[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [VER 2] WS-SX TC Minutes, Mar 22 2006
WS-SX TC Minutes, Mar 22 2006 [VER 2] Added roll call provided by Abbie. Summary of new Action items: ACTION 2006-03-22-01 Tony Nadalin to provide information on where the UML generated schema might be more restrictive than the SP schema. ACTION 2006-03-22-02 Prateek Mishra to expand his additional scenarios to define the message RSTR's for the Bearer Assertion and HoK Assertions and to show where they are actually different. 1. Call to order/roll call Present: Frank Siebenlist, Argonne National Laboratory* Jong Lee, BEA Systems, Inc.* Hal Lockhart, BEA Systems, Inc.* Denis Pilipchuk, BEA Systems, Inc.* Corinna Witt, BEA Systems, Inc.* Symon Chang, Blue Titan Software* Rich Levinson, Computer Associates* Yakov Sverdlov, Computer Associates* Dana Kaufman, Forum Systems, Inc.* Toshihiro Nishimura, Fujitsu Limited* Irving Reid, Hewlett-Packard* Greg Whitehead, Hewlett-Packard* Ching-Yun (C.Y.) Chao, IBM* Henry (Hyenvui) Chung, IBM* Heather Hinton, IBM* Kelvin Lawrence, IBM* Michael McIntosh, IBM* Anthony Nadalin, IBM* Mike Lyons, Layer 7 Technologies Inc.* Kate Cherry, Lockheed Martin* Jan Alexander, Microsoft Corporation* Paul Cotton, Microsoft Corporation* Colleen Evans, Microsoft Corporation* Mark Fussell, Microsoft Corporation* Vijay Gajjala, Microsoft Corporation* Marc Goodner, Microsoft Corporation* Martin Gudgin, Microsoft Corporation* Chris Kaler, Microsoft Corporation* Jonathan Marsh, Microsoft Corporation* Asir Vedamuthu, Microsoft Corporation* Norman Brickman, Mitre Corporation* Frederick Hirsch, Nokia Corporation* Abbie Barbir, Nortel Networks Limited* Paul Knight, Nortel Networks Limited* Lloyd Burch, Novell* Howard Bae, Oracle Corporation* Prateek Mishra, Oracle Corporation* Vamsi Motukuru, Oracle Corporation* Alex Hristov, Otecia Incorporated* John Hughes*, PA Consulting* Martin Raepple, SAP AG* Tony Gullotta, SOA Software Inc.* Jiandong Guo, Sun Microsystems* Eve Maler, Sun Microsystems* Don Adams, Tibco Software Inc.* 2. Reading/Approving minutes of last meeting (Mar 15) http://lists.oasis-open.org/archives/ws-sx/200603/msg00041.html Adopted unanimously. 3. F2F planning See information provided in: http://lists.oasis-open.org/archives/ws-sx/200602/msg00131.html There were no questions about the F2F arrangements. Kelvin reminders re F2F: a) The ballot is still open and members should continue to update their attendance status. b) Two companies have offered a bridge number (Nortel, Nokia) to cover 1/2 day each. BEA offered during the meeting to host 1/2 day of bridge support. We need a bridge with about 20-25 lines. Nortel will do the whole first day. Nokia will do the second day AM and BEA will the second day PM. c) WSS TC meets at 9-11am (Austin time). Currently WSS TC is planning to meet 9-10am (Austin time) and therefore the WS-SX F2F will meet at 10am-5pm on Tue and 9am-5pm on the second day. d) We do expect to have quorum at the F2F meeting. 4. Issues list http://docs.oasis-open.org/ws-sx/issues/Issues.xml a) Review of action items ai-09 - Editors to check that XPath examples in WS-SecurityPolicy are fully namespace qualified. In Progress. AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 before F2F Pending. AI-2006-02-15-06 - Prateek to provide additional broader scenarios for at least WS-Trust. ETA is Mar 10. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00077.html AI-2006-02-15-07 - TC members to come to the April F2F with data on when they would be ready to carry out SC/Trust interop. Pending. AI-2006-03-01-03 - Werner Dittman to work with Tony Nadalin to see if it would be useful to include Tony's UML diagram to clarify Issue 28. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00079.html AI-2005-03-08-02 - Mike to provide better description(s) and a complete proposal(s) for issue 016 and issue 017 by the F2F meeting. Pending. AI-2005-03-08-05 - Frederick to provide alternative proposal for Issue 36 for the Mar 15 meeting. