[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Revised agenda for wsrm tc meeting
this revised agenda has Alan's latest posting on a new interop project proposal. Tom Rutt WSRM TC Chair -- ---------------------------------------------------- Tom Rutt email: tom@coastin.com; trutt@us.fujitsu.com Tel: +1 732 801 5744 Fax: +1 732 774 5133Title: Draft Agenda to WSRM TC Conference Call – May 06, 2003
Full Agenda for WSRM TC Conference Call –April 5, 2005 The meeting of the WSRM TC will take place by teleconference Tuesday, April 5, 2005, from 5:30 to 7:00 PM Eastern Standard Time 1
Draft
Agenda:
1 Draft Agenda to WSRM TC Conference Call 2 Roll Call 3 Minutes Discussion 3.1 Appointment of Minute Taker 3.2 Approval of previous meeting minutes – 4 Action Item Status Review 5 Status of WS-Reliability Specification 6 Interop SC Future activities 7 Next Step Documentation 7.1 Editorial Clarifications and Errata 7.2 Implementation Guidelines 7.2 Future Enhancement Requests 8 Composability with other WS-Specs 9 ws reliability PAS progression 10 Discussion of Future Meetings 11 New business 2
Roll
Call
Attendance: Meeting ?? quorate. 3
Minutes
Discussion
Tom Rutt will take minutes. 3.1 Approval of previous meeting minutesThe minutes of the 3/8 meeting (amended attendance list from prelim minutes) are posted at: http://www.oasis-open.org/apps/org/workgroup/wsrm/download.php/11863/MinutesWSRMTC030805.htm xx Moved to approve the 3/8 minutes, yy seconded. ?? opposition minutes 3/8 minutes ?? approved 4 Status of Action Items4.1 Action 121404-2 (Anish) OpenAction: Oracle will provide examples of soap header dumps with both ws-reliability and ws-Security headers in use, as in the interop demo. Anish posted email: WSS and WS-Reliability header dumps Anish Karmarkar 24 Feb 2005 Anish may post some additional examples of other combinations. 4.2 Action 012505-1 (Tom Rutt) PendingAction: Tom will investigate how to change the status of printed document. The posted standard still states CD. Continuing action, need standard number from OASIS staff 4.3 Action 020805-2 (Tom Rutt) openAction: Tom will investigate how to post the three OASIS pas documents on our server. Jamie Clark is investigating how to get the documents on the OASIS Site. 4.4 Action 032205-2 (Tom Rutt) closedAction: Tom will check if there will be projectors available for the TC meeting. The TC is responsible for supplying its own projector. 5 Status of WS-Reliability SpecificationThe public and member web site pages for the TC to have a single announcement, which refers by URL to spec and schema at the proper location on the OASIS web site. http://docs.oasis-open.org/wsrm/2004/06/WS-Reliability-CD1.086.pdf http://docs.oasis-open.org/wsrm/2004/06/fnp-1.1.xsd http://docs.oasis-open.org/wsrm/2004/06/reference-1.1.xsd http://docs.oasis-open.org/wsrm/2004/06/ws-reliability-1.1.xsd http://docs.oasis-open.org/wsrm/2004/06/wsrmfp-1.1.xsd The spec at the above link itself still shows status a CD. Tom posted an edited cover page for review at: The chair sent an email to OASIS staff about our need for an OASIS standard number to put in the edited cover page. OASIS staff has not yet given WS-Reliability an OASIS standard Number. 6 Interop SC Future activitiesDiscussion of Future activities for Interop SC. Alan Weisberger sent the following by email: Proposal for new work item related to WS-R and WS-Security Composability Project: Alan Weissberger, NEC and Jacques Durand, Fujitsu Fujitsu and NEC are proposing a new activity associated with the composability of WS-R and WS-Security. We would like to demonstrate several interoperable implementations of these composed OASIS standards at an interoperability event to be hosted by Fujitsu in early June. The WS-R implementations may be based on those developed for previous interop demos, or on the open source RM4GS (which runs under Linux OS). The WS-Security implementations may be based on company implementations, new implementations for this demo, or the Apache open source________________. Both Fujitsu and NEC will have implementations for this interop and we encourage other companies to participate as well. Our test scripts/ test assertions will be compliant with both the WS-Security standard and the corresponding WS-I BSP WG drafts (to be identified). We would like to base our interop test assertions on four security requirements: -authentication -authorization -confidentiality (encryption) -integrity (tamper proofing) For each of these requirements, we plan to identify the constituent functionality and ordered WS-R/WS-S header processing at the sender. That is, we would like to allow for different composability processing configurations on the sender side, while specifying only the composed message format transmitted (we assume over HTTP transport) on the wire. The transmitted message format will implicitly specify the test case for receiver processing. From this