[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [wss] Agenda for Sept 4th/5th meeting
Sorry, will hold my thoughts ..... (and add a few in the process ....) cheers | -----Original Message----- | From: Chris Kaler [mailto:ckaler@microsoft.com] | Sent: Sunday, September 01, 2002 9:37 PM | To: Ed Reed; tim.moses@entrust.com; wss@lists.oasis-open.org | Subject: RE: [wss] Agenda for Sept 4th/5th meeting | | | Just a friendly reminder... by Oasis rules, we are not | allowed to have | technical discussions of any kind on this alias until after the first | meeting. | | Sorry... we have just a few more days until this restriction | is lifted! | | Cheers, | Chris | | -----Original Message----- | From: Ed Reed [mailto:ereed@novell.com] | Sent: Sunday, September 01, 2002 5:44 PM | To: tim.moses@entrust.com; wss@lists.oasis-open.org | Subject: RE: [wss] Agenda for Sept 4th/5th meeting | | Interesting notion - one that is consistent with both the | TCPA and with | Novell's Security Attribute specification, with which some of you may | be familiar. | | Quality metrics on the key quality (generation), key protection (OS | assurance level) and key storage (again, OS assurance level) are | very useful in differentiating between pond-scum CAs using D-level | OS platforms with dubious source crypto from tamper resistent | hardware crypto devices - and the same can be said for user's | credential information, whether Kerveros Tickets or PKI private | keys, too. | | For more on the Novell spec, see | http://developer.novell.com/repository/attributes/certattrs_v10.htm | It's in use in Novell's PKI, and has been implemented by at least | one other PKI CA product. | | It's not perfect, and needs revision, but has a good overview of | the issues and a good proposal as a starting point. | | For the record, Novell offers a form of graded authentication it | it's cross-platform products. | | Ed | | =============== | Edwards E Reed, Security Tzar | Novell, Inc. | +1 585 624 2402 - Rochester | +1 617 914 8011 - Cambridge | +1 585 750 2960 - Cell | | | >>> Tim Moses <tim.moses@entrust.com> 09/01/02 12:43PM >>> | Colleagues - I would like to suggest that the WS Security TC tackle | the | question of Quality of Security. TLS has its cipher suites, | S/MIME has | its | supportedAlgorithms directory attribute. SOAP security needs | something | similar. QOS for SOAP is complicated by the fact that XML | DSig and XML | Enc | can define a set of nodes to be protected. Whereas, for TLS | and S/MIME, | it | is "all or nothing". Perhaps, the answer is to adapt WSDL to | accommodate QOS | information. But, I feel that wsstc is the place to develop the | solution - | not necessarily in the core specification, but, perhaps, in a | supporting | document. All the best. Tim. | | ----------------------------------------- | Tim Moses | Tel: 613.270.3183 | | | | | -----Original Message----- | From: klawrenc@us.ibm.com [mailto:klawrenc@us.ibm.com] | Sent: Tuesday, August 27, 2002 11:11 AM | To: wss@lists.oasis-open.org | Subject: [wss] Agenda for Sept 4th/5th meeting | | | | | Dear WSS TC members, here is the agenda for our initial face to face | meeting | next week. | | On Wednesday 4th, the meeting will start at 10:am and close at 5pm | On Thursday 5th, the meeting will start at 9am and close at 4pm | | | 1. Welcome and Introductions/roll call | | 2. Assign minute taker(s) | | 3. Review of OASIS TC process | | 4. Review of TC charter | | 5. Establish standing rules for this TC | | 6. Assign roles (webmaster, editor etc.) | | 7. Discussion of how this TC relates to other committees in the | security area | | 8. Discuss assigning a liaison to other security related standards | committees | | 9. Update for this team on the OASIS/W3C joint meeting in Boston . | | | 10. Submission of input documents | | 11. Discuss phone call sponsor for next call and agree schedule for | phone calls. | | 12. Discuss location of next F2F meeting and sponsor | | 13. Main part of meeting - group discussion | | 14. Any other business | | 15. Close | | | Chris Kaler | Kelvin Lawrence | (co-chairs WSS TC) | | | | ---------------------------------------------------------------- | To subscribe or unsubscribe from this elist use the subscription | manager: <http://lists.oasis-open.org/ob/adm.pl> | | ---------------------------------------------------------------- | To subscribe or unsubscribe from this elist use the subscription | manager: <http://lists.oasis-open.org/ob/adm.pl> |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC