WS-SX TC Minutes, February 14 2007
Summary of new Action Items:
AI-2006-02-14-01: Apropos of the Feb 14 discussion of issue PR021, BEA (Hal/Symon)will send email to the W3C WS-Policy WG informing them of WS-SX TC’s finding regarding the mixing of WS-policy Versions in nested assertions. The email should include a
link to the minutes of the WS-WX meeting minutes of February 14, 2007.
AI-2006-02-14-02: Tony Nadalin to review deferred action item 62 and followup on the list with proposed resolution.
1. Call to order/roll call
Martin Raepple regained voting status
Present:
Symon Chang BEA Systems, Inc.
Hal Lockhart BEA Systems, Inc.
Denis Pilipchuk BEA Systems, Inc.
Corinna Witt BEA Systems, Inc.
Yakov Sverdlov CA
Toshihiro Nishimura Fujitsu Limited
Greg Whitehead Hewlett-Packard
Henry (Hyenvui) Chung IBM
Heather Hinton IBM
Kelvin Lawrence IBM
Michael McIntosh IBM
Anthony Nadalin IBM
Bruce Rich IBM
Mike Lyons Layer 7 Technologies Inc.
Jan Alexander Microsoft Corporation
Greg Carpenter Microsoft Corporation
Paul Cotton Microsoft Corporation
Colleen Evans Microsoft Corporation
Vijay Gajjala Microsoft Corporation
Marc Goodner Microsoft Corporation
Chris Kaler Microsoft Corporation
Norman Brickman Mitre Corporation
Frederick Hirsch Nokia Corporation
Lloyd Burch Novell
Steve Carter Novell
Rich Levinson Oracle Corporation
Ashok Malhotra Oracle Corporation
Prateek Mishra Oracle Corporation
Martin Raepple SAP AG
Tony Gullotta SOA Software Inc.
Jiandong Guo Sun Microsystems
Don Adams Tibco Software Inc.
2. Reading/Approving minutes of last meeting (January 31, 2007)
Adopted unanimously.
3. TC Logistics (10 minutes or less)
OASIS staff (Mary) requests that SecureConveration and Trust specs be the separated and treated as two independent specification for the purposes of the upcoming OASIS standards balloting. Chris put the question to the TC. There were no objections.
4. Issues list
a) Review of action items
None.
b) Issues in Review status
None.
c) New issues
PR016 - Missing assertion to indicate arbitrary RSA public key to be used as a security token
Jan gave an overview. Proposal accepted and assigned to the SP editors. Status changed to Pending.
PR017 - Use derived keys language consistent with WS-SecureConversation
Editorial. Proposal accepted and assigned to the SP editors. Status changed to Pending.
PR018 - Correct requirement to include policy element
Marc gave an overview. Proposal accepted and assigned to the SP editors. Status changed to Pending.
PR019 - Update SC Assertion Names to match current spec
Editorial. Proposal accepted and assigned to the SP editors. Status changed to Pending.
PR020 - No means to express need to secure SOAP Messages with Attachments (SwA)
Jan will follow up with Frederick and make a proposal on the list. Status changed to Active.
PR021 - Allow W3C version of WS-Policy to be used
Question raised regarding mixing of WS-Policy versions in nested assertions. This is a Policy framework level issue. If it does not already do so, the WS-Policy spec should make clear that mixing versions of WS-Policy is a bad idea.
BEA (Hal/Symon) took an action item to send email to the W3C WS-Policy WG informing them of this finding and include a reference to these minutes.
Proposal accepted and assigned to the SP editors. Status changed to Pending.
d) Active issues
PR012 - Need policy example for encrypted username token
Awaiting resolution of PR013
PR013 - Need EncryptedSupportingTokens assertion
Jan’s latest proposal covers Symon’s use case through the use of Supporting Tokens and Encrypted Elements and does not require any additional assertions to be defined.
Question raised regarding lack of “symmetry” in Signed vs. Encrypted supporting token assertions. Jan explained that the SignedSupportingTokens assertion has very specific requirements on the security header layout and also on how they are signed so combination
of SignedElements and SupportingTokens assertions does not result in the same set of requirements
Issue remains Active. Further discusion should be taken to the list and revised proposals be provided before the next TC call.
PR014 - Signature protection semantics clarification
Proposal accepted and assigned to the SP editors. Status changed to Pending.
PR015 - Missing issuer and required claims inside token assertions
Proposal accepted and assigned to the SP editors. Status changed to Pending.
f) Pending issues
PR009 - WS-Trust "1.0" in WS-SecurityPolicy
Still Pending
PR010 - Value of @TrustVersion is not clear
Still Pending
PR011 - Missing assertions to indicate supported bindings for the secure conversation STS
Still Pending
List of pending issues is growing. Editors will spin a new draft.
5. Next steps
Next call will be in one week (Feb 21, 2007)
OASIS ballots for SecureConversation and Trust begins on Friday. Chairs urge TC members to “vote early and often” and to contact their OASIS friends who are not WS-SX TC members and urge them to do likewise. Be
sure to point out that TWO independent votes are required for SC and Trust.
6. AOB
None.
7. Adjournment
The meeting adjourned at 11:00 am EST