[ws-sx] WS-SX TC Minutes, June 27 2007

[Greg Carpenter <gregcarp@microsoft.com>]

WS-SX TC Minutes, June 27 2007

Summary of new Action Items:
AI-2007-06-27-01: Greg will clone issue i37. The current i137 will reference only the examples doc.  The cloned issue will reference only SP.
AI-2007-06-27-02: Prateek will seek clarification from Aditya regarding ER005
AI-2007-06-27-02: Hal will propose draft text for the charter change to the deliverables section.

1.  Call to order/roll call
tbd

2. Reading/Approving minutes from June 13th 2007 [1]
Approved unanimously.

3. TC Logistics (10 minutes or less)
None.

4. Security Policy standard ballot status (http://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=1322)
Still some TC members whose companies have not voted. Chairs encourage such members to contact their primary OASIS representatives regarding the vote. Ballot closes on Saturday.


5. Issues list [2]

a) Review of action items
AI-2007-04-18-03 - Greg Carpenter will log new issues to ensure that the TC revisits normative language usage in the next revision of specs.
Still open.

AI-2007-05-15-02 - Add additional Bridge access numbers to the web site and agendas
Closed. No action required.

AI-2007-05-15-03 - Editors will create draft errata docs for SX specs using the WSS errata documents as a template
Still open.  Marc Goodner working on this. ETA is late July, early August.

AI-2007-06-13-01 - Marc Goodner: Make a proposal for ER006 to the list.
Still open.

AI-2007-06-13-02 - Chairs to update public website
Done

AI-2007-06-13-03 - Chairs cancel meeting next week (June 20)and week of July 4th
Done

- Issues

b) Issues in Review status
  None.


c) New issues

ER008 - Applicability of TokenInclusion Values for various security tokens
Closed with no action.

ER010 - Typo in the Security Header Layout section
Status changed to Pending

ER011 - Modification request for issue PR014
Status changed to Pending.

d) Active issues

i130 - Example 2.3.2.1
Closed with no action

i135 - Need provision in the spec/schema for attachment content signature
assigned to Tony Nadalin.

i137 - Support for more stringent security implementation in WS-SP as per requirements in WS-SP Usecases document

Hal believes this is an enhancement request and proposes to defer it to a future release of SP (see: http://www.oasis-open.org/apps/org/workgroup/ws-sx/email/archives/200706/msg00057.html).
Issue inappropriately references both SP and the Examples document.

AI: Greg will clone issue i37. The current i137 will reference only the examples doc.  The cloned issue will reference only SP.

The cloned SP issue will be given deferred status per Hal's proposal above.

Issue i137b remains active.

ER005 - Restriction on Encryption of Headers
TC members had trouble understanding the issue and what is being proposed.  The issue originator was not present on the call.

AI: Prateek will seek clarification from Aditya

ER006 - The specification states that if [Timestamp] is false, then wsu:Timestamp should not be present inside <wsse:Security> header.

Remains active pending completion of action item AI-2007-06-13-01 and subsequent discussion.


f) Pending issues
i136 - Incorrect URI for password digest in the example

i138 - Editorial correction in WS-SP usecases draft Example 2.2.3

i139 - Incorrect spelling of Issued Tokens WS-SP usecases draft Example 2.2.3

i140 - Incorrect order of <Timestamp> element for Strict Layout

ER001 - Inconsistent IncludeToken URI between spec and schema xsd file

ER002 - Editorial comments on SP

ER003 - Clarification of policy usage for derived keys in SC

ER004 - Wrong Security Context Token assertion in example

ER007 - Minor editorial addition to <ContentEncryptedElements> Assertion

ER009 - Policy Assertion Parameters and alternatives

Change protocol to "ws-sp" for consistency.


6. Continue discussion of SP examples document

Chairs have contacted OASIS staff seeking guidance on whether a charter change is required to add the examples doc to the TC list of deliverables.  OASIS staff recommends a charter change due to the specificity of the deliverables in the existing charter.


Hal discussed his proposal, which can be found here: http://www.oasis-open.org/apps/org/workgroup/ws-sx/email/archives/200706/msg00065.html

Tony:  Questioned whether a CS is appropriate for an examples document.

Hal: Not set on CS but would definitely like a PR.

Marc: Also question need for CS but support Hal's proposal of actively  testing  the examples.

Prateek: Support Hal's proposal.  SP is special in that it has impact on application developers and administrators who set security policy as opposed to other specs which are implemented in the infrastructure.

Chris K.:  Seems there is general support for Hal's proposal.  Some TC members question  the need for PR and/or CS.

TC agreed to  follow the usual TC process for advancing a TC document to a state consistent with the results of the pending charter revision ballot.

AI: Hal will propose draft text for the charter change to the deliverables section.

7. Other business
None.

8. Adjournment

[1] http://lists.oasis-open.org/archives/ws-sx/200706/msg00049.html

[2] http://docs.oasis-open.org/ws-sx/issues/Issues.xml