| [Thread Prev]
| [Thread Next]
| [Date Next]
| [Thread Index]
| [Elist Home]
Subject: [wss] Corrected and final minutes for Sept 24th meeting
- From: Kelvin Lawrence <firstname.lastname@example.org>
- To: email@example.com
- Date: Thu, 17 Oct 2002 18:05:42 -0500
Continuing to work through all of my
actions from the last call, I am now posting the final minutes for the
Sept 24th call as approved on our last call. The only change is to fix
the attendance list. I have updated the minutes as follows:
Made sure the prospective members in
attendance list is correct (I added the missing names)
Fixed the spelling of one name.
Here are those amended and now final,
OASIS Web Services
Security (WSS) TC Meeting
Official Minutes –Draft v.01
Agenda (as posted prior to the meeting)
· Roll call
· Reading of the
minutes of our previous meeting
· Summary of the
revised OASIS TC process
· Brief report
from the "naming" sub-committee
· Brief report
from the editors
· Initial review
of "core" specification
· Review and status
of actions and issues
· Any other business
Don Adams TIBCO
Zahid Ahmed Commerce One
Steve Anderson OpenNetwork
Conor Cahill AOL
Greg Carpenter Nokia
Paul Cotton Microsoft
Martijn de Boer SAP
Thomas DeMartini ContentGuard
Yassir Elley Sun Microsystems
Andrew Fetterer CrossLogix
Don Flinn Quadrasis
Eric Gravengaard Reactivity
Phillip Hallam-Baker Verisign
Erick Herring Digital Evolution
Jeff Hodges Sun Microsystems
Merlin Hughes Baltimore Technologies
Chris Kaler Microsoft
Yutaka Kudo Hitachi
Kelvin Lawrence IBM
Hal Lockhart Entegrity Solutions
Monica Martin Drake Certivo, Inc.
Ronald Monzillo Sun Microsystems
Bob Morgan (individual)
Tim Moses Entrust
Anthony Nadalin IBM
Nataraj Nagaratnam, IBM
Andrew Nash RSA Security
Toshihiro Nishimura Fujitsu
Rob Philpott RSA Security
William Pope Choreology
Ed Reed Novell
Vipin Samar Oracle
Jerry Schwarz Oracle
Senthil Sengodan Nokia
Shawn Sharp Cyclone Commerce
John Shewchuk Microsoft
Frank Siebenlist Argonne National Lab
Andre Srinivasan E2open
Andrew Sweet Perficient
Gene Thurston AmberPoint
Steve Trythall Sonic Software
Pete Wenzel SeeBeyond
Guillermo Lao, Content
Takashi Kojo, NEC
Prateek Mishra, Netegrity
Jason Rouault HP
William Cox BEA
Anne Manes (individual)
Jim Ducharme Netegrity
Ron Moritz Computer Associates
John Weiland Navy
Summary of Action Items:
1) Correct minutes and resend to the list as
final and approved and sent to the list. – Kelvin Lawrence
2) Post updated charter to OASIS website- Co-
3) It was agreed that the subcommittee will
be publishing alternatives for the membership to consider A specific timetable
was not mentioned.
4) Comments back to the editors (Tony
Nadalin and Philip Hallam-Baker)
of the core specification? Comments
sent to the list by COB Monday 6-30
5) Issue list action items contained in detailed
Meeting started at 7:04a Pacific
1) Roll Call
1) Roll call taken by Steve Anderson (Secretary
of WSS TC)
2) Quorum was present. This meeting is
an official voting meeting. 38 voting members attending.
3) Prateek asked about membership requirements.
Kelvin responded with the standard TC rules including the requirement
to attend the first f2f meeting of the TC and then being eligible after
the 3rd f2f meetings. Hal Lockhart mentioned that individuals are
members not companies and regrets have no real impact status-wise.
4) It was urged that members that cannot consistently
make meetings should volunteer for observer status to alleviate quorum
2) Minutes Read and Approved
Drafts were sent around concerning the f2f. ? Changes accepted by
Ron Monzillo and consider the minutes read ? Discussion occurred
around the roll call and a discrepancy in members that attended the initial
f2f. This was resolved and the question was called on the acceptance
of the minutes. No objections were heard. Action to correct
the minutes incorporating the latest changes submitted to the list - Kelvin
It was then discussed that on Sept 16th new TC procedures were ratified
and sent around to members and it was urged that voting members make themselves
aware of the procedures, especially regarding intellectual property rights.
3) Naming subcommittee
Kelvin Lawrence asked the subcommittee to report progress. The subcommittee
mentioned the desire for WS-Security to be kept as the name while keeping
in mind the scope of this TC. It was agreed that the subcommittee
will be publishing alternatives for the membership to consider A
specific timetable was not mentioned.
4) Editor Update
Tony Nadalin reported that he has merged WS-Security and the WS-Addendum
and separated x.509 and Kerberos components and handed off to the appropriate
editors. The WSS Core specification has been sent to the list. Phillip
Baker mentioned he sent the x.509 and Kerberos profile documents to the
list. Regarding the SAML draft, Ron Monzillo used draft 4.
