OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: WSS-Minutes 10-05



No chairs available......[Kelvin travelling, Chris Kaler might have had some travel problems so.....some discussion about election of a pro-tem chair]

Hal volunteered to be chair
Seconded by <sorry...missed  who seconded>
No objections.

Steve took attendance:

Attendance of Voting Members
 
  Frank Siebenlist Argonne National Lab
  Hal Lockhart BEA
  Corinna Witt BEA
  Merlin Hughes Betrusted
  Chong-Jen Hsu CommerceOne
  Thomas DeMartini ContentGuard
  Guillermo Lao ContentGuard
  Tim Moses Entrust
  Dana Kaufman Forum Systems
  Toshihiro Nishimura Fujitsu
  Irving Reid HP
  Kojiro Nakayama Hitachi
  Derek Fu IBM
  Maryann Hondo IBM
  Paula Austel, IBM
  Mike McIntosh IBM
  Anthony Nadalin IBM
  Ron Williams IBM
  Bob Morgan Internet2
  Kate Cherry Lockheed Martin
  Vijay Gajjala Microsoft
  Alan Geller Microsoft
  Richard Levinson Netegrity
  Prateek Mishra Netegrity
  Frederick Hirsch Nokia
  Abbie Barbir Nortel
  Steve Anderson OpenNetwork
  Vamsi Motukuru Oracle
  Ramana Turlapati Oracle
  Ben Hammond RSA Security
  Andrew Nash RSA Security
  Rob Philpott RSA Security
  Martijn de Boer SAP
  Blake Dournaee Sarvega
  Pete Wenzel SeeBeyond
  Jeff Hodges Sun Microsystems
  Ronald Monzillo Sun Microsystems
  Symon Chang TIBCO
  John Weiland US Navy
  Phil Hallam-Baker, Verisign
  Maneesh Sahu Westbridge Technology
   
 
Attendance of Prospective Members or Observers
 
  Jerry Schwarz Oracle
  Carolina Canales-Valenzuela Ericsson
  Davanum Srinivas CA
  Ramanathan Krishnamurthy IONA
 
 
Membership Status Changes
 
  Senthil Sengodan Nokia - Requested membership 9/21/2004
  Charles Knouse Oblix - Withdrew 9/21/2004
  Carolina Canales-Valenzuela Ericsson - Requested membership 9/23/2004
  Davanum Srinivas CA - Requested membership 10/5/2004
  Don Flinn Individual - Lost voting status after 10/5/2004 call
  Sundeep Peechu Sargeva - Lost prospective status after 10/5/2004 call


we do have quorum

Hal:  acceptance of the minutes?
motion to approve, Frederick
second, Tony
no objections to unanimous consent


Tony : report on errata
complete as per last call...change to X509 profile
this completes what's on the list & discussed in the last meeting
Any other comments?<none>

SAML & REL profile status- report from the chairs?
post to list ,  chairs  need to make a formal call for IPR
[ Hal made an informal call ]

other document status:
Attachments -Frederick, still some issues with Dana on  v10 to address  this
Kerberos- profile - Tony- no changes
1.1 version of core?  any changes ? waiting for final comments from group
need to vote it as CD,  go ahead with SAML & REL without that
Tony can post a new 1.1 ....

any objections? no
Tony to post

interop planning
Kerberos:  Allen Geller, posted scenarios , has not gotten any response
Attachments: Blake, posted draft of scenarios, gotten some comments & still in the process of updating
proposed date for interop ...week of   Oct 25th (ibm, datapower, cyclone)  Nov 15th (hitachi, sun, oracle, datapower, westbridge)
have we decided to hold two?

time to make a decision
Blake made a motion to do Nov 15th, seconded by datapower
Tony spoke against it,  we need to get back to WS-I ASAP

can all companies that can do it on the 25th, can they repeat it on the 15th?
IBM, no

Take a vote, roll call
not sure if this is the appropriate proceedure...it does affect the TC as a whole

Tony, why does it matter if we do 2?
Hal, do you want to propose an ammedment to the proposal?
Tony, that has been the proposal all along.
If people can't make it that's ok

will be doing the same scenarios ....for the oct date there are only 3 companies,
let's not spend any more time....table the matter and let the participants make the arrangements?

what is the objective? an interop is a pre-condition to committee draft
BSP can't work on it until its a committee draft
we could go to committee draft sooner....but that will need to be following the process
and the chairs will work that

Issues list -Vijay

282- pending
298-pending Tony, not clear on the change required, in addition to core statement about ordering, token profiles
can define their own order
Tony, does this go into errata or 1.1?
Tony thinks this is a 1.1 issue. Vijay, it is a 1.next issue.......
309-pending- specific item is fixed, but issue is to review all token profiles and see if it occurred anywhere else...
321-closed- Frederick thinks this should be closed (Dana agreed)
327,328-closed in errata


53 closed by 282 noting in the issues list the remaining part of this is in 282.
84 text proposed ...Tony to look at resolution
86 pending ( a champion) also related to resolution on 319
this is so old the name of the profile it relates to has changed.... does anyone want to advance this profile, otherwise propose that we close this issue
103  Ron-to figure out the status of this issue
196-closed
310-open, need discussion on the mailing list
( goal would be to put Vijays text in profile (Tony?) and mark this as pending )
did we just and another kind of key identifier that everyone needs to support ? (Ron)
the code doesn't exist for this, people don't do thumbprint based lookup
are we talking about the next version? if there is value in doing this it should be mandatory
it is useful to be well defined, we're adding another form of index
Hal-
its reasonably established in the PKI world
choices are don't define it, make it optional, make it mandatory
Oracle-
what is the impact on other security groups? this will change things around
Hal-
BSP  would have to decide whether or not to profile this
a good identifier is one that is unambiguos and in widespread use
the SKI has 2 strikes against it
Hal:
issuer serial number issue: issuer is a dn, and there are repositories who are doing a full x509 dn match and pkix says that the only thing
you are required to do is a byte by byte compare, and the result is that somethings don't match when they should
BEA has an issue with making this mandatory.
Vijay,
it could be optional
Oracle-
if we take the thumbprint approach, is this something in LDAP or is this external?
Ron-
question is whether or not you capture the thumbprint and store it in LDAP
you  have to change what you store in LDAP

anyone object to moving on?

315-pending (Tony to put Hal's text into core)
317,318,319-open  Vijay has text, not posted to the list yet, get discussion
326,329 -open (Frederick)
330 pending- Dana, errata to errata small changes for editors (Tony) add unless there are problems
331-open


Paula Austel, Phil Hallam-Baker



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]