OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: minutes 1/27

minutes 1/27


1.        Call to order, roll call
2.        Reading/approving minutes of last meeting (Jan 13th) [1]
3.        Ballot results [2] and next steps
4.        Status of other documents (Editors/all)
5.        Issues list status/review
6.        Status of other profiles/interop planning etc          
7.        Other business
8.        Adjournment

#1Attendance of Voting Members
 Gene Thurston AmberPoint
 Frank Siebenlist Argonne National Lab
 Merlin Hughes Betrusted
 Hal Lockhart BEA
 Symon Chang CommerceOne
 Guillermo Lao ContentGuard
 TJ Pannu ContentGuard
 Sam Wei Documentum
 John Hughes Entegrity
 Tim Moses Entrust
 Toshihiro Nishimura Fujitsu
 Kefeng Chen GeoTrust
 Yutaka Kudo Hitachi
 Paula Austel IBM
 Maryann Hondo IBM
 Kelvin Lawrence IBM
 Anthony Nadalin IBM
 Ron Williams IBM
 Don Flinn Individual
 Paul Cotton Microsoft
 Vijay Gajjala Microsoft
 Chris Kaler Microsoft
 Ellen McDermott Microsoft
 John Shewchuk Microsoft
 Richard Levinson Netegrity
 Frederick Hirsch Nokia
 Abbie Barbir Nortel
 Charles Knouse Oblix
 Steve Anderson OpenNetwork
 Vipin Samar Oracle
 Jerry Schwarz Oracle
 Eric Gravengaard Reactivity
 Ben Hammond RSA Security
 Andrew Nash RSA Security
 Rob Philpott RSA Security
 Martijn de Boer SAP
 Blake Dournaee Sarvega
 Coumara Radja Sarvega
 Pete Wenzel SeeBeyond
 Yassir Elley Sun Microsystems
 Jeff Hodges Sun Microsystems
 Ronald Monzillo Sun Microsystems
 Jan Alexander Systinet
 John Weiland US Navy
 Phillip Hallam-Baker VeriSign
Attendance of Prospective Members or Observers
 Mike McIntosh IBM
 Alan Geller Microsoft

Membership Status Changes
 Ramana Turlapati Oracle - Granted voting status after 1/27/2004 call
 Alan Geller Microsoft - Requested membership 1/13/2004
 Joe Barbush Novell - Requested membership 1/21/2004
 Senthil Sengodan Nokia - Lost prospective status 1/27/2004
 Tim Alsop CyberSafe - Lost prospective status 1/27/2004
 cyc cyc IBM - Lost prospective status 1/27/2004
 Eleanor Robinson Individual - Lost prospective status 1/27/2004
 John Shewchuk Microsoft - Returned from LOA 1/27/2004

42 of 58 quorum achieved
        accepting the minutes?
        no objections
        rundown on the vote
        mail went to the list
        2 ballots
                required 2/3 no more than 1/4 against  ....54-0
                that one is passed
                required a majority
                30 is the bar
                37 is a majority
                so that passed as well

Chris asked for any other comments on the ballots  (agenda item #3) before we proceed
no comment

What's next (agenda item #3)

What's missing from the checklist?
Kelvin has started and will share with the list......there are 10 stages that the TC chairs have to prepare text on

(missing one)

earliest to submit would be the 15th of Feb.
Kelvin will send proposed text  for the process doc to list first

Kelvin ....to send pointer to IPR policy to list

The chairs are expected to make sure that everyone has been notified of the policy......
what I did was send a note  to the list and pointing to the ipr policy

     Did that.
     look at the TC home page, any claims are there
    if anyone has any additional IP claims they need to make a declaration

 ...called for IP again....no response

Updates from the editors:
                was not able to provide a diff .....not a MS word expert...provided a new doc
                primary change was to change znames to URIs
                in security token ref, had been relying on elements defined by SAML ......needed to convey that information
                switched from direct references to key identifier references
                updated all the examples to be consistent
                would like to do a pdf diff to localize the changes in this revision....didn't turn out as well as hoped....still trying
                Rich Levinson comment on security token dereference transfer when doing  sender vouches

we should be looking into interop

Chris :
 yes thats agenda item 6

question on Kerberos profile
is there another profile?
where did you see it? not on this list...there is only one here

is there a relationship with the one submitted outside?
not an overlap
having two documents is confusing
can you define the difference
shouldn't be confusing ....not submitting the other document to this TC
I will raise the issues on the list....maybe you can clarify the overlaps

it would help BSP in WS-I if you guys had a schedule for these other profiles

Kelvin and I are trying to get the paperwork filed and then move on to get these done as soon as possible,
Kerberos and xrml are moving along and with all Ron's changes, SAML looks like its moving too

WSI can't move to a public sched until you do

any other comments?

# 5
VJ published a new doc
comments from nishimura, updated the issues list with closed items, saml ones pending,

to Ron......version issue ... which version of SAML
i can say that the document describes how to use SAML 1.0 and 1.1 it doesn't include specific requirements
Can you look at it and see if it can be closed?

update saml profile to use new URL?

update XRML

rename to follow naming conventions

non global attributes does not support element extensibility....
SAML has a work around
should schema support mixed content....

ACTION: open a new  issue
this aspect should be remembered
should be a way to extend key identifiers but maybe it should be a different kind of key identifier
allow structured sub content

Ron,  found when identifying a new reference type
leave open
need a discussion on the list

leave open

key identifier value types and direct reference value types in schema have slightly different semantics
core relative, and others are token profile relative
one issue on consistency.....
could be confusion in future ...need guidelines about  trying to create value types that are profile version specific URIs

#252, #253 closed
trivial editorial bugs

put in errata
should we begin a "next"?

rolling in edits on the list?
collect errors
start a next version and start fixing the editorial bugs there
what's your timeframe?
we're going to be finding errors, should we track in errata and then roll them in?

there is no OASIS policy on the errata collection...and I'm a little concerned about that
it would not affect my vote, we need not only a v-next, but we need to be able to have someone be able to
look at the original and the v-next and be able to see both....
prefer the front matter have a pointer that says ....for information on errata see....

need a distinction between errata and new features

Chris & Kelvin, find out about  OASIS policy on errata

there is no policy, I have checked
several TC's have ignored that
we need (as a continuing TC) to track this....at an absolute minimum

Editors will collect errata
TC  will determine how to deal with it

how do you connect it with the version?

we put a link on the web site pointing to it

asked staff yesterday, typos should be published in an errata doc
normative stuff that needs to change, this needs to be a committee draft

Bob Morgan,
not start on a 1.next until the committed decides to do that

dispose of #252,253, #255
have editors capture those in a running errata doc

any objections?
no taken as unanimous consent.

soap message normalization may be used as a transform should be a canonicalization
this is also errata

252-255 should be closed

question on embedded references
core spec requires the specification of a canonicalization algorithm .....

not sure what the purpose of embedded is
on transform, rather not introduce that linkage and its better to be explicit rather than implicit
common practice is to be fixed
but good practice is explicit

wanted to understand this...when you specify the transform we chose to specify that you must specify alg.
embedded helps when you can't put ids on soap instances....you can wrap them in the STR
is there agreement that if you have an embedded you will get the same result?
you will get a different result
but the security properties are the same

str transform strips the str
what about attributes?
embedded result ....  is the element content of the embedded

Hal, the purpose of embedded was to let us hang the usage attribute on a token...we should explicitly use the str transform when you are using the embedded
in any case with the str transform you are not covering the usage attribute
you need another transform to get the signature over the usage attribute

it doesn't hurt to sign the same content twice
when you sign an STR you are also signing the sub-elements
I found this confusing....what happens with embedded.....
to create a simpler rule
better practice always use the transform and if you have attributes sign it separately without the transform
doesn't answer the question of why to use the transform on the embedded.
should be clarification in the text
what to do if you want to sign the attributes?

ACTION:  New Issue:
STR attributes are not protected
or does the transform need to be modified?
that would be simplest
transform decides what the input is to the digest

VJ there are some more issues that we will get to on the next call

Item #6
status of other profiles and interops

gotten pings from people, were not able to participate in earlier events but are ready now
can we run the original 7 (virtual) again
there are 3 potential interops (SAML, XRML, core) could run simultaneously

(?) using the new schema?
yes, (Chris) we always use the newest schema

People please send mail who would like to participate, when and what ......

can someone create an interop doc for Kerberos?
Was that Hal volunteering?

Tony & Hal to develop  a Kerberos scenario

would like input ...what do people want to do with Kerberos?

other business
everyone should have seen that OASIS is holding a symposium....do we want as a TC to meet there.
OASIS would like groups to come....how many people will be there anyway for other TC items

What are the dates?

mid-Apil 26-29
TC meeting rooms available on 28 & 29th

asking 58 members if they want to do an interop doesn't get you the answers you want
pick a date and then you will get the response, unless we have a concrete proposal in two weeks we'll be at the same point

proposal on interop

Any other business?

Rich Levinson
item #6
based on saml profile updates need to update the saml interop doc ...will do that this week

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]