OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [ws-sx] WS-SX TC Minutes, Mar 22 2006


Paul, Tony:

Would it also make sense to note that there are several things possible in
UML 2.0 CVD's that are not possible to reflect using XML 1.0?  For example,
cardinality of an attribute is not possible given each XML attribute used
must be unique for any given element.  Qnames may help but there are
differing results depending upon the parser used.

My $0.02 CAD: if we use UML to illustrate a schema, I would prefer it be
constrained to a stereotype which is easily ported to XML.

Duane

*******************************
Adobe Systems, Inc. - http://www.adobe.com
Vice Chair - UN/CEFACT  http://www.uncefact.org/
Chair - OASIS SOA Reference Model Technical Committee
Personal Blog - http://technoracle.blogspot.com/
******************************* 


-----Original Message-----
From: Paul Cotton [mailto:Paul.Cotton@microsoft.com] 
Sent: Wednesday, March 22, 2006 8:25 AM
To: ws-sx@lists.oasis-open.org
Cc: Marc Goodner
Subject: [ws-sx] WS-SX TC Minutes, Mar 22 2006

WS-SX TC Minutes, Mar 22 2006

 

Summary of new Action items:

 

ACTION 2006-03-22-01 Tony Nadalin to provide information on where the UML
generated schema might be more restrictive than the SP schema.

 

ACTION 2006-03-22-02 Prateek Mishra to expand his additional scenarios to
define the message RSTR's for the Bearer Assertion and HoK Assertions and to
show where they are actually different.

 

1. Call to order/roll call

 

Present:

<to be supplied>

 

2. Reading/Approving minutes of last meeting (Mar 15)

http://lists.oasis-open.org/archives/ws-sx/200603/msg00041.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00041.html> 

 

Adopted unanimously.

 

3. F2F planning 

See information provided in:

http://lists.oasis-open.org/archives/ws-sx/200602/msg00131.html 

 

There were no questions about the F2F arrangements.

 

Kelvin reminders re F2F:

a) The ballot is still open and members should continue to update their
attendance status.

 

b) Two companies have offered a bridge number (Nortel, Nokia) to cover 1/2
day each.  BEA offered during the meeting to host 1/2 day of bridge support.


We need a bridge with about 20-25 lines.

 

Nortel will do the whole first day.  Nokia will do the second day AM and BEA
will the second day PM.

 

c) WSS TC meets at 9-11am (Austin time).  Currently WSS TC is planning to
meet 9-10am (Austin time) and therefore the WS-SX F2F will meet at 10am-5pm
on Tue and 9am-5pm on the second day.  

 

d) We do expect to have quorum at the F2F meeting.

 

4. Issues list 

http://docs.oasis-open.org/ws-sx/issues/Issues.xml

 

a) Review of action items

 

ai-09 - Editors to check that XPath examples in WS-SecurityPolicy are

fully namespace qualified.

In Progress.

 

AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 before F2F

Pending. 

 

AI-2006-02-15-06 - Prateek to provide additional broader scenarios for

at least WS-Trust. ETA is Mar 10. 

DONE. See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00077.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00077.html> 

 

AI-2006-02-15-07 - TC members to come to the April F2F with data on when

they would be ready to carry out SC/Trust interop.

Pending. 

 

AI-2006-03-01-03 - Werner Dittman to work with Tony Nadalin to see if it

would be useful to include Tony's UML diagram to clarify Issue 28. 

DONE.  See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00079.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00079.html> 

 

AI-2005-03-08-02 - Mike to provide better description(s) and a complete

proposal(s) for issue 016 and issue 017 by the F2F meeting. 

Pending.

 

AI-2005-03-08-05 - Frederick to provide alternative proposal for Issue

36 for the Mar 15 meeting.

DONE.  See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00034.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00034.html> 

 

AI-2005-03-08-06 - Jan Alexander to supply clarifying text for Issue 038

before the Mar 22 meeting.

