OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: WS-SX TC Minutes, Apr 19 2006


WS-SX TC Minutes, Apr 19 2006
 
Summary of new Action Items:
None.
 
1. Call to order/roll call
    
Present:
tbd
 
2. Reading/Approving minutes of last meeting (Apr 12)
http://lists.oasis-open.org/archives/ws-sx/200604/msg00064.html
 
Adopted unanimously.
 
3. TC Logistics (10 minutes or less)
 
4. Issues list
http://docs.oasis-open.org/ws-sx/issues/Issues.xml
    
a) Review of action items
AI-2006-03-29-01 - Gudge owes Prateek a response (to message 82) for issue 33.
Expected by Apr. 28, in time for call on May 3rd.
 
AI-2006-03-29-04 - Marc Goodner to update interop doc with resolution of issue 47 as part of merged interop doc.
Part of merge for May 3rd.
 
AI-2006-04-04-01 - Chris Kaler to provide advice on minimum acceptable lengths of P-SHA1 inputs for Issue 20.
Done.
 
AI-2006-04-04-03 - Tony Nadalin to identify possible issues for SecurityPolicy based on the changes proposed for Issue 52.
In progress.
 
AI-2006-04-04-04 - Jan Alexander and Martin Gudgin to identify possible issues for SecurityPolicy based on creation of the NoProofKey proposed in the solution to Issue 56.
Pending.
 
AI-2006-04-04-05 - Jan Alexander and Tony Nadalin to identify possible issues for WS-Trust's processing model for the changes made for Issue 57.
In progress.
 
AI-2006-04-04-06 - Jan Alexander to start a discussion about security considerations and a section about what this means for relying parties re the proposal adopted for Issue 060.
Pending. Should be done by next meeting.
 
AI-2006-04-04-07 - Marc Goodner with help from Prateek Mishra to create a merged interop scenarios document.
In progress.
 
AI-2006-04-04-08 - Marc Goodner with help from Prateek Mishra to document interop message flows based on a future revised version of SC/Trust.
In progress. 
Pratreek will post an update of the additional interop scenarios with complete flows today.
This will then be merged with the existing interop scenarios.
 
AI-2006-04-04-09 - Chairs to check with absent companies on their plans for SC/Trust interop.
In progress.
 
AI-2006-04-05-02 - Gudge to propose revised text for the description of sp:BootstrapPolicy for issue 53.
Done.
http://lists.oasis-open.org/archives/ws-sx/200604/msg00077.html
 
AI-2006-04-05-03 - Tony N and Frederick to consider adding batch facilities to SecureConversation as per Issue 64.
Pending. 
 
AI-2006-04-05-04 - Chairs to do further work on a F2F meeting time and location.
In progress.
One possible alternative to previous discussion is October.
Please provide any conflicts with a F2F in October to Chris and Kelvin.
 
AI-2006-04-12-01 - Prateek to review the text added per Issue 30 to see if its explains sufficiently how to use the extensibility of SP to describe token characteristics (related to Issue 31).
Pending.
 
AI-2006-04-12-02 - Symon Chang to make a proposal on how to describe the usage of the Username token re Issue 31.
In progress.
 
 
b) Issues in Review status
i041 - Clarification on token propagation of SCT required
 
i061 - Add wsc:Length attribute to the Implied derived key
 
i044 - What is an authorization token?
 
i052 - Add single request for multiple tokens
 
i056 - Add new Bearer Token KeyType
 
i057 - Final protocol message should always be an RSTRC
 
i058 - Validate binding should have a ValidateTarget
 
i059 - Final protocol message should have a distinct action
 
i060 - New binding for STS starting the token cancellation process
 
    
c) New issues
i067 - Resolving Policies if more than one SecureConversationToken is present
Accepted, assigned to Venu.
 
d) Active issues
 
i004 - Transitive closure spec dependencies
In progress.
 
i008 - Need well formed XML examples
In progress.
 
i020 - Describe minimum acceptable lengths for P_SHA1 inputs
 
http://lists.oasis-open.org/archives/ws-sx/200604/msg00073.html
Accepted, marked as pending.
Note: issue is on Trust and SC.
 
i031 - Clarification for UsernameToken assertion
Left for list discussion.
 
i033 - Identify security header components that are signed and/or encrypted
Pending AI-2006-03-29-01.
 
i048 - Binding Assertions should support Operation subjects
New proposals
From Tony G:
http://lists.oasis-open.org/archives/ws-sx/200604/msg00063.html
From Tony N:
http://lists.oasis-open.org/archives/ws-sx/200604/msg00065.html
 
Resolving to set one scope at a time. Need more work on the wording.
Need at least another week, should close on next weeks call.
 
i053 - Message parts to be protected using BootstrapPolicy
New proposal from Gudge:
http://lists.oasis-open.org/archives/ws-sx/200604/msg00077.html
Accepted, marked as pending.
 
i055 - Clarification on RequireDerivedKeys and X509Token under AsymmetricBinding
 
i064 - Should SecureConversation support batch semantics as created by Issue 52?
 
i065 - Permitting requestors to avoid recieving cancel messages
 
i066 - SecurityPolicy use cases
Assigned to Ashook.
 
 
f) Pending issues
i016 - sp:SignedParts mechanism
 
i018 - absolute XPath expressions
 
i030 - Need a mechanism to identify token assertions
 
i043 - Missing enumeration for validate request type in the RequestTypeEnumdefinition
 
i047 - Does IssuedTokenOverTransport require client-side digital signature?
 
i051 - sp:RequireDerivedKeys is underspecified
 
i063 - Error in the WS-SecurityPolicy Schema
 
Next SP update expected for Apr 28th.
 
5. AOB
 
None.
 
6. Adjournment
 
The meeting adjourned at 7:30 AM PST.


Marc Goodner
Technical Diplomat
Microsoft Corporation
Tel: (425) 703-1903
Blog: http://spaces.msn.com/mrgoodner/ 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]