OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [VER 2] WS-SX TC Minutes, Apr 26 2006


WS-SX TC Minutes, Apr 26 2006

[VER 2] Corrected date from Apr 19 to 26.

We are grateful to Tibco for sponsoring this call.

Summary of new Action Items:
tbd

1. Call to order/roll call
    
Present:
tbd

2. Reading/Approving minutes of last meeting (Apr 19)
http://lists.oasis-open.org/archives/ws-sx/200604/msg00080.html

Adopted unanimously.

3. TC Logistics (10 minutes or less)
OASIS Symposium is upcoming, we are not meeting there. Hal has
volunteered to represent us at this meeting. No objections.

4. Issues list
http://docs.oasis-open.org/ws-sx/issues/Issues.xml
    
a) Review of action items
AI-2006-03-29-01 - Gudge owes Prateek a response (to message 82) for
issue 33.
By end of this week.

AI-2006-03-29-04 - Marc Goodner to update interop doc with resolution of
issue 47 as part of merged interop doc.

In progress. Expect by end of week.

AI-2006-04-04-03 - Tony Nadalin to identify possible issues for
SecurityPolicy based on the changes proposed for Issue 52.

In progress.

AI-2006-04-04-04 - Jan Alexander and Martin Gudgin to identify possible
issues for SecurityPolicy based on creation of the NoProofKey proposed
in the solution to Issue 56.

Expect by May 12th.

AI-2006-04-04-05 - Jan Alexander and Tony Nadalin to identify possible
issues for WS-Trust's processing model for the changes made for Issue
57.

Closed with no action.

AI-2006-04-04-06 - Jan Alexander to start a discussion about security
considerations and a section about what this means for relying parties
re the proposal adopted for Issue 060.

Done.
http://lists.oasis-open.org/archives/ws-sx/200604/msg00083.html

AI converted to issue 68, proposal accepted, issue marked as pending

AI-2006-04-04-07 - Marc Goodner with help from Prateek Mishra to create
a merged interop scenarios document.

In progress. Expect by end of week.

AI-2006-04-04-08 - Marc Goodner with help from Prateek Mishra to
document interop message flows based on a future revised version of
SC/Trust.

In progress. Expect by end of week in merged scenarios doc.

Prateek has added message flows for his SAML 1.1 scenarios here: 
http://lists.oasis-open.org/archives/ws-sx/200604/msg00087.html

AI-2006-04-04-09 - Chairs to check with absent companies on their plans
for SC/Trust interop.

No updates.

AI-2006-04-05-03 - Tony N and Frederick to consider adding batch
facilities to SecureConversation as per Issue 64.

In progress.

AI-2006-04-05-04 - Chairs to do further work on a F2F meeting time and
location.

Still waiting on input from TC members on potential conflicts. Halloween
noted.

AI-2006-04-12-01 - Prateek to review the text added per Issue 30 to see
if its explains sufficiently how to use the extensibility of SP to
describe token characteristics (related to Issue 31).

Pending, will be done after interop doc. Estimate May 10th.

AI-2006-04-12-02 - Symon Chang to make a proposal on how to describe the
usage of the Username token re Issue 31.


b) Issues in Review status
SC rev 05
http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/17733/ws
-secureconversation-1.3-spec-ed-01-r05-diff.doc

Unchanged from last week.

Trust rev 06
http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/17848/ws
-trust-1%5B1%5D.3-spec-ed-01-r06-diff.doc

Updated XML examples.
Added nits from Frederick:
http://lists.oasis-open.org/archives/ws-sx/200604/msg00078.html

i041 - Clarification on token propagation of SCT required

i044 - What is an authorization token?

i052 - Add single request for multiple tokens

i056 - Add new Bearer Token KeyType

i057 - Final protocol message should always be an RSTRC

i058 - Validate binding should have a ValidateTarget

i059 - Final protocol message should have a distinct action

i060 - New binding for STS starting the token cancellation process

i061 - Add wsc:Length attribute to the Implied derived key

All review issues above moved to closed.
    
c) New issues

  None.


d) Active issues

i004 - Transitive closure spec dependencies

i008 - Need well formed XML examples

i031 - Clarification for UsernameToken assertion

See AI-2006-04-12-01 and AI-2006-04-12-02.

i033 - Identify security header components that are signed and/or
encrypted

See AI-2006-03-29-01.

i048 - Binding Assertions should support Operation subjects

i055 - Clarification on RequireDerivedKeys and X509Token under
AsymmetricBinding

i064 - Should SecureConversation support batch semantics as created by
Issue 52?

See AI-2006-04-05-03.

i065 - Permitting requestors to avoid recieving cancel messages

i066 - SecurityPolicy use cases

i067 - Resolving Policies if more than one SecureConversationToken is
present



f) Pending issues
Marc to review below statuses below with Gudge, some may already be in
current draft of SP.

i016 - sp:SignedParts mechanism

i018 - absolute XPath expressions

i020 - Describe minimum acceptable lengths for P_SHA1 inputs

i030 - Need a mechanism to identify token assertions

i043 - Missing enumeration for validate request type in the
RequestTypeEnumdefinition

i047 - Does IssuedTokenOverTransport require client-side digital
signature?

Will be done as part of AI-2006-03-29-04.

i051 - sp:RequireDerivedKeys is underspecified

i053 - Message parts to be protected using BootstrapPolicy

i063 - Error in the WS-SecurityPolicy Schema



5. AOB

None.

6. Adjournment

The meeting adjourned at 7:30 AM PST.


Marc Goodner
Technical Diplomat
Microsoft Corporation
Tel: (425) 703-1903
Blog: http://spaces.msn.com/mrgoodner/ 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]