DONE.  See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00078.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00078.html>   

 

ACTION 2005-03-15-01 Gudge and Prateek to draft a new section "Guidance on
creating New Token Assertions and Token Assertion Extensibility" for review
by the TC.

Pending.  Originated from Issue 46 and now related to Issue 30.

 

ACTION 2005-03-15-02 Marc to version the Interop document and to store it in
an Interop scenarios document folder.

DONE. See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00076.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00076.html> 

 

ACTION 2005-03-15-03 Gudge will reply to the thread on Issue 030 before

the Mar 22 meeting. 

DONE. See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00068.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00068.html> 

 

b) Issues in Review status

 

I021 Correct section numbers in SP 

http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i021 

Marc has provided a revised document.  See:

http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/17050/ws

-securitypolicy-1.2-spec-ed-01-r04.doc

 

ACTION 2005-03-15-02 Marc to version the Interop document and to store it in
an Interop scenarios document folder.

DONE. See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00076.html

 

These changes were adopted unanimously.

 

Change Issue 21 status to Closed.

 

c) New issues

      

None.

 

d) Active issues

 

i004  Paul Cotton  Transitive closure spec dependencies 

Pending. Due before F2F.

  

i008  Editors  Need well formed XML examples   

Pending.

 

i016  Michael McIntosh  sp:SignedParts mechanism 

 

ACTION 2006-03-08-02 Mike to provide better description(s) and a

complete proposal(s) for issue 016 and issue 017 by the F2F meeting.

Pending. 

  

i018  Michael McIntosh  absolute XPath expressions   

 

ACTION 2006-03-08-02 Mike to provide better description(s) and a

complete proposal(s) for issue 016 and issue 017 by the F2F meeting. 

Pending.

  

i020   Describe minimum acceptable lengths for P_SHA1 inputs   

 

AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 before F2F 

Pending.  

 

i028  Werner Dittmann  Multiple supporting tokens of the same type?

 

AI-2006-03-01-03 - Werner Dittman to work with Tony Nadalin to see if it

would be useful to include Tony's UML diagram to clarify Issue 28. 

DONE.  See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00079.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00079.html> 

 

Paul C pointed out that the document includes a new SP schema generated from
the UML model.  Tony N noted that the supplied UML generated schema was more
restrictive than the current SP schema.  Chris Kaler asked if SP messages
would be valid against the UML generated schema if they were valid against
the SP schema.  Tony said that some messages might not be valid.

 

ACTION 2006-03-22-01 Tony Nadalin to provide information on where the UML
generated schema might be more restrictive than the SP schema.

 

Chris also asked if a message that was valid under the UML schema would be
valid under the SP schema.  Tony indicated that the answer to this was Yes.

 

The TC agreeded that it needed time to review the UML model and the supplied
UML schema.

 

i030   Need a mechanism to identify token assertions   

 

AI-2006-03-01-04 - Werner Dittman, Tony Gillotta and Gudge will prepare

a proposal to add some text to describe how to extend token assertions

for Issue 30. 

DONE. See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00029.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00029.html>     

 

ACTION 2005-03-15-03 Gudge will reply to the thread on Issue 030 before

the Mar 22 meeting. 

DONE. See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00068.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00068.html> 

 

No further action is needed on the above.  This is covered by the following
pending action item:

 

ACTION 2005-03-15-01 Gudge and Prateek to draft a new section "Guidance on
creating New Token Assertions and Token Assertion Extensibility" for review
by the TC.

Pending.  Originated from Issue 46 and now related to Issue 30.

 

i031   Clarification for UsernameToken assertion 

Pending on Issue 30.  

 

Gudge and Werner are discussing this by email:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00081.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00081.html> 

and Gudge noted that they are not saying anything different.

   

i033  Prateek Mishra  Identify security header components that are

encrypted   

Pending email discussion since the Feb 22 meeting.

 

Gudge's reply:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00071.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00071.html>  

Prateek's reply:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00082.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00082.html>  

 

The proposed new issue title is "Identify security header components that
are signed and/or encrypted". 

 

This discussion will continue by email.