The PDF went out to the list yesterday.
Jerry Schwartz brought up IP issues with RSA that arose in the first f2f.
The RSA claims around SAML have do not impact this document. Rob
Philpott added that there is no statement required by RSA regarding this
document. The effort is to get the document submitted. RSA
will go evaluate their own IPR position as soon as possible.
Core Specification – It was a straight merge of the WS-Security and Addendum.
Key info versus references. Clarifications were not made around
this and Philip sent language to the list. Philip summarized by saying
ACTION: Tony Nadalin and Philip proposed to take a first draft
for the list. Jeff mentioned that many may not have had a chance
to read. What is the timeline Chris? Chris said comments should
be returned within the next 6 days from today. Comments sent to the
list by COB Monday 6-30. Kelvin mentioned detailed review for the next
Ron SAML – both of the submissions – more in around subject confirmation,
but leverages Philips template for bindings. Philip took the tokens
document and core and extracted the boilerplate and style and Kerberos
and x.509 and they take the same form. XrML will be next. 3
separate documents. PDFs were sent to the list.
What is the process for going forward? Editors job to make the changes
requested by the group. The current to-do is to perform the mergers
agreed to in the f2f. Most important thing is to review. What
is the power of the editor? Chris focus on grammatical errors, but
content should be raised to the list. Kelvin working draft revs and
track changes. Needs to propose specific changes for the list. Hal.
Review of Actions and Issues
Procedural question on the list? Pros and cons and specific change
will be in this as a spreadsheet? Answer put pointers to minutes.
Links to specific email messages will be added to the archives. Email
will not be sufficient – JeffH. Need an issues document. Separate
procedural issues from technical. 2 separate documents.
List of status and actions reviewed that were sent around on email.
John ? reviewed
Issue # - matches list document
1) Zahid Ahmed – get from document sent. Some
endpoint in messaging the payload is encrypted with PK7 will need to be
able propagate encrypted payloads. Need a pointer in the header not
suitable for intermediary but only for endpoints. Reference attachments
from the signature? Answer: You can. URI can reference an attachment.
Tag type in core or separate spec. MSFT supportive of w3c work
around encryption. New good way to do signatures in XML (GO with
XML standards.) XML Encryption and DSIG would be preferred. W3C
standard is a good one around interop. Craig Carpenter – separate
conformance but spec should not be limited in support. Action:
Philip said this issue arose around XML Signature with PK7 The resolution
should be researched and a note should be written. Zahid volunteered
for volunteer that note.
2) Procedural issue – IP submissions – to
the mailing list to his email links to the messages by each author. Links
to the messages.
3) Hal Lockhart to label for semantics. Sent
to the list, one positive comment, but no others. Hal mentioned put
together a proposal and looking for XML Schema expertise. Decided
need concrete proposal and get it to the list. Read Hal's email and
4) Technical issue – why is the token in the
header and not a child. Philip sent email explaining the issue. Confluence
of a number of specs. XML encryption and signatures are aligned along
public key architecture. Kerberos conflict you want the token at
a higher level but with public key bind. Consistency or not?Addendum
made statements here. Tony mentioned that not everything becomes
a key. Verbage has made it into the merged document. ACTION:
Review the merged documents and compare to the four security profile documents.
5) Philip and Tony will write a paragraph addressing
6) Action for the Roadmap – Kelvin sent back
to folks at IBM and no answer. Same status with MSFT. Next phone
call. Roadmap is public, will it be used beyond the public document today?
If we reference it, get a snapshot as a submission that is why we
are doing this? JeffH said since it is not required since it is not
completely guided by the document. Used as a historical footnote
not a roadmap or serves officially one. No work on the roadmap by
our TC. ACTION: KelvinEmail on the list request clarification.
Both footnotes have been dropped and will be added back.
7) Support for all versions of SOAP - closed
8) Determine use case interest; no activity
on the list; reexamine in next call
9) AppNote to the TC – Action for the chair
– Request to list about how we will use these documents. Stated
it is out there and can be used. Copyright permission issues? Was
JeffH question. Is that a problem? Chris/Kelvin ACTION talk
to respective company lawyers.
10) Investigate interop fest? Need to
wait for feedback from the documents; need feedback onus is on the membership.
11) Covered by 10. Need to gauge core
12) Editors remove all references to WS-routing – editors done
* Motion to close 2,7,8,12: Any objection? No objection unanimous.
For the record, Prateek Mishra submitted draft 4 of the SAML profile (draft-sstc-profile-04)
Next concall and timing discussion:
Proposed 2 weeks and then decide frequency. Establish bi-weekly and
if more meetings are needed we can add more. Next f2f. Action
item needed for more planning for f2f. Present logistics proposals
next week. Send preferences to the list.
10-8 for the next concall.
Motion to adjournment approved.
| [Thread Prev]
| [Thread Next]
| [Date Next]
| [Thread Index]
| [Elist Home]
Powered by eList eXpress LLC