided in: http://lists.oasis-open.org/archives/ws-sx/200602/msg00131.html ai-06 - Chairs to hold a F2F attendance ballot starting Mar 1 and closing at least two weeks before the F2F. DONE. See: http://www.oasis-open.org/apps/org/workgroup/ws-sx/ballot.php?id=963 So far only 43 members have voted. Kelvin asked for all voting members to reply ASAP. People that want to attend by phone should abstain on the current ballot. Kelvin said that there would be a speaker phone in the meeting room. Nortel offered a USA-based bridge for the first day of the meeting. We need someone else to offer to support the phone in for the second day or part of it. 4. Issues list http://docs.oasis-open.org/ws-sx/issues/Issues.xml a) Review of action items ai-09 - Editors to check that XPath examples in WS-SecurityPolicy are fully namespace qualified. Pending. AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 before F2F Pending. AI-2006-02-15-06 - Prateek to provide additional broader scenarios for at least WS-Trust. ETA is Mar 10. Pending. AI-2006-02-15-07 - TC members to come to the April F2F with data on when they would be ready to carry out SC/Trust interop. Pending. AI-2006-03-01-01 - Jan Alexander will provide a solution to Issue 41. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00015.html AI-2006-03-01-02 - Werner Dittman to give an example of a case for Issue 27 that is not sensible so that we can indicate that some cases do not make sense. Werner will propose specific change to SP to give guidance on the problem identified in Issue 27. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00020.html AI-2006-03-01-03 - Werner Dittman to work with Tony Nadalin to see if it would be useful to include Tony's UML diagram to clarify Issue 28. Pending. Progress has been made. AI-2006-03-01-04 - Werner Dittman, Tony Gillotta and Gudge will prepare a proposal to add some text to describe how to extend token assertions for Issue 30. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00029.html b) Issues in Review status None. c) New issues i043 Missing enumeration for validate request type in the RequestTypeEnumdefinition http://lists.oasis-open.org/archives/ws-sx/200603/msg00019.html WS-Trust uses the missing URI: >For this binding, the <RequestType> element contains the following URI: http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate Proposal in this issue is adopted unanimously. Change status to Pending. i044 What is an authorization token? http://lists.oasis-open.org/archives/ws-sx/200603/msg00030.html Paul Cotton pointed out that WS-Trust Section 4.3.1 "Zero or One Proof-of-Possession Token Case" gives an example of an "authorization token". Change status to Active. Owner is Tony Nadalin. d) Active issues i004 Paul Cotton Transitive closure spec dependencies Pending. Due before F2F. i008 Editors Need well formed XML examples Pending. i010 Prateek Mishra Proof of possesion for security intermediaries Jan Alexander's reply is in: http://lists.oasis-open.org/archives/ws-sx/200603/msg00016.html ACTION 2005-03-08-01 Prateek Mishra to respond to Jan's message re Issue 10: http://lists.oasis-open.org/archives/ws-sx/200603/msg00016.html i016 Michael McIntosh sp:SignedParts mechanism ACTION 2006-03-08-02 Mike to provide better description(s) and a complete proposal(s) for issue 016 and issue 017 by the F2F meeting. i018 Michael McIntosh absolute XPath expressions ACTION 2006-03-08-02 Mike to provide better description(s) and a complete proposal(s) for issue 016 and issue 017 by the F2F meeting. i020 Describe minimum acceptable lengths for P_SHA1 inputs AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 before F2F Pending. i027 When to include a token? AI-2006-03-01-02 - Werner Dittman to give an example of a case for Issue 27 that is not sensible so that we can indicate that some cases do not make sense. Werner will propose specific change to SP to give guidance on the problem identified in Issue 27. