OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [wss] OASIS submission ballot invalid? Re: [wss] WSS TC ballots - second reminder

There is a saying that I believe holds in our present situation – “The perfect is the enemy of the good”.  Is this spec. perfect, No; Will this spec ever be perfect, No.  But I believe that this spec is good.  We have a responsibility to release a specification that can be used for Web Services security and I believe that we have such a specification.  As this technology is used by the outside world, faults that we have not thought of may be uncovered.  To put this in perspective, some faults in other security protocols were not uncovered until years after their first release.


This does not mean that we should release a spec that has known weaknesses.  I don’t believe that this is the case here.   Jerry listed one change that was discussed in e-mail and telecom and agreed upon.  I don’t think that this change is substantive enough to pull the spec at this point, but the vote of the TC will determine that.  No other problems with the spec. have been brought up as substantive.
-----Original Message-----
From: Kelvin Lawrence [mailto:klawrenc@us.ibm.com]
Sent: Friday, January 23, 2004 10:29 AM
To: Jeff Mischkinsky
Cc: wss@lists.oasis-open.org
Subject: Re: [wss] OASIS submission ballot invalid? Re: [wss] WSS TC ballots - second reminder

Jeff, before the votes were setup, over the past several meetings, there have been many discussions at the TC meetings as to whether or not the TC members felt that there needed to be a second interop. After discussion in the TC it was not felt necessary as the changes were not substantive and the TC remained comfortable that the work done to date was sufficient. All of these discussions can be found in the WSS TC minutes archive at [1] .  Furthermore, no one is on record prior to now as having asked for another review phase either. This change that is being cited has been in the spec since Dec 16th. So far other than a couple of general comments, no one has cited concrete examples of substantive changes.

We also discussed at length the creation of these votes and how they would work. We even delayed voting a week to give folks more time to prepare. Also, the  change that has been raised as "reason for another public review"  was made to the document, as I mentioned, on 12/16/2003 (over a month ago) - and only now is this objection being raised - during the last business day before the vote closes.

 It is my firm belief that the changes made are not substantial enough to require a full second review cycle. As co-chair if I felt otherwise I would not myself be supporting this work moving forward at this time. As I said  no member has asked for a second public review until now. As I have said on the record many times, I recognize the need to both deliver this spec to the industry in a timely manner but also not at the expense of quality. I personally believe we have reached the point now where it is right to proceed. But again this is for the TC and not me to decide and hence we have the current votes underway.

As to the votes being out of order, not at all, they are totally in line with the OASIS process of a committee draft vote followed by vote of all voting to advance the work. The creation of the votes was approved by a unanimous vote of the TC members at our last meeting and no one raised objection.  As to the work progressing, this is for the TC to decide by vote under the rules laid out in the process document at [2]. We will have to see how the vote comes out and what the wish of the TC is and then the TC will discuss and at the upcoming meeting.

[1] http://www.oasis-open.org/committees/wss/minutes.php
[2] http://www.oasis-open.org/committees/process.php#standard


WSS TC co-Chair

Jeff Mischkinsky <jeff.mischkinsky@oracle.com> wrote on 01/22/2004 11:11:59 PM:

> Hi,
>    Not to be a procedural wonk, but doesn't this mean that the second
> ballot is "out of order" and "invalid"? Assuming the first ballot passes,
> then there needs to be another public review, and no substantive changes as
> a result of that review, before that document can be proposed as an OASIS
> standard?
>     cheers,
>      jeff
> At 08:40 PM 1/22/2004, Ron Monzillo wrote:
> >Jerry,
> >
> >I share your opinion that substantive changes were made to the spec,
> >and that we should conduct another review cycle.
> >
> >Therefore, I have also voted NO on the ballot "Submit to OASIS for final
> >approval ?".
> >
> >Ron
> >
> >Jerry Schwarz wrote:
> >
> >>At 02:06 PM 1/21/2004, Kelvin Lawrence wrote:
> >>
> >>>Apparently the system failed to send the automatic reminder it was
> >>>supposed to send today so I am sending another reminder to you all to
> >>>vote in the currently open ballots.
> >>>
> >>>We are now more than half-way through the work week and a great many of
> >>>us have yet to vote - please do vote soon so we can begin collating the
> >>>results prior to our TC call next week. Many thanks!
> >>>
> >>>I will send a final reminder later in the week.
> >>>
> >>>Cheers
> >>>Kelvin
> >>
> >>
> >>FYI. I have just voted yes on making this a CD, but no on submitting for
> >>final with the comment attached below.
> >>
> >>-----------------
> >>Oracle believes that there have been too many changes to the documents to
> >>advance it to final status another public review period.
> >>
> >>According to the OASIS Procedures. " If substantive changes are made to
> >>the specification after the start of the public review then the TC should
> >>conduct another review cycle".
> >>
> >>I will cite as one instance of a substantive change the change from QName
> >>to URI for the valuetype attributes.
> >>
> >>------------------------
> >>
> >>Rereading the comment I see a missing "without" and a typo. The first
> >>sentence should read
> >>
> >>"Oracle believes that there have been too many changes to the documents
> >>to advance them to final status without another public review period."
> >>To unsubscribe from this mailing list (and be removed from the roster of
> >>the OASIS TC), go to
> >>http://www.oasis-open.
> org/apps/org/workgroup/wss/members/leave_workgroup.php.
> >
> >
> >
> >
> >To unsubscribe from this mailing list (and be removed from the roster of
> >the OASIS TC), go to
> >http://www.oasis-open.org/apps/org/workgroup/wss/members/leave_workgroup.php.
> >
> Jeff Mischkinsky                      jeff.mischkinsky@oracle.com
> Consulting Member Technical Staff     +1(650)506-1975
> Director, Web Services Standards      500 Oracle Parkway M/S 4OP9
> Oracle Corporation                    Redwood Shores, CA 94065
> To unsubscribe from this mailing list (and be removed from the
> roster of the OASIS TC), go to http://www.oasis-open.
> org/apps/org/workgroup/wss/members/leave_workgroup.php.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]