OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: WS-SX TC Minutes, May 30 2007 -rev 3

[6/8/07 – upated with status change info from Abbie]
[updated with subsequent clarifications from Rich Levison and Tony Nadalin]
[added Tony Gullotta to present list]
WS-SX TC Minutes, May 30 2007 – rev 3
Summary of new Action Items:
Chairs: Make sure next weeks call is cancelled.
Marc Goodner: Analyze schema/example discrepancy described in issue i123 and report back to TC
Marc Goodner: Find previous discussion/resolution related to active issue i134 and report back to TC
1. Call to order/roll call
Status change:
- Mr. Yakov Sverdlov  and Dr. Anish Karmarkar lost voting status.
Will Hopkins BEA Systems, Inc.
Hal Lockhart BEA Systems, Inc
Corinna Witt BEA Systems, Inc.
Toshihiro Nishimura Fujitsu Limited*
Greg Whitehead Hewlett-Packard*
Henry (Hyenvui) Chung IBM
Michael McIntosh IBM
Anthony Nadalin IBM
Bruce Rich IBM
Mike Lyons Layer 7 Technologies Inc.*
Jan Alexander Microsoft Corporation
Greg Carpenter Microsoft Corporation
Colleen Evans Microsoft Corporation
Vijay Gajjala Microsoft Corporation
Marc Goodner Microsoft Corporation
Chris Kaler Microsoft Corporation
Lloyd Burch Novell*
Steve Carter Novell*
Rich Levinson Oracle Corporation
Ashok Malhotra Oracle Corporation
Prateek Mishra Oracle Corporation
Martin Raepple SAP AG*
Tony Gullotta SOA
Don Adams TIBCO Software Inc.
2. Reading/Approving minutes of last meeting (May  16)
Adopted unanimously.
3. TC Logistics (10 minutes or less)
Continue bi-weekly calls. Make sure next weeks call is cancelled
4. Security Policy standard ballot status
No Issues with the submission. Expect OASIS member familiarization/ballot to proceed as planned.
5. Issues list
a) Review of action items
AI-2007-04-18-03 - Greg Carpenter will log new issues to ensure that the TC revisits normative language usage in the next revision of specs.
AI-2007-05-15-02 - Add additional Bridge access numbers to the web site and agendas
AI-2007-05-15-03 - Editors will create draft errata docs for SX specs using the WSS errata documents as a template
b) Issues in Review status
i124 - Example
Status changed to Closed
i125 - Example
Status changed to Closed
i126 - Example 2.1.3
Status changed to Closed
i127 - Example 2.1.4
Status changed to Closed
i128 - Example 2.2.1
Status changed to Closed
i129 - Example 2.2.3 and 2.2.4, Trust10 should be changed to Trust13
Status changed to Closed
i133 - Example
Status changed to Closed
c) New issues
i134 - Policy Assertion Parameters and alternatives
AI – Marc to look for previous disussion and reolution and post to list.
Issue remains Active.
ER004 - Wrong Security Context Token assertion in example
Assigned to editors. Status changed to Pending.
d) Active issues
i123 - Example
Rich: don’t understand the issue. It seem to state that there needs to be a NULL passwd assertion, which is missing, but there is a NULL password assertion in the example.
Clarification: The example is wrong because there is no NULL password element in the SP schema, therefore the example is invalid.
AI: Marc Goodner will analyze the discrepancy and report back to the TC.
Issue remains active.
Followup clarification from Rich (http://www.oasis-open.org/apps/org/workgroup/ws-sx/email/archives/200705/msg00064.html):
What we are talking about is an sp:NoPassword assertion as described in ws-sp spec:

807 /sp:UsernameToken/wsp:Policy/sp:NoPassword
808 This optional element is a policy assertion that indicates that the wsse:Password element MUST
809 NOT be present in the Username token.

I realize the issue now is whether this thing is in the schema or not, but I believe
based on the above that it probably SHOULD be in the schema if it is not.
i130 - Example
Rich: Issue makes no sense against issue It does make sense against example  I Assume that this is a typo
Tony Nadalin:  Need more time to look into this
Issue remains active
ER001 - Inconsistent IncludeToken URI between spec and schema xsd file
Assigned to editors. Status changed to Pending
ER002 - Editorial comments on SP
Assigned to editors. Status changed to Pending
ER003 - Clarification of policy usage for derived keys in SC
Assigned to editors. Status changed to Pending
f) Pending issues
6. Continue discussion of SP examples document
IBM is doing more testing.
Prateek: follow protocol, close open issues, conduct CD vote.
Tony Nadalin: IBM would vote against going to CD and question whether all the examples are in scope.
Follow-up clarification from Tony (http://www.oasis-open.org/apps/org/workgroup/ws-sx/email/archives/200705/msg00065.html)
I said - at this time IBM would vote against a CD motion as its not clear this document is within the charter and secondly at this time as each example has yet to be tested and verified (as we found issues with first 9 scenarios). The last issue is, are all the examples in scope, are these examples that we have interop on, are these examples that are useful, we can certainly create a lot of examples with the capabilities of WS-SecurityPolicy so what is the right mix ?
Hal: not sure how you can say some examples are OK and not others.
Rich: Most of the examples are based on previous interop.
Tony Nadalin: Disagree. We had to write new interop code to test these.
Further discussion taken to the list scoped to the following three discussion points.
  1. Is an examples document in scope of the TC?
  1. What specific examples are or are not in scope in an examples document?
  1. What additional work or steps are required before the examples doc can progress to CD?
7. AOB
8. Adjournment

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]