[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: WS-SX TC Minutes, Feb 6 2008
WS-SX TC Minutes, Feb 6 2008 Summary of new Action Items: Editors to ask the OASIS TC Administrator to publish the
editors drafts there. Chairs to respond to RX/SX chairs with the information
regarding referencing the specs using the new namespaces. 1. Call to order/roll call Status change Gained Voting Status Will Hopkins , BEA Attendance Will Hopkins;BEA Systems, Inc. Hal Lockhart;BEA Systems, Inc. Denis Pilipchuk;BEA Systems, Inc. Corinna Witt;BEA Systems, Inc. Toshihiro Nishimura;Fujitsu Limited Henry (Hyenvui) Chung;IBM Kelvin Lawrence;IBM Bruce Rich;IBM Jan Alexander;Microsoft Corporation Geoff Bullen;Microsoft Corporation Greg Carpenter;Microsoft Corporation Marc Goodner;Microsoft Corporation Chris Kaler;Microsoft Corporation Frederick Hirsch;Nokia Corporation Abbie Barbir;Nortel Lloyd Burch;Novell Steve Carter;Novell Rich Levinson;Oracle Corporation Prateek Mishra;Oracle Corporation Tony Gullotta;SOA Software Inc. Jiandong Guo;Sun Microsystems Don Adams;TIBCO Software Inc. Ashok Malhotra, Oracle, Dave Stagg, VHA 2. Reading/Approving minutes of last meeting (Jan 9) http://lists.oasis-open.org/archives/ws-sx/200801/msg00008.html Adopted unanimously. 3. TC Logistics (10 minutes or less) RX/TX message, further down on the agenda. 4. Issues list http://docs.oasis-open.org/ws-sx/issues/Issues.xml
a) Review of action items None. b) Issues in Review status None. c) New issues 160 Unclear behavior forRequireSignatureConfirmation
Assertion where there is no Signature http://lists.oasis-open.org/archives/ws-sx/200801/msg00013.html When the message is not signed, is the signature confirmation
element in the header signed? Isn’t that subject to replacement/replay? Possibly. Check protection token assertion, situation may be covered. Issue is the behavior suggested in the specification, best
practice concern is separate. If policy didn’t require signature, but did require
signature confirmation what is the expected behavior? 161 Add <sp:RequireAsync /> into sp:Trust13 assertion http://lists.oasis-open.org/archives/ws-sx/200802/msg00004.html When is it async vs. synch, to determine using policy What about using the WSDL? Is that not acceptable for some
reason? 162 no way to specify the policies for renew and cancel http://lists.oasis-open.org/archives/ws-sx/200802/msg00006.html
What policy covers these messages? 163 Encryption with a key known to both parties http://lists.oasis-open.org/archives/ws-sx/200801/msg00011.html Examples document issue, doesn’t look like a spec
change Isn’t there a part of the proposal for a new URI
identifier? 164 provide means to specify which signing transform to use
for attachments d) Active issues i154 - Examples doc issues Current status: http://lists.oasis-open.org/archives/ws-sx/200801/msg00004.html
155 – 159 discussion: http://lists.oasis-open.org/archives/ws-sx/200801/msg00014.html
i155 - Generalized Interactive Challenge for WS-Trust -
Concern 1 Close with no action. i156 - Generalized Interactive Challenge for WS-Trust -
Concern 2 Marc working on text i157 - Generalized Interactive Challenge for WS-Trust -
Concern 3 Marc to work on text to indicate this is a display
difference i158 - Generalized Interactive Challenge for WS-Trust -
Concern 4 Covered on internationalization, discard non-printable text Marc working on text i159 - Generalized Interactive Challenge for WS-Trust -
Concern 5 Marc working on text f) Pending issues All moved to review. Issues below applied in: SP 1.3 http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/27032/ws-securitypolicy-1.3.xsd Trust 1.4 http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/27035/ws-trust-1.4-spec-ed-01.doc http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/27033/ws-trust-1.4.xsd i141 - Support for nonce and created nested assertion in
usernametoken i148 - Syntax of XPath for Signed, Encrypted and Required
Elements i150 - Add conformance statements to new versions of
Trust/SC/SP i151 - Update SP per Policy 1.5 guidelines i152 - Update policy references to 1.5 for SC, Trust and SP i153 - Generalized Interactive Challenge for WS-Trust Errata issues below applied in: Spec with redline errata applied: Just the errata: http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/27030/ws-trust-1.3-errata-ed-01.doc ER012 - Review normative RFC 2119 language in WS-Trust ER013 - Review normative RFC 2119 language in
WS-SecureConversation ER014 - Review normative RFC 2119 language in
WS-SecurityPolicy ER017 - Conflict Nonce reuse description in the current
WS-SC 1.3 5. Discuss response to RX and TX TC's on references Marc explained layout of new specs New version of SP 1.3, namespace http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802 New version of Trust 1.4, namespace http://docs.oasis-open.org/ws-sx/ws-trust/200802 In addition to adding the Policy 1.5 reference, the new
versions of SP and Trust have new elements/schema which required the new
namespaces. SC only had non-normative changes, no new elements, no new
namespace, so no new version was produced, there is a spec with errata
incorporated One of the changes to SC was to change a non-normative
reference to Policy to a non-normative reference to SP 1.3 competing the loop
for Policy 1.5 references There was discussion about whether or not this works to not
have a new version of SC. No decision was reached. To facilitate the RX/TX TCs referencing needs it was agreed
to lock on the namespaces above for SP 1.3 and Trust 1.4. Action: Editors to ask the OASIS TC Administrator to publish
the editors drafts there. Action: Chairs to respond to RX/SX chairs with the
information regarding referencing the specs using the new namespaces. 6. AOB When will we get to PR? Trying to get through the issues, then we’ll start our
PR. Interop? Open as to whether or not we will, but if we do it can be
done concurrently with PR. 7. Adjournment |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]