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00020.html "A token assertion may carry a sp:IncludeToken attribute that requires to include a token in the message. To support this type of token inclusion the Web Service Security specifications [WSS10] define the wsse:BinarySecurityToken element that holds the included token." Gudge pointed out that the above text does not work for a SAML token. Werner agreed that we need more generic wording in the second sentence. "A policy shall use either token inclusion or token reference." Gudge suggested that the above text is not correct since a policy could say to include the token and to always refer to it via a thumbprint. Gudge suggested that Werner was trying to say "Using the Requirexxx assertion only makes sense when the tokens are not in the message." ACTION 2006-03-08-03 Werner and Gudge to work on a new proposal for Issue 27. i028 Multiple supporting tokens of the same type? AI-2006-03-01-03 - Werner Dittman to work with Tony Nadalin to see if it would be useful to include Tony's UML diagram to clarify Issue 28. Pending. i030 Need a mechanism to identify token assertions AI-2006-03-01-04 - Werner Dittman, Tony Gillotta and Gudge will prepare a proposal to add some text to describe how to extend token assertions for Issue 30. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00029.html Discussion will continue by email. i031 Clarification for UsernameToken assertion Pending on Issue 30. i032 Hal Lockhart WS-SP should permit Policy to specify the use of keys derived from passwords ACTION 2006-03-08-04 Hal to provided a proposal for Issue 32 before Mar 15 meeting. i033 Prateek Mishra Identify security header components that are encrypted Pending email discussion since the Feb 22 meeting. i034 Frederick Hirsch Editorial comments on WS-Trust Change status to Pending. Assigned to Editors. i036 Frederick Hirsch Clarify term pre-authentication ACTION 2006-03-08-05 Frederick to provide alternative proposal for Issue 36 for the Mar 15 meeting. i037 Frederick Hirsch Add element extensibility to RequestSecurityTokenResponseCollection/IssuedTokens schema Proposal: 1) Insert before line 879: /wst:RequestSecurityTokenResponseCollection/{any} This is an extensibility mechanism to allow additional elements, based on schemas, to be added. 2) Insert before line 931 /wst:IssuedTokens/{any} This is an extensibility mechanism to allow additional elements, based on schemas, to be added. 3) Update schema accordingly. (No change may be needed if the schema already indicates the open content.) Adopted unanimously. Change status to Pending. Assigned to Editors. i038 Frederick Hirsch Clarify that ComputedKey optional This issue asks the question: "Can a computed key mechanism be implicit and not indicated with a ComputedKey element? (lines 744, 757)" Jan said the answer to this question is NO and the text should be clarified. ACTION 2006-03-08-06 Jan Alexander to supply clarifying text for Issue 038 before the Mar 22 meeting. i039 Frederick Hirsch Define URI for no-correlation anonymous context case Jan Alexander suggested that we could close this issue with no change. Frederick proposed to close this issue as currently formulated. Issue 039 is closed with no action. Change status to Closed. i040 Prateek Mishra What values can be carried in a /wst:RequestSecurityToken/wst:Claims element? http://lists.oasis-open.org/archives/ws-sx/200602/msg00117.html Prateek would like the "dialect" extensibility point to be described as just that. Note that the proposal in msg00117 is wrong. ACTION 2006-03-08-07 Gudge will provide text to clarify the usage of "dialect" for Issue 40 for the Mar 15 meeting. i041 Martin Raepple Clarification on token propagation of SCT required AI-2006-03-01-01 - Jan Alexander will provide a solution to Issue 41. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00015.html See also: http://lists.oasis-open.org/archives/ws-sx/200603/msg00022.html Proposal: - Sec. 3.3: Add a paragraph that explains how the requester uses wsp:AppliesTo for Token Propagation if the STS has no prior knowledge of which parties the requester needs a token for - Sec. 3.3: Add an SCT request example that uses wst:AppliesTo for this scenario Adopted unanimously. Change status to Pending. 5. Other business None. 6. Adjournment The meeting adjourned at about 8:35am PST. /paulc Paul Cotton, Microsoft Canada 17 Eleanor Drive, Nepean, Ontario K2E 6A3 Tel: (613) 225-5445 Fax: (425) 936-7329 mailto:Paul.Cotton@microsoft.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]