OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [wss] Minutes for Telecon, Tuesday 29 October 2002

Minutes for WSSTC Telecon, Tuesday 29 October 2002
Dial in info: +1 913 312 4173 #319026
Minutes taken by Steve Anderson


    - Minutes from 8 October 2002 meeting accepted (unanimous)
  New (General) Action Items:
    - Chairs to continue discussion of F2F dates on the list
    - Rob Philpott to gather short list of document naming options
      and post for email vote
    - Kelvin to post WS-Security schema file to WSSTC web site
    - Chris to post options for next call on list
    - Chairs to follow up on establishing ebXML liaison

  Issues List Action Items & Status Updates:
    -  3: Editors to clarify
        - Related to 19 & 23
    -  9: Erick Herring to follow up and make determination
    - 14: Ron will propose change before next meeting
    - 19: Combined with 23
        - Ron to work with Tony to get incorporated in doc
        - Phil Griffin to post to list concerning biometrics, and work
          with Ron
    - 20: Status changed to pending, intend to close on next call
    - 21: Related to 2 & 22
        - Close this item
        - See 22
    - 22: Editors to clarify
    - 23: Combined with 19
    - 24: Combined with 25
        - Still open
    - 25: Combined with 24
    - 26: Status changed to pending, intend to close on next call
    - 27: Editors to clarify
    - 28: Ron will make change in bindings document
        - Status changed to pending, intend to close on next call
    - 29: Prateek to post to list on this issue
    - 30: JohnS to update name of this issue to reflect direction
          of discussion
    - 31: Chairs to derive an appropriate OASIS namespace
        - Editors to change namespace
    - 32: Tony to clarify
        - Status changed to pending, intend to close on next call
    - 33: Status changed to pending, intend to close on next call
        - John to add timestamp discussion as new issue to list

                             Raw Notes

> Agenda:
> 1. Introductions & welcome

> 2. Roll call

- Attendance attached to bottom of these minutes
- Quorum achieved

> 3. Reading of the minutes of our previous meeting (10/8)

- [VOTE] unanimous consent, accepted

> 4. Proposal for next F2F meeting

- Chris & Kelvin spoke w/ OASIS and got offer from them to host during
  week of Dec 8, which is when XML 2002 is going on
    - in Baltimore
    - proposing 2 day meeting
    - reservation for Wed & Thurs
    - other TCs are meeting there that week
    - several indications of conflict
    - original suggestion of Nov 21-22 seemed to have more conflicts
      w/ early Thanksgiving breaks
    - Dec 11-12 conflicts with Liberty Alliance meeting of sponsors
    - IETF is week of Nov 18
- [ACTION] Chairs will continue this on the list

> 5. Reports -- any sub-committees that wish to report

- Erick Herring, Primer SC
    - have just begun work on primer, and are starting 
      separate mailing list
    - has pushed out strawman, and is awaiting comments
    - determining form of work
- Rob Philpott, Doc Naming
    - responses on list favor "Web Services Security: SOAP Message
    - one objection to its length, favor use of "core"
    - lacks qualification
    - Hal: suggests posing small number of options, and do email vote
    - [ACTION] RobP to gather short list of options and post for email

> 6. Progress report from the editors

- Tony Nadalin, core doc
    - updated doc posted this morning
    - have taken comments from mail list that match issues list and
      updated docs
    - some comments haven't been incorporated because they need more
    - will reply to those to try to get all worked in
- Ron Monzillo, SAML bindings doc
    - will post update before next call
    - Kelvin: why even that long?
    - Ron: impact of other work
    - hasn't seen many comments posted for this, most seem to be on
    - Kelvin: wants to have docs to digest well before F2F
- Phillip Hallam-Baker, Kerberos/X509/XrML bindings
    - will try to get a draft out by Friday 
- Hal: concerning Tony's doc, does this reflect editors getting 
  together as discussed previously?
    - Tony: no, couldn't get everyone together
    - they will get together once
- Chris Kaler: need someone to Shepherd the PKCS7 and PKIPath token
    - Phil Griffin: volunteers to help with PKCS7

