OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [wss] Minutes of WSS Call 2005-01-11

Thanks for following up.


From: Anthony Nadalin [mailto:drsecure@us.ibm.com]
Sent: Tuesday, January 11, 2005 2:05 PM
To: Martin Gudgin
Cc: wss@lists.oasis-open.org
Subject: Re: [wss] Minutes of WSS Call 2005-01-11


Issue 347 has been addressed in the 1.1 document that has been posted

Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
Inactive hide details for "Martin Gudgin" <mgudgin@microsoft.com>"Martin Gudgin" <mgudgin@microsoft.com>

"Martin Gudgin" <mgudgin@microsoft.com>

01/11/2005 11:04 AM





[wss] Minutes of WSS Call 2005-01-11


Minutes of WSS Call 2005-01-11. Please send any corrections to the list,
I may not have all the names/affiliations correct...



> 1. Call to order, roll call

Steve takes roll and quorom is achieved.

Attendance of Voting Members

 Gene Thurston AmberPoint
 Hal Lockhart BEA
 Corinna Witt BEA
 Thomas DeMartini ContentGuard
 Guillermo Lao ContentGuard
 Merlin Hughes Cybertrust
 Tim Moses Entrust
 Carolina Canales-Valenzuela Ericsson
 Dana Kaufman Forum Systems
 Toshihiro Nishimura Fujitsu
 Kefeng Chen GeoTrust
 Irving Reid HP
 Kojiro Nakayama Hitachi
 Kelvin Lawrence IBM
 Mike McIntosh IBM
 Anthony Nadalin IBM
 Nataraj Nagaratnam IBM
 Ron Williams IBM
 Kate Cherry Lockheed Martin
 Paul Cotton Microsoft
 Vijay Gajjala Microsoft
 Martin Gudgin Microsoft
 Chris Kaler Microsoft
 Richard Levinson Netegrity
 Jeff Hodges NeuStar
 Frederick Hirsch Nokia
 Abbie Barbir Nortel
 Lloyd Burch Novell
 Steve Anderson OpenNetwork
 Vamsi Motukuru Oracle
 Ramana Turlapati Oracle
 Prateek Mishra Principal Identity
 Ben Hammond RSA Security
 Rob Philpott RSA Security
 Martijn de Boer SAP
 Pete Wenzel SeeBeyond
 Ronald Monzillo Sun Microsystems
 Symon Chang TIBCO
 John Weiland US Navy
 Phillip Hallam-Baker VeriSign
 Maneesh Sahu Westbridge Technology

Attendance of Prospective Members

 Don Flinn Individual

Membership Status Changes

 Irving Reid HP - Returned from LOA before 1/11/2005 call
 Frank Siebenlist Argonne National Lab - Lost voting status after
1/11/2005 call
 Don Flinn Individual - Granted voting status after 1/11/2005 call
 Larry Byrns IBM - Lost prospective status after 1/11/2005 call

> 2. Reading/approving minutes of last meeting (14th December 2004) [1]

Minutes of 2004-12-14 approved without objection.

> 3. SWA Vote result. When do we want to start the Public review? [2]

38 yes, 4 abstain, 0 no

2/3 Yes vote, no more than 1/4 no achieved.

SWA profile is approved as a committee draft.

Moved by BEA\Hal that we start public review immediately.
Seconded by IBM\Tony.
No objection to so starting public review.

Public review will start ASAP.

ACTION: Chris and Kelvin to perform necessary administrative tasks to
start public review of SWA profile.

Lockheed Martin\Kate: All the abstains were Microsoft, does anyone from
Microsoft want to make a comment?
Microsoft\Paul: We don't see why anyone should HAVE to make a comment on
the vote.
IBM\Kelvin: OASIS staff are going to change the voting tool so that
no/abstain votes can be made without having to comment.
IBM\Kelvin: Thanks to Frederick et.al. for all technical and editorial
work on the SWA profile.

> 4. Status of 1.1 documents

IBM\Kelvin: Needs some help from the editors getting the home page up to
date with links to correct documents. Can editors give us an update on
where we are with 1.1
IBM\Tony: We need to close some more issues before we can update the

> 5. Other document status (SwA, Kerberos,etc...)

SWA, see section 3.
Microsoft\Gudge: No movement on Kerberos. I will try to send an updated
document this week.

> 6. Issue list review

Pending issues:

Issue 84.

BEA\Hal: My recollection was that we agreed to remove the Decryption
Transform section.
IBM\Tony; That was done, latest document has this changes
Microsoft\Chris: Issue 84 is closed

Issue 282.

BEA\Hal: Looks OK to me.
Microsoft\Chris: Issue 282 is closed

Issue 330.
Issue 331.
Issue 332.

Microsoft\Chris: Have the changes suggested by 330 been incorporated in
the last update.
IBM\Tony: I believe so, let me check. All have been posted.
Microsoft\Chris: OK, 330, 331, 332 are closed

Issue 347


Issue 350

Microsoft\Chris: 350 is closed.

Issue 351/352

BEA\Hal: Proposals were posted before Christmas. No comments so far.
Microsoft\Vijay: I'm going to send comments this week.
Microsoft\Chris: These two stay as pending.

Open Issues:

Issue 250

Microsoft\Chris: I recall that there was concern about making such a
change in 1.1
Sun\Ron: Requires a schema change (adding a URI).
Microsoft\Chris: We have made backward compatible changes to schema.
Sun\Ron: I believe this change can be made in a similar fashion. I
thought Chris said we weren't releasing a new schema.
Microsoft\Chris: I meant we don't want to break the schema.
Contentguard\Thomas: There are different kinds of schema changes. Adding
elements/attributes to an extensibility point doesn't necessarily break
something. But if we're adding stuff where there was no extensibility
point, or removing things then it's not a compatible change.
Nokia\Frederick: Isn't it valuable to get this change in sooner rather
than later.
BEA\Hal: I agree. It's not clear to me whether there will be anything
beyond 1.1. So I think it's do it now, or never do it.
Sun\Ron: I concluded that we weren't making this level of schema change
in 1.1.
Microsoft\Chris: Issue title implies that we are moving an attribute.
Sun\Ron: Proposal designed to not take anything away but to make sure
you don't have to use internal overloaded values.
ContentGuard\Thomas: I think there is a disconnect between what Ron just
said and the latest proposal.
Microsoft\Chris: I'd like to see mocked up document edits and then we
can see what the changes are and get a feel for what the impact is (e.g.
will there be possible conflicts if information appears in two places )
Sun\Ron: I think such a proposal has already been made. It was only one
or two sentences added. One to advise against the use of an attribute in
future profiles.
Don: Last meeting everyone agreed this should be done. Only question was
whether to do it in 1.1 or some later spec.
ContentGuard\Thomas: Reads Ron's e-mail proposal

...Discussion between Ron, Thomas et.al. on what the proposal says...

ContentGuard\Thomas: Maybe we should write up the changes required to
each of the token profiles.

Microsoft\Chris: I'd like to see us define what it means if both
attributes are present.
Sun\Ron: I would say that only one attribute SHOULD appear.
Microsoft\Chris: But if you only allow one ( the new one) , how do you
indicate the reference type?
Microsoft\Chris (paraphrasing Ron): If they're both specified, they must
be consistent, otherwise it's an error.
Sun\Ron: I could go along with that. If you specify both attributes, the
token type has to be consistent with the value type.
Microsoft\Chris: I propose we get an updated proposal sent to the list
that captures the above. I'd like to see us vote on this at the next
Contentguard\Thomas: I'm not comfortable voting until I see the changes
to the 1.1 token profiles.
Microsoft\Chris: We don't know that there will be any impact. If we
decided not to rev the profiles, we can write up the impact.

..Some discussion between Chris, Ron and Thomas about impact and schema

Microsoft\Chris: Ron needs to amend his proposal as above and to modify
the language so that it doesn't say that the attribute is deprecated,
but rather is deprecated as a way of indicating the token type ( rather
than the reference type ).

ACTION: Ron to produce updated proposal. Based on above minutes.

Contentguard\Thomas: I'm not happy voting on this until I've seen the
Microsoft\Chris: The TC seems to be OK with having a vote on the next
call. There may be such a vote.

Issue 310.

Microsoft\Vijay: Not yet done.
Microsoft\Chris: Leave 310 open

Issue 338:

BEA\Hal: No progress yet
Microsoft\Chris: Leave open

Issue 349

Sun\Ron: Don't want to prohibit ReferenceList. Agreement was reached but
doc not updated.
Nokia\Frederick: I'll make that update.
Microsoft\Chris: Move to pending.

Issue 353

Microsoft\Chris: 353 is closed ( we have added new schema elements in
1.1 )

Issue 354

Sun\Ron: I've added text to make the point clear but apparently is
hasn't helped. I've sent mail to the commentators but not heard back.
I've fixed the typos.
Microsoft\Chris: Looks like we have a SAML Profile 1.1 ( due to
corrections to typos ).
Sun\Ron: I'm not sure we'd create a 1.1 just for the typos.
Sun\Ron: I've prepared a SAML 2.0 profile, I have a draft that supports
SAML 1.1 and 2.0. I'd like to have that be the next version of the SAML
Token Profile.
BEA\Hal: We should create an 'errata fixed' document first, then worry
about a second document.
Microsoft\Chris: I don't think there would be objections to including
SAML 2.0 in a future SAML Token profile.
BEA\Hal: SAML 2.0 will become an OASIS standard next month.
Neustar\Jeff: Still need to figure out how to deprecate older specs.
Next version of SAML Token Profile should support 1.1 and 2.0, need to
then deprecate the 1.1 only SAML Token Profile spec.
BEA\Hal: Why is it necessary to deprecate the spec?
Neustar\Jeff: Because then people only have to go to one document to
know about 1.1 and 2.0.
Sun\Ron: Combined document will be the 1.1 document, plus the 2.0 stuff.
If you wanted 1.1 support, you could look at either document.
Microsoft\Chris: Mark 354 as pending. Editors to create an errata for
SAML 1.1 Token Profile.

ACTION: Editors to create an errata for SAML 1.1 Token Profile.

> 7. Interop events status

Kerberos Interop:

Microsoft\Chris: One party has an endpoint up, but no date for event
yet. Gudge is working on a date for the interop event.

> 8. Remaining business for 2005

IBM\Kelvin: We need to work on the Minimalist Profile.
BEA\Hal: Biometric token profile?
Microsoft\Chris: We'd need someone to champion that work.
BEA\Hal: Not clear to me how you use Biometric for Sig/Enc

IBM\Kelvin: So current work is 1.1, Kerberos Token Profile, SWA Profile
and then Minimalist Profile in that order. And Kerberos completes our
requirements for WS-I BSP.
BEA\Hal: WS-I BSP will probably profile everything that comes out of
this TC.
IBM\Kelvin: So that's our work for the first quarter ish of this year?
BEA\Hal: Well, there are other specs that are in this space that will be
going into standards orgs at some point.

> 9. Other business

No other business.

> 10. Adjournment

Meeting adjourned at 08:10am PST

To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/wss/members/leave_workgroup.php.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]