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00034.html AI-2005-03-08-06 - Jan Alexander to supply clarifying text for Issue 038 before the Mar 22 meeting. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00078.html ACTION 2005-03-15-01 Gudge and Prateek to draft a new section "Guidance on creating New Token Assertions and Token Assertion Extensibility" for review by the TC. Pending. Originated from Issue 46 and now related to Issue 30. ACTION 2005-03-15-02 Marc to version the Interop document and to store it in an Interop scenarios document folder. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00076.html ACTION 2005-03-15-03 Gudge will reply to the thread on Issue 030 before the Mar 22 meeting. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00068.html b) Issues in Review status I021 Correct section numbers in SP http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i021 Marc has provided a revised document. See: http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/17050/ws -securitypolicy-1.2-spec-ed-01-r04.doc ACTION 2005-03-15-02 Marc to version the Interop document and to store it in an Interop scenarios document folder. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00076.html These changes were adopted unanimously. Change Issue 21 status to Closed. c) New issues None. d) Active issues i004 Paul Cotton Transitive closure spec dependencies Pending. Due before F2F. i008 Editors Need well formed XML examples Pending. i016 Michael McIntosh sp:SignedParts mechanism ACTION 2006-03-08-02 Mike to provide better description(s) and a complete proposal(s) for issue 016 and issue 017 by the F2F meeting. Pending. i018 Michael McIntosh absolute XPath expressions ACTION 2006-03-08-02 Mike to provide better description(s) and a complete proposal(s) for issue 016 and issue 017 by the F2F meeting. Pending. i020 Describe minimum acceptable lengths for P_SHA1 inputs AI-2006-02-15-04 - Prateek to propose resolution to Issue 20 before F2F Pending. i028 Werner Dittmann Multiple supporting tokens of the same type? AI-2006-03-01-03 - Werner Dittman to work with Tony Nadalin to see if it would be useful to include Tony's UML diagram to clarify Issue 28. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00079.html Paul C pointed out that the document includes a new SP schema generated from the UML model. Tony N noted that the supplied UML generated schema was more restrictive than the current SP schema. Chris Kaler asked if SP messages would be valid against the UML generated schema if they were valid against the SP schema. Tony said that some messages might not be valid. ACTION 2006-03-22-01 Tony Nadalin to provide information on where the UML generated schema might be more restrictive than the SP schema. Chris also asked if a message that was valid under the UML schema would be valid under the SP schema. Tony indicated that the answer to this was Yes. The TC agreeded that it needed time to review the UML model and the supplied UML schema. i030 Need a mechanism to identify token assertions AI-2006-03-01-04 - Werner Dittman, Tony Gillotta and Gudge will prepare a proposal to add some text to describe how to extend token assertions for Issue 30. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00029.html ACTION 2005-03-15-03 Gudge will reply to the thread on Issue 030 before the Mar 22 meeting. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00068.html No further action is needed on the above. This is covered by the following pending action item: ACTION 2005-03-15-01 Gudge and Prateek to draft a new section "Guidance on creating New Token Assertions and Token Assertion Extensibility" for review by the TC. Pending. Originated from Issue 46 and now related to Issue 30. i031 Clarification for UsernameToken assertion Pending on Issue 30. Gudge and Werner are discussing this by email: http://lists.oasis-open.org/archives/ws-sx/200603/msg00081.html and Gudge noted that they are not saying anything different. i033 Prateek Mishra Identify security header components that are encrypted Pending email discussion since the Feb 22 meeting. Gudge's reply: http://lists.oasis-open.org/archives/ws-sx/200603/msg00071.html Prateek's reply: http://lists.oasis-open.org/archives/ws-sx/200603/msg00082.html The proposed new issue title is "Identify security header components that are signed and/or encrypted". This discussion will continue by email. i036 Frederick Hirsch Clarify term pre-authentication AI-2005-03-08-05 - Frederick to provide alternative proposal for Issue 36 for the Mar 15 meeting. