OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: RE: [wss] Corrected minutes for Sept 24th meeting


According to my records, the following prospective members should be added to the attendance list:
  Maryann Hondo IBM
  Jason Rouault HP
  William Cox BEA
  Anne Manes (individual)
  Jim Ducharme Netegrity
  Ron Moritz Computer Associates
  John Weiland Navy

And, for courtesy, I believe the prospective attendees list should include
  Guillermo Lao ContentGuard
rather than
  Lao Guillermo, Content Guard
(otherwise I have it recorded wrong).
--
Steve


-----Original Message-----
From: Kelvin Lawrence [mailto:klawrenc@us.ibm.com]
Sent: Friday, October 04, 2002 9:42 PM
To: wss@lists.oasis-open.org
Subject: [wss] Corrected minutes for Sept 24th meeting






I have applied the corrections sent to the e-mail list thus far. The
corrected minutes are below. Specifically:

1. I added people who were present but who have notified us that they
appear to be missing from the roll call list
2. I included those prospective members that appear to be missing but were
present in a new prospective member section.
3. I made a note under new business that Prateek Mishra submitted draft 4
of the SAML profile document

Steve Anderson, could you please check this revised list and see if anyone,
prospective or full member, is still missing from the roll call, I think we
are still missing some. Thanks.

Cheers
Kelvin


OASIS Web Services Security (WSS) TC Meeting
Official Minutes –Draft v.01

Agenda (as posted prior to the meeting)

· Introductions & welcome
· Roll call
· Reading of the minutes of our previous meeting
· Summary of the revised OASIS TC process
· Brief report from the "naming" sub-committee
· Brief report from the editors
· Initial review of "core" specification
· Review and status of actions and issues
· Any other business
· Adjournment


Members Present
  Don Adams TIBCO
  Zahid Ahmed Commerce One
  Steve Anderson OpenNetwork
  Conor Cahill AOL
  Greg Carpenter Nokia
  Paul Cotton Microsoft
  Martijn de Boer SAP
  Thomas DeMartini ContentGuard
  Yassir Elley Sun Microsystems
  Andrew Fetterer CrossLogix
  Don Flinn Quadrasis
  Eric Gravengaard Reactivity
  Phillip Hallam-Baker Verisign
  Erick Herring Digital Evolution
  Jeff Hodges Sun Microsystems
  Merlin Hughes Baltimore Technologies
  Chris Kaler Microsoft
  Yutaka Kudo Hitachi
  Kelvin Lawrence IBM
  Hal Lockhart Entegrity Solutions
  Monica Martin Drake Certivo, Inc.
  Ronald Monzillo Sun Microsystems
  Bob Morgan (individual)
  Tim Moses Entrust
  Anthony Nadalin IBM
  Nataraj Nagaratnam, IBM
  Andrew Nash RSA Security
  Toshihiro Nishimura Fujitsu
  Rob Philpott RSA Security
  William Pope Choreology
  Ed Reed Novell
  Vipin Samar Oracle
  Jerry Schwarz Oracle
  Senthil Sengodan Nokia
  Shawn Sharp Cyclone Commerce
  John Shewchuk Microsoft
  Frank Siebenlist Argonne National Lab
  Andre Srinivasan E2open
  Andrew Sweet Perficient
  Gene Thurston AmberPoint
  Steve Trythall Sonic Software
  Pete Wenzel SeeBeyond

Prospective Members Present

  Lao Guillermo, Content Guard
  Takashi Kojo, NEC
  Prateek Mishra, Netegrity


Summary of Action Items:

1)        Correct minutes and resend to the list as final and approved and
sent to the list. – Kelvin Lawrence
2)        Post updated charter to OASIS website- Co- Chairs
3)        It was agreed that the subcommittee will be publishing
alternatives for the membership to consider A specific timetable was not
mentioned.
4)        Comments back to the editors (Tony Nadalin and Philip
Hallam-Baker) of the core specification?  Comments sent to the list by COB
Monday 6-30
5)        Issue list action items contained in detailed minutes below.


------------------------------------------------------------------------------------------------------------

Detailed Minutes

Meeting started at 7:04a Pacific

1) Roll Call

1)        Roll call taken by Steve Anderson (Secretary of WSS TC)
2)        Quorum was present.   This meeting is an official voting meeting.
38 voting members attending.
3)        Prateek asked about membership requirements.  Kelvin responded
with the standard TC rules including the requirement to attend the first
f2f meeting of the TC and then being eligible after the 3rd f2f meetings.
Hal Lockhart mentioned that individuals are members not companies and
regrets have no real impact status-wise.
4)        It was urged that members that cannot consistently make meetings
should volunteer for observer status to alleviate quorum issues.

2) Minutes Read and Approved

Drafts were sent around concerning the f2f.  ? Changes accepted by Ron
Monzillo and consider the minutes read ?  Discussion occurred around the
roll call and a discrepancy in members that attended the initial f2f.  This
was resolved and the question was called on the acceptance of the minutes.
No objections were heard.  Action to correct the minutes incorporating the
latest changes submitted to the list - Kelvin Lawrence.

It was then discussed that on Sept 16th new TC procedures were ratified and
sent around to members and it was urged that voting members make themselves
aware of the procedures, especially regarding intellectual property rights.





3) Naming subcommittee

Kelvin Lawrence asked the subcommittee to report progress. The subcommittee
mentioned the desire for WS-Security to be kept as the name while keeping
in mind the scope of this TC.  It was agreed that the subcommittee will be
publishing alternatives for the membership to consider  A specific
timetable was not mentioned.

4) Editor Update

Tony Nadalin reported that he has merged WS-Security and the WS-Addendum
and separated x.509 and Kerberos components and handed off to the
appropriate editors.  The WSS Core specification has been sent to the list.
Phillip Baker mentioned he sent the x.509 and Kerberos profile documents to
the list.   Regarding the SAML draft,  Ron Monzillo used draft 4.  The PDF
went out to the list yesterday.

Jerry Schwartz brought up IP issues with RSA that arose in the first f2f.
The RSA claims around SAML have do not impact this document.  Rob Philpott
added that there is no statement required by RSA regarding this document.
The effort is to get the document submitted.  RSA will go evaluate their
own IPR position as soon as possible.

Core Specification – It was a straight merge of the WS-Security and
Addendum.  Key info versus references.  Clarifications were not made around
this and Philip sent language to the list.  Philip summarized by saying
ACTION:  Tony Nadalin and Philip proposed to take a first draft for the
list.  Jeff mentioned that many may not have had a chance to read.  What is
the timeline Chris?  Chris said comments should be returned within the next
6 days from today.  Comments sent to the list by COB Monday 6-30. Kelvin
mentioned detailed review for the next call.

Ron SAML – both of the submissions – more in around subject confirmation,
but leverages Philips template for bindings.  Philip took the tokens
document and core and extracted the boilerplate and style and Kerberos and
x.509 and they take the same form.  XrML will be next.  3 separate
documents.  PDFs were sent to the list.

What is the process for going forward?  Editors job to make the changes
requested by the group.  The current to-do is to perform the mergers agreed
to in the f2f.  Most important thing is to review.  What is the power of
the editor?  Chris focus on grammatical errors, but content should be
raised to the list.  Kelvin working draft revs and track changes.  Needs to
propose specific changes for the list.  Hal.









Review of Actions and Issues

Procedural question on the list?  Pros and cons and specific change will be
in this as a spreadsheet?  Answer put pointers to minutes.  Links to
specific email messages will be added to the archives.  Email will not be
sufficient – JeffH.  Need an issues document.  Separate procedural issues
from technical.  2 separate documents.

List of status and actions reviewed that were sent around on email.
John ? reviewed

Issue # - matches list document
1)        Zahid Ahmed – get from document sent.  Some endpoint in messaging
the payload is encrypted with PK7 will need to be able propagate encrypted
payloads.  Need a pointer in the header not suitable for intermediary but
only for endpoints.  Reference attachments from the signature?  Answer: You
can.  URI can reference an attachment.  Tag type in core or separate spec.
MSFT supportive of w3c work around encryption.  New good way to do
signatures in XML (GO with XML standards.)  XML Encryption and DSIG would
be preferred.  W3C standard is a good one around interop.  Craig Carpenter
– separate conformance but spec should not be limited in support.  Action:
Philip said this issue arose around XML Signature with PK7 The resolution
should be researched and a note should be written.  Zahid volunteered for
volunteer that note.
2)        Procedural issue – IP submissions – to the mailing list to his
email links to the messages by each author.  Links to the messages.
3)        Hal Lockhart to label for semantics.  Sent to the list, one
positive comment, but no others.  Hal mentioned put together a proposal and
looking for XML Schema expertise.  Decided need concrete proposal and get
it to the list.  Read Hal's email and give comments.
4)        Technical issue – why is the token in the header and not a child.
Philip sent email explaining the issue.  Confluence of a number of specs.
XML encryption and signatures are aligned along public key architecture.
Kerberos conflict you want the token at a higher level but with public key
bind.  Consistency or not?Addendum made statements here.  Tony mentioned
that not everything becomes a key.  Verbage has made it into the merged
document.  ACTION: Review the merged documents and compare to the four
security profile documents.
5)        Philip and Tony will write a paragraph addressing this issue.


6)        Action for the Roadmap – Kelvin sent back to folks at IBM and no
answer.  Same status with MSFT. Next phone call. Roadmap is public, will it
be used beyond the public document today?  If we reference it, get a
snapshot as a submission that is why we are doing this?  JeffH said since
it is not required since it is not completely guided by the document.  Used
as a historical footnote not a roadmap or serves officially one.  No work
on the roadmap by our TC.  ACTION:  KelvinEmail on the list request
clarification.  Both footnotes have been dropped and will be added back.

7)        Support for all versions of SOAP - closed

8)        Determine use case interest;  no activity on the list; reexamine
in next call

9)        AppNote to the TC – Action for the chair – Request to list about
how we will use these documents.  Stated it is out there and can be used.
Copyright permission issues? Was JeffH question.  Is that a problem?
Chris/Kelvin ACTION talk to respective company lawyers.

10)        Investigate interop fest?  Need to wait for feedback from the
documents; need feedback onus is on the membership.

11)         Covered by 10.  Need to gauge core documents.

12) Editors remove all references to WS-routing – editors done


* Motion to close 2,7,8,12:  Any objection?  No objection unanimous.


New Business:

For the record, Prateek Mishra submitted draft 4 of the SAML profile (
draft-sstc-profile-04) .

Next concall and timing discussion:  Proposed 2 weeks and then decide
frequency. Establish bi-weekly and if more meetings are needed we can add
more.  Next f2f.  Action item needed for more planning for f2f.  Present
logistics proposals next week.  Send preferences to the list.

10-8 for the next concall.

Motion to adjournment approved.


----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC