OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes from the April 20, 2003 Telecom

The minutes for the April 20 telecom is below.  Any corrections cheerfully



Roll Call - Quorum Achieved

Minutes of the previous telecom - Approved 

First Item Interop Scenario - 
Hal - I issued a document for the Interop Scenario with a new format and
with more details for the Interop. 

Irving - does it require MustUnderstand be true?
Hal - Yes; There is a question of whether the partner should check whether
it is correct.
Jerry - They need to check
Mark - This is needed just for the interop, not for compliance
Kalvin - Will put this document in the web site.
Hal - A schema is needed.
Chris - I will write up the necessary schemas.
Hal - Irving asked if this is too restrictive.  I tried to make it
restrictive for the interop.
Chris - There is a question on key usage
Hal - Use the same key pair and cert for the interop.  This is bad security
usage and some implementations may reject this.  Implementations should
check the usage bits.
Kelvin - Any other problems with scenarios.
Jerry - Key Identifier is not in the X.509 spec.  It's a gray area.
Chris - Ask Phillip to add text to X.509 to add a Key Identifier.  This is
an Action Item to Phillip.

Kelvin - With respect to the ballot - 30 to 50% have voted.  One week to go.

Tim - Need button for abstain.
Kelvin - Can abstain from interop and vote yes or no on date.  Ballot closes
on the 29th.

Tony - No Major changes on core document, draft 12.  There were minor edits
and namespace changes and doc numbers matches.  This draft is mostly cleanup

Kelvin - Do the other editors have something.
Phillip - Note that XKMS is now out of way so I will work on X.509. I will
put out an update start of next week.
Ron - I have an update, which I will put out.
Don - What about a primer for WS-Security. Has that task been dropped?
Kelvin - If there is a volunteer for an author for the primer let Kelvin or
Chris know.

WSS Minimal Profile
Tony - I will post slides on this submission.  This submission is royalty
free.  When input was solicited, it was required that submissions be royalty
The Purpose is to define a profile that will eliminate inefficiencies, e.g.
minimum or no canonization, no requirement for in-memory DOM; no X-Path,
etc.  Put some restrictions on WS-Security for performance and efficiency.
Allow streaming processing. There are some implementations that are as small
as 40k.  Feel that this is a good base for interop and will allow it to be
build on small devices and allow these small devices to access mainframes,

Martin - What about attachments?
Tony - Attachments are excluded in profile, but if someone wants to work on
it please do.
Jerry - What does MustUnderstand mean in MProf?
Tony - For example,  a receiver may not understand how the message has been
previously formatted.
Ron - Intermediates may act on it the wrong way.
Tony - Intermediates should understand what they are doing.
Jerry - Will a message with the MProf element still be conforming.
Tony - Yes.  A server might say it will only accept MProf messages.  
Chris - Let's move on and have agenda item next week on Mprof.
Jerry - Change name from profile.

Vote - WS-Security will have another profile supporting nProf. It will be
added as an output of the TC and become part of the standard.  The TC will
have a discussion on the name for this item.  Approved with no objections

Review of the Issues List 
Hal - Close 10- Approved - no objections 
Ron - Issue 25, there is nothing new
Chris - Issue 31.  We are pushing on OASIS for real URL's for namespace.
Kelvin - The new Kiva system doesn't add much help.  Will be weeks before it
is straightened out, but OASIS is working on it.
Hal - 30  The WS-Security schema will be a separate document.
Chris - We want a consistent description of all documents
Kelvin - Chris will have a meeting with editors to have consistency among
Hal - Issue 46 - What does postpone mean.  What is to be done?
Hal - I will follow up and find out what real issue is.

Issue 62 
Ron - How do we version.  There is an action item to describe problem.  I
will dig up previous messages on this.
Chris & Kelvin - We will make sure that we get up to speed  on the OASIS
action on this issue.

Issue 64 - There has been work on a glossary.
Kelvin - Terminology section is like a glossary.
Hal - Close 64 - Approved with No objections

Issue 65 - Document on Bio profile has been issued.
Vote - Close 65 pending checking with Phil Griffin, Approved.

Issue 66 - Should have been closed. 
Vote Close 66 Approved, No objection

Issue 67 -
Hal - The specification added usage but still needs categories for the
Ron - Does the usage labels support multiple usages?
Chris - I will be sure that this is supported in schema.
Hal - There should there be an identifier.
Chris - There is a namespace followed by name, which is defined in the
Hal - I will repost the values that I previously posted to the list.
John - Are these the list of names that will be normative.
Hal - They should be normative and extensible.  But we should try to put all
the names that we can think of in the specification.

Discussion on what the usage attribute should be and what/who they represent

There was an action item to take this discussion on the list.

Hal - We should mark all post interop issues as open.

Issue 68 - Close this issue; Passed with no objections

Issue 69 - Move this issue to the editors.

Issue 70 - s/b message 00008.
There is no clarification of what should be understood.
Chris - Can only go on the header. This should be made explicit.  Pass this
update to editors.
Jerry - must understand all sub elements to the extent that the
specification defines it.
Tim - must understand it but not process it.
Jerry - if profile says you must do something then you must do whatever the
profile says.
In what namespace should the attribute be defined?  It should be in the
envelope namespace.

Issue 71  - Have the editors fix this.

Issue 72 - wrong message link.  Have John check.

Issue 73 - Have editors take a wack at it.  

Jerry - Referring to line 736 of the April 21 draft, the example does not
contain a SAML assertion but is referenced on that line.

Issue 74 - Hal - leave it open; need description in the security
consideration.  Hal will formulate a proposal as what to do.

Issue 75 - Jerry - Presently not required to respond to denial of service
attack.  This is the wrong level to do this.  It should be caught earlier.  
Chris - Might not be able to make decision until get to this level.  
Jerry - That is too late.
A Discussion on this issue took place - Should or should it be required to
send a response at the WSS level?
Kelvin - Take this discussion to to list.
Chris - Next meeting pick up at issue 76.

Kelvin - We do not have the time to get to non-repudiation.  We will get to
it the next meeting.

Phillip - XKMS is going to last call.  The documentation is available at
A good interaction between WS-sec and XKMS is desired.  Once the WS-Security
specification is passed XKMS will add a profile for WS-Security.  

Put this on the issues list.  
Action Item.  Kelvin and Chris will send a summary of the discussion on the
WS-Security mailing list to W3C.

Hal - Close 83; its fixed.

Kelvin - Please respond to ballot on F2F.
Phillip - Motion to adjurn 

Donald Flinn
WSS Associates
Phone: (781) 856-7230
e-mail: flinn@alum.mit.edu
Web Page: http://dflinn.home.attbi.com


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]