 

i036  Frederick Hirsch  Clarify term pre-authentication

 

AI-2005-03-08-05 - Frederick to provide alternative proposal for Issue

36 for the Mar 15 meeting.

DONE.  See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00034.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00034.html> 

 

The message includes a proposed change to WS-Trust.

 

Adopted unanimously.

 

Change Status to Pending.  Assigned to Editors.

  

i038  Frederick Hirsch  Clarify that ComputedKey optional 

 

AI-2005-03-08-06 - Jan Alexander to supply clarifying text for Issue 038

before the Mar 22 meeting.

DONE.  See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00078.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00078.html>     

 

The message includes a proposed change to WS-Trust.

 

Adopted unanimously.

 

Change Status to Pending.  Assigned to Editors.

  

i044  Tony Nadalin  What is an authorization token? 

 

Pending email discussion.   We need definition that can be referenced from
the terminology section.

 

i048   Binding Assertions should support Operation subjects  

http://lists.oasis-open.org/archives/ws-sx/200603/msg00059.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00059.html> 

 

Tony Gullota's proposal:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00065.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00065.html>  

Gudge's response:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00080.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00080.html>  

 

Tony said that customers seem to what to work at the operation level.  This
occurs when customers are integrating different back ends which have
different operational requirements.  Tony is not convinced that SP should
prohibit this.

 

Hal asked for more time to think about this.  TC to continue by email
discussion.  Hal asked Tony to give a more specific scenario of what his
customers are doing.  Tony is not expecting a difference from asymmetric and
symmetric but is expecting differences to occur in the kind of token used.

 

e) Pending Issues

 

None completed.  See item 5. b) below.

 

5. Other business 

 

a) Scenarios document

 

AI-2006-02-15-06 - Prateek to provide additional broader scenarios for

at least WS-Trust. ETA is Mar 10. 

DONE. See:

http://lists.oasis-open.org/archives/ws-sx/200603/msg00077.html
<http://lists.oasis-open.org/archives/ws-sx/200603/msg00077.html> 

 

The additional scenarios included are:

 

(1) Issue SAML Bearer Assertion (SAML 1.1/SAML 2.0) using WS-Trust STS; 

RST message protected by UserNameToken

 

(2) Issue SAML HoK Assertion (SAML 1.1/SAML 2.0) bound to X.509v3 

Client-Certificate using WS-Trust STS; RST message protected by 

bilateral SSL.

 

(3) Issue SAML HoK Assertion (SAML 2.0) bound to SCT using WS-Trust and 

WS-SecureConversation. 

 

Chris Kaler wanted to know which how these scenarios were testing WS-Trust.
Chris wanted to know what new data we learned from the "Issue SAML Hok
Assertion" if we had already done the "Issue SAML Bearer Assertion"
scenario.  Prateek agreed that this was a good question and Prateek needs to
look at the message RST to see if they are actually different.

 

ACTION 2006-03-22-02 Prateek Mishra to expand his additional scenarios to
define the message RSTR's for the Bearer Assertion and HoK Assertions and to
show where they are actually different.

 

To be discussed more by email.

 

b) Updated specification documents

 

Gudge has done all the SP changes except Issue 9.  He is planning to
complete this by Monday and will post a revised SP document on Mar 27.

 

6. Adjournment 

 

The meeting ended with a test of the Nortel sound effects:

 

>Nortel bridge AUDIO EMOTICONS

>(may be disabled if used disruptively)

>code: 2, followed by:

>0 = clapping, 1 = booing, 2 = laughing

>3 = punch, 4 = crying, 5 = boing

>6 = slap, 7 = snoring, 8 = surrounded

>9 = jungle yell

 

The meeting adjourned at about 11:20am EST.

 

/paulc

 

Paul Cotton, Microsoft Canada

17 Eleanor Drive, Nepean, Ontario K2E 6A3

Tel: (613) 225-5445 Fax: (425) 936-7329

mailto:Paul.Cotton@microsoft.com

 

 

 

 

 

smime.p7s



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]