OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: [wss] RE: Revised WSS TC Charter


Kelvin, Chris:

Thanks for the notice. I'll take a look at this then get it announced.
In the meantime, please update the TC web page with the new charter.

</karl>
=================================================================
Karl F. Best
OASIS - Director, Technical Operations
+1 978.667.5115 x206
karl.best@oasis-open.org  http://www.oasis-open.org

-----Original Message-----
From: Kelvin Lawrence [mailto:klawrenc@us.ibm.com]
Sent: Friday, September 20, 2002 12:09 PM
To: karl.best@oasis-open.org
Cc: ckaler@microsoft.com; wss@lists.oasis-open.org
Subject: Revised WSS TC Charter



Karl, at the WSS TC F2F, the TC voted on some clarification changes to
the charter. These changes were made to better clarify the purpose,
scope and deliverables of the TC. Each change is documented in the
minutes of the F2F meeting at [1]  Per the OASIS process we are
sending you the revised charter.

For simplicity we have included below the revised charter as approved
at the first face-to-face meeting.  We (the chairs), made one small
edit (after re-reviewing the TC procedures) around submissions to
conform to the TC process.  Specifically, we dropped the "and
approved" as there is no approval process – if a submission is valid,
that is it conforms to the submission rules, then it is implicitly
accepted.  This is because all input, including documents, e-mail, and
conversations, must conform to the OASIS rules and are implicitly
"accepted".

I am copying the WSS TC mailing list on this e-mail so that the TC
members can also see the revised charter.

[1]  http://lists.oasis-open.org/archives/wss/200209/msg00039.html

---

REVISED CHARTER

OASIS Web Services Security Technical Committee (WSS)
Statement of Purpose:
The purpose of the Web Services Security TC (WSS) is to continue work
on the Web Services security foundations as described in the
WS-Security specification [1], which was written within the context of
the Web Services Security Roadmap as published in April 2002 [2].  The
work of the WSS TC will form the necessary technical foundation for
higher-level security services which are to be defined in other
specifications.  The TC shall not further develop the security
roadmap, nor shall the roadmap constitute a normative part of the
output of the TC.
The Technical Committee will take advantage of the OASIS provided
services for such things as e-mail lists and archives, and also web
pages for tracking progress. E-mail archives will be visible to the
public.
Relationship to Existing Activities:
Many efforts related to Web services security and related technologies
are underway throughout the industry. The following work may be
relevant to this Web Services Security TC:
·        OASIS Access Control TC (XACML)
·        OASIS XML Common Biometric Format TC (XCBF)
·        OASIS Provisioning TC (PSTC)
·        OASIS Rights Language TC (XrML)
·        OASIS Security Services TC (SAML)
·        W3C XML Signature
·        W3C XML Encryption
·        W3C XML Key Management
Technical Committee Deliverables
The TC has the following initial set of deliverables.
·        The "core"specification (final name TBD)
·        A SAML profile
·        An XrML profile
·        A Kerberos profile
·        An X.509 profile
The scope of the Web Services Security Technical Committee is the
support of security mechanisms in the following areas:
a.        Using XML signature to provide SOAP message integrity for
Web services
b.        Using XML encryption to provide SOAP message confidentiality
for Web services
c.        Attaching and/or referencing security tokens in headers of
SOAP messages
d.        Carrying security information for potentially multiple,
designated actors
e.        Associating signatures with security tokens
Each of the security mechanisms will use implementation and language
neutral XML formats defined in XML Schema.
The OASIS Web Services Security TC will:
1.        Accept as input the Web Services Security (WS-Security)
specification published by IBM, Microsoft, and VeriSign on April 11th
2002 [1] and other subsequent submitted documents.
2.        Produce as output a specification, in one or more documents,
for Web Services Security. This specification will reflect refinements
and changes made to the submitted version of WS-Security that are
identified by the WSS TC members for additional functionality within
the scope of the TC charter.
3.        Liaise and/or forge relationships with other Web services
efforts to assist in leveraging WS-Security as a part of their
specifications or solutions.
4.        Coordinate with the chairs of the other OASIS security
related groups via the Security Joint Coordination Committee.
5.        Oversee ongoing maintenance and errata of the WS-Security
specification.
Language in Which the TC will Conduct Business
English
Original Charter as in the call for participation
OASIS Web Services Security Technical Committee (WSS)
Statement of Purpose:
The purpose of the Web Services Security TC (WSS) is to continue work
on the Web services security foundations published in the WS-Security
specification [1] and under the context of the Web Services Security
roadmap published in April, 2002 [2]. WS-Security forms the necessary
technical foundation for higher-level security services including
Federation, also within the context of the Web Services Security
roadmap.
The Technical Committee will take advantage of the OASIS provided
services for such things as e-mail lists and archives, and also web
pages for tracking progress. E-mail archives will be visible to the
public.
Relationship to Existing Activities:
Many efforts related to Web services security and related technologies
are underway throughout the industry. The following work may be
relevant to this Web Services Security TC:
·        OASIS Access Control TC (XACML)
·        OASIS XML Common Biometric Format TC (XCBF)
·        OASIS Provisioning TC (PSTC)
·        OASIS Rights Language TC (XrML)
·        OASIS Security Services TC (SAML)
·        W3C XML Signature
·        W3C XML Encryption
·        W3C XML Key Management
Technical Committee Deliverables
The scope of the Web Services Security Technical Committee is the
support of security mechanisms in the following areas:
a.        Using XML signature to provide SOAP message integrity for
Web services
b.        Using XML encryption to provide SOAP message confidentiality
for Web services
c.        Attaching and/or referencing security tokens in headers of
SOAP messages
d.        Carrying security information for potentially multiple,
designated actors
e.        Associating signatures with security tokens
f.        Representing specific forms of binary security tokens as
defined in WS-Security specification.
Each of the security mechanisms will use implementation and language
neutral XML formats defined in XML Schema.
The OASIS Web Services Security TC will:
1.        Accept as input the Web Services Security (WS-Security)
specification published by IBM, Microsoft, and VeriSign on April 11th
2002 [1].
2.        Produce as output a specification for Web Services Security.
This specification will reflect refinements and changes made to the
submitted version of WS-Security that are identified by the WSS TC
members for additional functionality within the scope of the TC
charter.
3.        Liaise and/or forge relationships with other Web services
efforts to assist in leveraging WS-Security as a part of their
specifications or solutions.
4.        Coordinate with the chairs of the other OASIS security
related groups via the Security Joint Coordination Committee.
5.        Oversee ongoing maintenance and errata of the WS-Security
specification.
Language in Which the TC will Conduct Business
English



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC