[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] WS-SX TC Minutes, Oct 18 2006
[VER
2] Added roll, corrected date for last meeting’s minutes. Under discussion of
issue 101 changed “current proposal” to “original proposal”. WS-SX TC Minutes, Oct 18 2006 Thanks to Nortel for hosting the call. Summary of new Action Items: none 1. Call to order/roll call Status Change None Present: Jong Lee, BEA Systems, Inc.* Hal Lockhart, BEA Systems, Inc.* Denis Pilipchuk, BEA Systems, Inc.* Corinna Witt, BEA Systems, Inc.* Yakov Sverdlov, CA* Dana Kaufman, Forum Systems, Inc.* Toshihiro Nishimura, Fujitsu Limited* Greg Whitehead, Hewlett-Packard* Ching-Yun (C.Y.) Chao, IBM* Henry (Hyenvui) Chung, IBM* Heather Hinton, IBM* Kelvin Lawrence, IBM* Michael McIntosh, IBM* Anthony Nadalin, IBM* Ron Williams, IBM Mike Lyons, Layer 7 Technologies Inc.*
Jan Alexander, Microsoft Corporation* Greg Carpenter, Microsoft Corporation*
Paul Cotton, Microsoft Corporation* Colleen Evans, Microsoft Corporation* Vijay Gajjala, Microsoft Corporation* Marc Goodner, Microsoft Corporation* Martin Gudgin, Microsoft Corporation* Chris Kaler, Microsoft Corporation* Norman Brickman, Mitre Corporation* Frederick Hirsch, Nokia Corporation* Abbie Barbir, Nortel Networks Limited*
Lloyd Burch, Novell* Steve Carter, Novell* Rich Levinson, Oracle Corporation* Ashok Malhotra, Oracle Corporation* Prateek Mishra, Oracle Corporation* Martin Raepple, SAP AG* Tony Gullotta, SOA Software Inc.* Jiandong Guo, Sun Microsystems* Don Adams, Tibco Software Inc.* 2. Reading/Approving minutes of last meeting (Oct 11) http://lists.oasis-open.org/archives/ws-sx/200610/msg00027.html Adopted unanimously. 3. TC Logistics (10 minutes or less) No calls on Nov 22nd, Dec 20, 27. First call of 07 is Jan 3rd Nortel has graciously volunteered to host calls
until end of the year. 4. Issues list http://docs.oasis-open.org/ws-sx/issues/Issues.xml a) Review of action items AI-2006-10-04-02 - Marc to delve into TC document
organization issues and report back b) Issues in Review status None. c) New issues None. d) Active issues i066 - SecurityPolicy use cases Latest discussion: http://www.oasis-open.org/archives/ws-sx/200610/msg00033.html Explains assumptions on assumptions of using Trust
vs. proceesing models If this is acceptable then it can be used to clarify
text in the doc. i081 - Provide policy statements and associated URIs
that can be referenced from wsp:PolicyReference statements i090 - Description of Strict Formatting seems wrong
for EncryptedKey Current proposal: http://lists.oasis-open.org/archives/ws-sx/200609/msg00065.html
Hal’s response: http://www.oasis-open.org/archives/ws-sx/200610/msg00031.html Frederick’s response: http://www.oasis-open.org/archives/ws-sx/200610/msg00034.html Gudge’s position: http://www.oasis-open.org/archives/ws-sx/200610/msg00035.html Difference of opinion is around where we get
consistency from, 1.0 treatment of encrypted key vs. 1.1 treatment of tokens. Reference to encrypted key using 11 would need to be
treated as 1.1, 1.0 reference would be 1.0. This is only a problem for endpoints that accept
both 1.0 and 1.1. Endpoints that accept only one type would not need to do this
inspection. Where does this new requirement to not include encr
ref list? Treating it like any other token. The proposal does not change what WSS 1.1 says or what
SP already said, this is viewed by Gudge as a clarification of what is already
in both specs. Strict formatting has rules on how to process
tokens. Hal thinks convergence should be on treating encr
key the same between 1.0 and 1.1 Gudge thinks convergence should be on treating all
tokens the same, encr key is now a token in 1.1 Treat it as a special thing with the ref list or
treat it as any other token Line 868 of the core for WSS1.1, token references,
section 7; encrypted key is listed as a token. What about guideline of when using strict don’t
support multiple versions of WSS on the same endpoint? i101 - Need additional SamlToken Assertion Elements
for Holder-of-Key and Sender-Vouches Initial feedback was that this needed to be done out
of band That seemed to be to much burden on SAML There has been pushback on the implicit model in the
original proposal that was written in
response to feedback in the current proposal. Suggestion is to address this in use case document
rather than the spec. Next rev of use cases document will be in two weeks. i114 - Additional algorithm properties, assertions
and references needed If we want to support comments those should be other
assertions. Why would we want to support comments other than completeness?
Completeness. Could help as well if W3C introduces new cannocalization we would
be prepared. Why wouldn’t we just introduce a new algortithm bag in that case. What is item 3? Why do we want the things in item 4? Attempt to mirror what was in min profile. Why would that not be done in the min profile?
Because it doesn’t exist. Taking to email. i115 - Universal Encryption of UsernameToken (as
specified by Appendix D, d.4, 3.) seems wrong Why would you encrypt username with hashed password? To protect the username itself for privacy, guessing
attacks, weak key for the hash... Objection is to the always must encrypt rather than
using guidence in the policy Continue discussion on email. i116 - Is Appendix D Normative? Added as proposal for issue 33. Hal is going to take a pass at locating this advice
in the spec. Gudge suggests looking at the email thread between
himself and Prateek that constructed proposal for issue 33. PR001 - Question on WS-Trust sections 4.3.5 to 4.3.7 Proposal should be ready this week. f) Pending issues None. 5. Next steps We still have some open issues on the spec so we
need to close those before taking SP to CD. Greg discussed revised interop doc. Explicit failure
cases have been added. http://www.oasis-open.org/archives/ws-sx/200610/msg00036.html 6. AOB None. 7. Adjournment The meeting adjourned at 8:00am PST. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]