defined functionality, we will specify the test assertions, which will be the essence of the composed WS-R/WS-S implementations to be tested for interoperability. Our goal is to specify no more than 12 test assertions. Here are a few functionality type questions we have pondered: · What parts of the SOAP message are signed, what type of signature? · What parts of the SOAP message are encrypted (only the message body or headers too)? · What type of encryption and key management should we select? · Do we require integrity of the WS-R header, payload or both? · What type of digital signature will be needed, e.g. detached (subset of SOAP message) or embedded (entire SOAP message/ envelope)? · What token type(s) will be used for authentication- X.509, REL, SAML, Kerberos? Our proposed TC work plan is as follows: -Agree on requirements on the Tuesday April 5 call -Agree on functionality and start work on test assertions this week (ending Friday April 8). We are willing to have a task force call this week, if there is sufficient interest. -Agree on test assertions on April 19 call or f2f meeting (if call is cancelled) -Begin implementations immediately thereafter. Assume implementations will be completed by end of May -Interop event to be held at
Fujitsu Software, -Upon successful interop event testing, participants are invited to provide an Internet end point for future interoperability testing of the composed specs. Additional test assertions may be included at that time.
7 Next Step DocumentationComments have been requested on the following three draft documents. 7.1 Editorial Clarifications and ErrataClarifications, editorial nits, interpretations of the actual specification, which should be posted for others to see ws-Reliability 1.1 Errata: Editor's Draft 0.1 7.2 Implementation Guidelines / Application NotesThings to help implementers, which, would typically be specific to application environments. WS-Reliability 1.1 Implementers Guide-ed0.1 7.3 Future Enhancement RequestsProposed changes for future versions which would ease implementation or enhance protocol capabilities. Draft list of WS-Reliability Enhancement Requests 8 Composability with other WS-SpecsWS-Security
Composition paper from Fujitsu, WS-Reliabilty And WS-Security - First Draft A Newer version of composability aspects was posted by Jacques as: 9 WS-reliability PAS progressionNo response has been received yet from OASIS Staff regarding our request to pursue PAS progression of WS-Reliability 1.1. 10 Discussion of Future MeetingsTom reserved all day Thursday and Friday Morning after the symposium for Our TC. The hotel will supply a screen. There will be a 30 dollar a day fee for attendees (there is a meeting registration form). The TC is responsible for preparing a 3 slide, 3 minute summary of the TC progress for the general meeting. We will have to supply a projector [Fwd: Re: Are computer projectors available for TC meetings] The Chair questions the need for Teleconference meeting on April 19 (one week before symposium). 11 New BusinessJacques posted an email about conformance One of the difficulties we had in
defining a conformance clause for WS-Reliability, is
the existence of diverse profiles of implementations: a light personal device
(e.g. cell phone) might only be required to act as a Receiving RMP, and only be
required to send acks. Or, a monitoring device would
only need to send, with the ability to resend. A message hub will need to act
as both Sender and Receiver, and support all features. It was hard to find a common basis
of features to define conformance levels on. But even so, it remains important
to define conformance boundaries so that implementations know where they stand
on interoperability. An approach based on the QA
guidelines (W3C / NIST, http://www.w3.org/TR/qaframe-spec/ )
may help: That leads to distinguish: - Usage profiles, based on the
different roles an implementation can play:here
Sender, Receiver, or both. - within
each profile, functional levels (core, etc.) can be defined, to which will
correspond levels of conformance. For the sake of interoperability,
"core" Sender must be able to interoperate with "core"
Receiver, etc. - functional Modules can also be
distinguished (a profile would require the implementation of some modules, e.g.
only {HTTP binding + resending mechanism} for an HTTP Sender profile at Level
0, { HTTP binding + resending mechanism + group management} for HTTP Sender
level 1, etc. These definitions could belong in
an (non-normative) adjunct to the standard, something that helps developers
characterize their implementations in terms of profile/level (and also promotes
a reasonably small number of implementation profiles). That adjunct may or may not be
merged later with the next release of the standard. I propose we start discussing this
in the meeting tomorrow if time permits. Jacques |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]