[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [wss] Web Services Security Issues List
Thanks Zahid - will include this information in the next update. -John -----Original Message----- From: Ahmed, Zahid [mailto:zahid.ahmed@commerceone.com] Sent: Saturday, September 21, 2002 1:31 PM To: John Shewchuk; wss@lists.oasis-open.org Subject: RE: [wss] Web Services Security Issues List John, Thanks for preparing and sending the issues lists. Some comments. Issue#1 about support for alternative mechanisms of signature and encryption (e.g., using PKCS7 encryption/signature for SOAP payload content) is something that I could be an owner for (there were additional folks who also brought this issue up at F2F #1). I'll soon send a short note to start the discussion on this. Issue#8 regarding use case document - we decided that we will form a sub-committee, led by Erik Herring, to decide the scope of non-normative use case document. So, I believe we should have Eric as owner rather than Tim Moses - unless something has changed since the F2F #1 meeting... BTW, Tim was supposed to start a discussion group to resolve the issue around security policy management for web services using an OASIS WSS-QoP discussion group. That started officially last week. Zahid Ahmed -----Original Message----- From: John Shewchuk [mailto:johnshew@microsoft.com] Sent: Saturday, September 21, 2002 10:50 AM To: wss@lists.oasis-open.org Subject: [wss] Web Services Security Issues List The attached issues list records the procedural work items and open technical issues that were identified during our discussions on Sept 4 and in subsequent discussions on email. Note that the issues list does not contain charter questions - those questions should be sent directly to the Chair. If there are issues we discussed that need to be tracked but were omitted please let me know. To cut down on traffic you can send issues to me and I will add them to list and send out periodic updates. Thanks, -John Shewchuk ------- WSS ID Type Status Issue Resolution Owner(s) 1 Technical Open Can we have alternative mechanisms of signature and encryption other than XML DSIG and XML Encryption? 2 Procedural Open Clarify the IP status and licensing terms for the submissions to the working group 3 Technical Open Proposal to Label Tokens to Indicate Their Semantics Hal Lockhart 4 Technical Proposed resolution Why is the token in the header, and not a child of KeyInfo? Per mail from pbaker@verisign.com 5 Technical Proposed resolution Within the KeyInfo, why not use a ds:RetrievalMethod? Per mail from pbaker@verisign.com 6 Investigation Open Will the authors of the roadmap submit it? Chair 7 Technical Proposed resolution Does WS-Security assume SOAP 1.1? Per Sept 4 minutes - it will support all versions of SOAP 8 Investigation Open Determine interest in a Use case document Tim Moses 9 Investigation Open Approach authors to submit the App Note to the TC Chair 10 Investigation Open Investigate interop fest at some later time Chair 11 Investigation Open Pick date for OASIS submission date after initial drafts available Chair 12 Procedural Open Remove all references to ws-routing and such Editors Notes Status values: Open, Proposed Resolution (ready for review), or Resolved. Type values: Technical, Procedural, or Investigation
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC