wss message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: WSS-TC Minutes: 7.27.2004
- From: Ron Williams <ron.williams@us.ibm.com>
- To: wss@lists.oasis-open.org
- Date: Tue, 27 Jul 2004 15:15:51 -0600
Minutes for Oasis
Web Services Security Technical Committee , Tuesday July 27, 2004.
1. Meeting was
called to order 10:05 AM EDT;
Kelvin Lawrence and
Chris Kaler were in the Chair.
Ron Williams (IBM
Corporation) acted as recording secretary for this meeting
Call to Order
Roll Call
Attendance of Prospective
Members and Observers
Attendance of Voting
Members
Gene Thurston
AmberPoint
Hal Lockhart
BEA
Corinna Witt
BEA
Merlin Hughes
Betrusted
Steven Lewis
Booz Allen Hamilton
Davanum Srinivas
CA
Thomas DeMartini
ContentGuard
Guillermo Lao
ContentGuard
Sam Wei Documentum
Tim Moses Entrust
Dana Kaufman
Forum Systems
Toshihiro Nishimura
Fujitsu
Irving Reid
HP
Kojiro Nakayama
Hitachi
Paula Austel
IBM
Maryann Hondo
IBM
Kelvin Lawrence
IBM
Mike McIntosh
IBM
Anthony Nadalin
IBM
Ron Williams
IBM
Bob Morgan
Internet2
Paul Cotton
Microsoft
Vijay Gajjala
Microsoft
Alan Geller
Microsoft
Chris Kaler
Microsoft
Richard Levinson
Netegrity
Prateek Mishra
Netegrity
Frederick Hirsch
Nokia
Senthil Sengodan
Nokia
Abbie Barbir
Nortel
Lloyd Burch
Novell
Charles Knouse
Oblix
Steve Anderson
OpenNetwork
Jerry Schwarz
Oracle
Ramana Turlapati
Oracle
Ben Hammond
RSA Security
Andrew Nash
RSA Security
Rob Philpott
RSA Security
Martijn de
Boer SAP
Blake Dournaee
Sarvega
Coumara Radja
Sarvega
Pete Wenzel
SeeBeyond
Jeff Hodges
Sun Microsystems
Ronald Monzillo
Sun Microsystems
Jan Alexander
Systinet
Symon Chang
TIBCO
John Weiland
US Navy
Maneesh Sahu
Westbridge Technology
Attendance of Prospective
Members
Vamsi Motukuru
Oracle
Membership Status
Changes
Ari Kermaier
Oracle - Lost prospective status after 7/27/2004 call
46 out of 49 voting
members in attendance: quorum achieved
2. Reading/approving
minutes of last meeting (July 13th) [1]
2 revisions from last
meeting
Objections called:
no objections – minutes approved
3. Errata status and
review
Tony Nadalin: Updates
posted including X509v3 Certs from Ron Monzillo. Tony decided ‘encoding
type’ issue not errata because it changes the interpretation of the field
in question.
Motion:
Hal Lockhart: Move
to make current errata document committee draft.
Tony Nadalin: Motion
Seconded.
Discussion:
Committee discussed
voting and significance of draft.
Hal Lockhart: Point
of order: – do we have 2/3 present
Steve Anderson: yes
Kelvin Lawrence called
for the vote: “Any objection to posting current draft as committee draft?”
No Objections: Motion
carried unanimously.
Discussion: how to
combine errata and core document
Ron M: What is the
end result of consolidating errata into the document?
Ron M: Hard to know
what the sections to which errata applies means?
Hal: Direct the editors
to produce a version of the document with errata applied?
Presuming normative
changes makes a good starting point to make changes
Action to editors:
produce a version of the document with errata applied
Action to Chair:update
and copy list that errata are on Kavi/Oasis, fix errata that are marked
"TC Only"
4. Status of other
profiles (SAML, XrML, Kerberos, SwA)
Current ballot SAML Profile: 36 of 60 voted to date
35 yes, 1 abstain, 0 noes (60% yes)
Discussion of when vote terminates
Chris Kaler to fix
vote expiration on Kavi to reflect end of day Wednesday, 7.28.2004.
Other Profiles:
Tony Nadalin: Kerberos
Profile posted w/ changes removing raw ticket as previously discussed.
WS-I discussed need
to clarify when mime processing is performed.
Motion:
Hal Lockhart: Propose
if SAML Token Profile receives committee draft vote approval – direct
editors to move for public review of profiles, if successful – advance
REL and SAML Token Profile for public review.
Rob Philpott: Seconded
Discussion: Call for
discussion: no discussion
Kelvin: Call for vote
No objections: motion
carried, unanimously approved.
Action for chairs
– start Oasis getting docs into public review.
Hal Lockhart: Action
for editors: Look at URL’s of the schema and make sure all are correct.
Discussion concerning
minimal profile. Chair will prioritize discussion. Committee urged to review
document prior to discussion.
Paul Cotton requested
that document submitters align current profile with core document and errata
prior to discussion.
Kelvin Lawrence to
put link to minimal profile on TC front page.
General agreement
that minimal profile won't sacrifice other TC work items.
Editorial action:
Update minimal profile to bring it in line with core and errata documents.
5. Issue list review
List mailed and posted
Pending items
Issue: 290: pending
ACTION: Editors to
update core
<Discussion>
Resolved: Next call:
have two versions of core: 1) errata folded in, 2) errata plus closed issues
for review.
Issue 293: fold clarification
into errata: closed (Tony Nadalin)
303: closed
306: swa profile comments:
pending - changes working
307: swa comments:
closed
305: Kerberos tickets:
closed
302: nishimura’s
comments: closed
298: x509 tt, issue
serial: open
308: REL token profile:
Open
Discussion: HAL: the
REL token contains a license id, comparable to SAML assertion id, implemented
as a URI in a direct reference instead of as a key identifier. More logical
as a key identifier (asserted by HAL). Confusing for implementers if similar
things implemented in different ways.
Thomas Demartini:
Don’t understand necessity for doing this. Is it broken?
HAL: different profiles
doing same things in different ways. A priori it is inconsistent. We can
go through public review and make a decision at the end of it. REL and
SAML should be referenced in the same way.
Action Item: Debate
on the list.
285: transform: closed
282: password based
key derivation: pending
AI: Editors to include
this in the next version of the username token profile.
268: securing SOAP
attachments: closed
AI: Review postponed
issues on next call (postponed items)
6. Interop planning
status (Kerberos, SwA)
Where are we?
Blake Dournee: SOAP
Attachments: 8 companies who want to participate. Can’t do interop without
interop doc – Blake to work on.
Tony Nadalin: Virtual
Interop?
Blake: Yes
Alan Geller: Posted
sketch of Kerberos scenarios (draft). Requested comments from committee.
7. Other business
Kelvin Lawrence: Note
– for any Oasis committee – putting together public developer mailing
lists. Ours I wss-dev@oasis-open.org, can be subscribed in the normal
way. Following updated links to SAML profile (on home page). There's a
pointer there. Fixed pointers to Kerberos Profile. Need to add a pointer
to the SOAP attachment interop.
Hal Lockhart: Notice
– new OASIS IPR policy – now time for comments – changes a lot from
previous. 9 months to align or end work (TC’s). Urged group to review
and comment. FAQ – Normative policy document – transition document. Rules
for each moderately complicated.
8. Adjournment
Re-check roll –
Motion to adjourn:
11:23 AM EDT.
Cheers!
__________________________________________________________________________________________________
ron williams sr enterprise architect ibm software group
tivoli security vox +1.512.838.0073 cell +1.512.633.7711
S/MIME Cryptographic Signature
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]