OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: WSS-TC Minutes: 7.27.2004

Minutes for Oasis Web Services Security Technical Committee , Tuesday July 27, 2004.
1.  Meeting was called to order 10:05 AM EDT;
Kelvin Lawrence and Chris Kaler were in the Chair.  
Ron Williams (IBM Corporation) acted as recording secretary for this meeting

Call to Order
Roll Call

Attendance of Prospective Members and Observers  
Attendance of Voting Members

  Gene Thurston AmberPoint
  Hal Lockhart BEA
  Corinna Witt BEA
  Merlin Hughes Betrusted
  Steven Lewis Booz Allen Hamilton
  Davanum Srinivas CA
  Thomas DeMartini ContentGuard
  Guillermo Lao ContentGuard
  Sam Wei Documentum
  Tim Moses Entrust
  Dana Kaufman Forum Systems
  Toshihiro Nishimura Fujitsu
  Irving Reid HP
  Kojiro Nakayama Hitachi
  Paula Austel IBM
  Maryann Hondo IBM
  Kelvin Lawrence IBM
  Mike McIntosh IBM
  Anthony Nadalin IBM
  Ron Williams IBM
  Bob Morgan Internet2
  Paul Cotton Microsoft
  Vijay Gajjala Microsoft
  Alan Geller Microsoft
  Chris Kaler Microsoft
  Richard Levinson Netegrity
  Prateek Mishra Netegrity
  Frederick Hirsch Nokia
  Senthil Sengodan Nokia
  Abbie Barbir Nortel
  Lloyd Burch Novell
  Charles Knouse Oblix
  Steve Anderson OpenNetwork
  Jerry Schwarz Oracle
  Ramana Turlapati Oracle
  Ben Hammond RSA Security
  Andrew Nash RSA Security
  Rob Philpott RSA Security
  Martijn de Boer SAP
  Blake Dournaee Sarvega
  Coumara Radja Sarvega
  Pete Wenzel SeeBeyond
  Jeff Hodges Sun Microsystems
  Ronald Monzillo Sun Microsystems
  Jan Alexander Systinet
  Symon Chang TIBCO
  John Weiland US Navy
  Maneesh Sahu Westbridge Technology
Attendance of Prospective Members

  Vamsi Motukuru Oracle

Membership Status Changes
  Ari Kermaier Oracle - Lost prospective status after 7/27/2004 call
46 out of 49 voting members in attendance: quorum achieved

2. Reading/approving minutes of last meeting (July 13th) [1]

2 revisions from last meeting
Objections called: no objections – minutes approved

3. Errata status and review

Tony Nadalin: Updates posted including X509v3 Certs from Ron Monzillo. Tony decided ‘encoding type’ issue not errata because it changes the interpretation of the field in question.

Hal Lockhart: Move to make current errata document committee draft.
Tony Nadalin: Motion Seconded.

Committee discussed voting and significance of draft.

Hal Lockhart: Point of order: – do we have 2/3 present
Steve Anderson: yes

Kelvin Lawrence called for the vote: “Any objection to posting current draft as committee draft?”
No Objections: Motion carried unanimously.

Discussion: how to combine errata and core document
Ron M: What is the end result of consolidating errata into the document?
Ron M: Hard to know what the sections to which errata applies means?

Hal: Direct the editors to produce a version of the document with errata applied?
Presuming normative changes makes a good starting point to make changes

Action to editors: produce a version of the document with errata applied
Action to Chair:update and copy list that errata are on Kavi/Oasis, fix errata that are marked "TC Only"

4. Status of other profiles (SAML, XrML, Kerberos, SwA)

        Current ballot SAML Profile: 36 of 60 voted to date
        35 yes, 1 abstain, 0 noes (60% yes)

        Discussion of when vote terminates
Chris Kaler to fix vote expiration on Kavi to reflect end of day Wednesday, 7.28.2004.

Other Profiles:
Tony Nadalin: Kerberos Profile posted w/ changes removing raw ticket as previously discussed.
WS-I discussed need to clarify when mime processing is performed.  

Hal Lockhart: Propose if SAML Token Profile receives committee draft vote approval – direct editors to move for public review of profiles, if successful – advance REL and SAML Token Profile for public review.

Rob Philpott: Seconded

Discussion: Call for discussion: no discussion
Kelvin: Call for vote
No objections: motion carried, unanimously approved.
Action for chairs – start Oasis getting docs into public review.
Hal Lockhart: Action for editors: Look at URL’s of the schema and make sure all are correct.

Discussion concerning minimal profile. Chair will prioritize discussion. Committee urged to review document prior to discussion.
Paul Cotton requested that document submitters align current profile with core document and errata prior to discussion.
Kelvin Lawrence to put link to minimal profile on TC front page.
General agreement that minimal profile won't sacrifice other TC work items.
Editorial action: Update minimal profile to bring it in line with core and errata documents.

5. Issue list review

List mailed and posted

Pending items

Issue: 290: pending
ACTION: Editors to update core

Resolved: Next call: have two versions of core: 1) errata folded in, 2) errata plus closed issues for review.

Issue 293: fold clarification into errata: closed (Tony Nadalin)
303: closed
306: swa profile comments: pending  - changes working
307: swa comments: closed
305: Kerberos tickets: closed
302: nishimura’s comments: closed
298: x509 tt, issue serial: open
308: REL token profile: Open
Discussion: HAL: the REL token contains a license id, comparable to SAML assertion id, implemented as a URI in a direct reference instead of as a key identifier. More logical as a key identifier (asserted by HAL). Confusing for implementers if similar things implemented in different ways.
Thomas Demartini: Don’t understand necessity for doing this. Is it broken?
HAL: different profiles doing same things in different ways. A priori it is inconsistent. We can go through public review and make a decision at the end of it. REL and SAML should be referenced in the same way.
Action Item: Debate on the list.
285: transform: closed
282: password based key derivation: pending
AI: Editors to include this in the next version of the username token profile.
268: securing SOAP attachments: closed

AI: Review postponed issues on next call (postponed items)

6. Interop planning status (Kerberos, SwA)

Where are we?
Blake Dournee: SOAP Attachments: 8 companies who want to participate. Can’t do interop without interop doc – Blake to work on.
Tony Nadalin: Virtual Interop?
Blake: Yes
Alan Geller: Posted sketch of Kerberos scenarios (draft). Requested comments from committee.

7. Other business

Kelvin Lawrence: Note – for any Oasis committee – putting together public developer mailing lists. Ours I wss-dev@oasis-open.org, can be subscribed in the normal way. Following updated links to SAML profile (on home page). There's a pointer there. Fixed pointers to Kerberos Profile. Need to add a pointer to the SOAP attachment interop.

Hal Lockhart: Notice – new OASIS IPR policy – now time for comments – changes a lot from previous. 9 months to align or end work (TC’s). Urged group to review and comment. FAQ – Normative policy document – transition document. Rules for each moderately complicated.

8. Adjournment

Re-check roll –
Motion to adjourn: 11:23 AM EDT.

ron williams   sr enterprise architect   ibm software group    tivoli security  vox +1.512.838.0073  cell +1.512.633.7711

S/MIME Cryptographic Signature

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]