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00034.html The message includes a proposed change to WS-Trust. Adopted unanimously. Change Status to Pending. Assigned to Editors. i038 Frederick Hirsch Clarify that ComputedKey optional AI-2005-03-08-06 - Jan Alexander to supply clarifying text for Issue 038 before the Mar 22 meeting. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00078.html The message includes a proposed change to WS-Trust. Adopted unanimously. Change Status to Pending. Assigned to Editors. i044 Tony Nadalin What is an authorization token? Pending email discussion. We need definition that can be referenced from the terminology section. i048 Binding Assertions should support Operation subjects http://lists.oasis-open.org/archives/ws-sx/200603/msg00059.html Tony Gullota's proposal: http://lists.oasis-open.org/archives/ws-sx/200603/msg00065.html Gudge's response: http://lists.oasis-open.org/archives/ws-sx/200603/msg00080.html Tony said that customers seem to what to work at the operation level. This occurs when customers are integrating different back ends which have different operational requirements. Tony is not convinced that SP should prohibit this. Hal asked for more time to think about this. TC to continue by email discussion. Hal asked Tony to give a more specific scenario of what his customers are doing. Tony is not expecting a difference from asymmetric and symmetric but is expecting differences to occur in the kind of token used. e) Pending Issues None completed. See item 5. b) below. 5. Other business a) Scenarios document AI-2006-02-15-06 - Prateek to provide additional broader scenarios for at least WS-Trust. ETA is Mar 10. DONE. See: http://lists.oasis-open.org/archives/ws-sx/200603/msg00077.html The additional scenarios included are: (1) Issue SAML Bearer Assertion (SAML 1.1/SAML 2.0) using WS-Trust STS; RST message protected by UserNameToken (2) Issue SAML HoK Assertion (SAML 1.1/SAML 2.0) bound to X.509v3 Client-Certificate using WS-Trust STS; RST message protected by bilateral SSL. (3) Issue SAML HoK Assertion (SAML 2.0) bound to SCT using WS-Trust and WS-SecureConversation. Chris Kaler wanted to know which how these scenarios were testing WS-Trust. Chris wanted to know what new data we learned from the "Issue SAML Hok Assertion" if we had already done the "Issue SAML Bearer Assertion" scenario. Prateek agreed that this was a good question and Prateek needs to look at the message RST to see if they are actually different. ACTION 2006-03-22-02 Prateek Mishra to expand his additional scenarios to define the message RSTR's for the Bearer Assertion and HoK Assertions and to show where they are actually different. To be discussed more by email. b) Updated specification documents Gudge has done all the SP changes except Issue 9. He is planning to complete this by Monday and will post a revised SP document on Mar 27. 6. Adjournment The meeting ended with a test of the Nortel sound effects: >Nortel bridge AUDIO EMOTICONS >(may be disabled if used disruptively) >code: 2, followed by: >0 = clapping, 1 = booing, 2 = laughing >3 = punch, 4 = crying, 5 = boing >6 = slap, 7 = snoring, 8 = surrounded >9 = jungle yell The meeting adjourned at about 11:20am EST. /paulc Paul Cotton, Microsoft Canada 17 Eleanor Drive, Nepean, Ontario K2E 6A3 Tel: (613) 225-5445 Fax: (425) 936-7329 mailto:Paul.Cotton@microsoft.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]