> 7. Discussion of the documents

- Tim Moses: why aren't we using XMLSchema?
    - Chris: we are
    - Tim: (example) in core, sec 6, line 445, this is not XMLSchema
    - Chris: this is illustrative view, and a separate schema doc
      gives explicit XML
    - Tim: why not use XMLSchema in core?
    - Chris: simplicity of reading
    - several supporting comments of simpler representation
    - Prateek: supports Tim's desire for exactness
    - is there any single doc that holds the complete schema?
    - apparently not yet
    - Chris: why cut and paste, rather than use simplified examples?
    - PhilG: has had bad experiences in past standards efforts keeping
      two such docs in synch
    - PhillHB: has some tools to synchronize between normative doc and
      schema doc
    - Jeff: supports usefulness of having exact XMLSchema in core
    - web site and docs lack normative reference to schema doc
    - Chris: prefers to wait to end, after voting on candidate doc set,
      to copy schema fragments
    - Hal: even simplified examples have a synch problem
    - Jeff: examples don't necessarily have to "validate"
    - RobP: finds SAML doc more comprehensive and easier to understand,
      compared to current WSS docs
    - Tim: simplified form lacks optionality, cardinality, etc
    - Conner: feels that having both forms is valuable
    - John S: agrees, and reiterates need to post schema
    - [ACTION] Kelvin to post schema file
    - Hal: is the notation with slashes and '@' symbols is unfamiliar,
      is it documented somewhere?
    - its basically XPath
    - suggestion to include reference to XPath to explain the notation
    - RobP: suggests that anyone that has an alternative notation 
      should pose it to the list
    - Tim: just surprised that any other notation is needed, but will
      abide by majority feeling
    - Chris: treat this as open issue and take it to the list

> 8. Review and status of actions and issues

- John S: going thru list as sent late yesterday, top to bottom
  < http://lists.oasis-open.org/archives/wss/200210/msg00104.html >
    - 1-2 closed
    - 3
        - Hal: understood that this issue was being subsumed by Ron's 
          doc changes
        - Ron: sent summary/proposal to list, but got no responses
          < http://lists.oasis-open.org/archives/wss/
            200210/msg00052.html >
        - related issues were 19 & 23
        - John: how should we proceed on 3, 4 & 5?
        - the editors will move forward on this, and clarify these
    - 9, was AI for use case authors
        - [ACTION] Erick Herring to follow up and make determination
    - 10-13 postponed/closed
    - 14
        - still open
        - Ron will propose change before next meeting
    - 15
        - Tony put in 1 reference, needs another
        - still open
    - 16-18 closed
    - 19
        - related to issue 3
        - should be combined with issue 23
        - Ron has posted note on this, and needs comments
          < http://lists.oasis-open.org/archives/wss/
            200209/msg00095.html > (item 11)
        - [ACTION] Ron to work with Tony to get incorporated in doc
        - PhilG: might be an area where biometrics should be noted
        - [ACTION] PhilG to post to list concerning biometrics, and 
          work with Ron
    - 20
        - Tony: has attempted to clarify
        - John: will note as pending fix, and will close next time
    - 21-22
        - Ron: 2, 21, & 22 are related
        - suggests that tokens don't necessarily imply a key, so the 
          doc isn't generic enough
        - either this isn't an issue, or we clarify that tokens can 
          carry anything, not just keys
        - closing this item
        - [ACTION] editors to clarify on 22
    - 23
        - grouped with 19
    - 24-25
        - Ron: should be grouped with 25
        - 25 is a question about the presence of a use model
        - Tony: can we deem this out of scope and say that all 
          signatures belong in header?
        - Ron: may be reasonable
        - after much discussion, decide to move to list
    - 26
        - has been moved to 'pending', will be closed next call
    - 27
        - [ACTION] editors to clarify doc
    - 28
        - [ACTION] Ron will make change in rev to bindings
        - pending for review at next call
    - 29
        - Ron: talked this through with Prateek & Jeff, and doesn't
          feel we need to take time on this today
        - not sure if this is an issue or not
        - Prateek: proposes we take this to list
        - [ACTION] Prateek to post to list on this issue
    - 30
        - previously discussed today (simplified examples in normative
          doc rather than actual XMLSchema fragments)
        - still open
        - will be discussed on list
        - [ACTION] JohnS to update name of this issue to reflect
          direction of this discussion
    - 31
        - Consensus around using an OASIS namespace
        - [ACTION] chairs to derive an appropriate OASIS namespace
        - [ACTION] editors to change namespace
    - 32
        - Tony: has clarified freshness issue in text, but not the 
          SHA-1 issue
        - Tim; e.g., in Europe, people want to use RIPEMD
        - [ACTION] Tony to clarify
        - marking issue as pending
    - 33
        - Tony: has attempted to clarify Tim's main points
        - Tim will review latest draft
        - marking this as pending
        - Tony: looking for other examples for where timestamp is more
          than just time
        - Tim: timestamp is too precise, as it certifies the existence
          of the message at that instant
        - just thinks element should be named "time" rather than
        - [ACTION] John will add timestamp discussion as new issue to 
    - 34
        - will move to list
    - out of time to complete issues list
- Tony: doc edits will get messy with change bars
    - suggestion to accept changes in doc after posting to list,
      so that each posting is a delta from the previous posting

> 9. Any other business

- Schedule of next call
    - Chris: doesn't think that can be decided on this call
    - if we wait three weeks for next call to get back on old sched,
      that will step on one of the proposed F2F dates
    - [ACTION] Chris will post options for next call on list tomorrow
- Chris: volunteer for ebXML liaison?
    - Zahid volunteers
    - is this only for ebXML Messaging or CPPA?
    - will see if anyone responds on list
    - [ACTION] chairs to follow up on establishing ebXML liaison

> 10. Adjourn

- Adjourned


Attendance of Voting Members:

  Don Adams TIBCO
  Zahid Ahmed Commerce One
  Jan Alexander Systinet
  Steve Anderson OpenNetwork
  Conor Cahill AOL
  Greg Carpenter Nokia
  William Cox BEA
  Martijn de Boer SAP
  Thomas DeMartini ContentGuard
  Yassir Elley Sun Microsystems
  Jeremy Epstein webMethods
  Don Flinn Quadrasis
  Simon Godik Overxeer
  Sam Greenblatt Computer Associates
  Phillip Hallam-Baker Verisign
  Erick Herring Digital Evolution
  Jeff Hodges Sun Microsystems
  Maryann Hondo IBM
  Merlin Hughes Baltimore Technologies
  Chris Kaler Microsoft
  Charles Knouse Oblix
  Takashi Kojo NEC
  Yutaka Kudo Hitachi
  Chris Kurt Microsoft
  Kelvin Lawrence IBM
  Hal Lockhart Entegrity Solutions
  Anne Manes (individual)
  Monica Martin Drake Certivo, Inc.
  Prateek Mishra Netegrity
  Ronald Monzillo Sun Microsystems
  Bob Morgan (individual)
  Ron Moritz Computer Associates
  Tim Moses Entrust
  Anthony Nadalin IBM
  Nataraj Nagaratnam IBM
  Andrew Nash RSA Security
  Toshihiro Nishimura Fujitsu
  Mark Nobles LMI
  Rob Philpott RSA Security
  Hemma Prafullchandra Verisign
  Rajesh Raman BEA Systems
  Ed Reed Novell
  Irving Reid Baltimore Technologies
  Peter Rostin RSA Security
  Jason Rouault HP
  Vipin Samar Oracle
  Jerry Schwarz Oracle
  Senthil Sengodan Nokia
  Shawn Sharp Cyclone Commerce
  John Shewchuk Microsoft
  Frank Siebenlist Argonne National Lab
  Andre Srinivasan E2open
  Andrew Sweet Perficient
  Gene Thurston AmberPoint
  Ganesh Vaideeswaran Documentum
  Sam Wei Documentum
  Rob Weltman Netscape/AOL
  Pete Wenzel SeeBeyond

Attendance of Observers or Prospective Members:

  Toufic Boubez Layer 7
  Guillermo Lao ContentGuard
  Phil Griffin Griffin Consulting
  Frederick Hirsch Nokia
  Tim Hall Talking Blocks
  Ian Hunter TIBCO

Membership Status Changes:

  Toufic Boubez Layer 7 - Granted voting status after call
  Nand Mulchandani Oblix - Withdrew 10/10/2002
  Igor Balabine IONA - Withdrew 10/15/2002
  Gilbert Pilz E2open - Lost voting status due to inactivity
  Gavenraj Sodhi Business Layers - Lost voting status due to inactivity


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC