Thanks for following up.
From: Anthony Nadalin
Sent: Tuesday, January 11, 2005
To: Martin Gudgin
Subject: Re: [wss] Minutes of WSS
Issue 347 has been addressed in the 1.1 document that
has been posted
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
01/11/2005 11:04 AM
[wss] Minutes of
WSS Call 2005-01-11
of WSS Call 2005-01-11. Please send any corrections to the list,
I may not have all the names/affiliations
> 1. Call to order, roll call
Steve takes roll and quorom is achieved.
Attendance of Voting Members
Gene Thurston AmberPoint
Hal Lockhart BEA
Corinna Witt BEA
Thomas DeMartini ContentGuard
Guillermo Lao ContentGuard
Merlin Hughes Cybertrust
Tim Moses Entrust
Carolina Canales-Valenzuela Ericsson
Dana Kaufman Forum Systems
Toshihiro Nishimura Fujitsu
Kefeng Chen GeoTrust
Irving Reid HP
Kojiro Nakayama Hitachi
Kelvin Lawrence IBM
Mike McIntosh IBM
Anthony Nadalin IBM
Nataraj Nagaratnam IBM
Ron Williams IBM
Kate Cherry Lockheed Martin
Paul Cotton Microsoft
Vijay Gajjala Microsoft
Martin Gudgin Microsoft
Chris Kaler Microsoft
Richard Levinson Netegrity
Jeff Hodges NeuStar
Frederick Hirsch Nokia
Abbie Barbir Nortel
Lloyd Burch Novell
Steve Anderson OpenNetwork
Vamsi Motukuru Oracle
Ramana Turlapati Oracle
Prateek Mishra Principal Identity
Ben Hammond RSA Security
Rob Philpott RSA Security
Martijn de Boer SAP
Pete Wenzel SeeBeyond
Ronald Monzillo Sun Microsystems
Symon Chang TIBCO
John Weiland US Navy
Phillip Hallam-Baker VeriSign
Maneesh Sahu Westbridge Technology
Attendance of Prospective Members
Don Flinn Individual
Membership Status Changes
Irving Reid HP - Returned from LOA before
Frank Siebenlist Argonne National Lab - Lost
voting status after
Don Flinn Individual - Granted voting status
after 1/11/2005 call
Larry Byrns IBM - Lost prospective status
after 1/11/2005 call
> 2. Reading/approving minutes of last meeting
(14th December 2004) 
Minutes of 2004-12-14 approved without objection.
> 3. SWA Vote result. When do we want to start
the Public review? 
38 yes, 4 abstain, 0 no
2/3 Yes vote, no more than 1/4 no achieved.
SWA profile is approved as a committee draft.
Moved by BEA\Hal that we start public review
Seconded by IBM\Tony.
No objection to so starting public review.
Public review will start ASAP.
ACTION: Chris and Kelvin to perform necessary
administrative tasks to
start public review of SWA profile.
Lockheed Martin\Kate: All the abstains were
Microsoft, does anyone from
Microsoft want to make a comment?
Microsoft\Paul: We don't see why anyone should
HAVE to make a comment on
IBM\Kelvin: OASIS staff are going to change the
voting tool so that
no/abstain votes can be made without having to
IBM\Kelvin: Thanks to Frederick et.al. for all
technical and editorial
work on the SWA profile.
> 4. Status of 1.1 documents
IBM\Kelvin: Needs some help from the editors
getting the home page up to
date with links to correct documents. Can editors
give us an update on
where we are with 1.1
IBM\Tony: We need to close some more issues before
we can update the
> 5. Other document status (SwA,
SWA, see section 3.
Microsoft\Gudge: No movement on Kerberos. I will
try to send an updated
document this week.
> 6. Issue list review
BEA\Hal: My recollection was that we agreed to
remove the Decryption
IBM\Tony; That was done, latest document has this
Microsoft\Chris: Issue 84 is closed
BEA\Hal: Looks OK to me.
Microsoft\Chris: Issue 282 is closed
Microsoft\Chris: Have the changes suggested by 330
been incorporated in
the last update.
IBM\Tony: I believe so, let me check. All have
Microsoft\Chris: OK, 330, 331, 332 are closed
Microsoft\Chris: 350 is closed.
BEA\Hal: Proposals were posted before Christmas.
No comments so far.
Microsoft\Vijay: I'm going to send comments this week.
Microsoft\Chris: These two stay as pending.
Microsoft\Chris: I recall that there was concern
about making such a
change in 1.1
Sun\Ron: Requires a schema change (adding a URI).
Microsoft\Chris: We have made backward compatible
changes to schema.
Sun\Ron: I believe this change can be made in a
similar fashion. I
thought Chris said we weren't releasing a new
Microsoft\Chris: I meant we don't want to break
Contentguard\Thomas: There are different kinds of
schema changes. Adding
elements/attributes to an extensibility point
doesn't necessarily break
something. But if we're adding stuff where there
was no extensibility
point, or removing things then it's not a
Nokia\Frederick: Isn't it valuable to get this
change in sooner rather
BEA\Hal: I agree. It's not clear to me whether
there will be anything
beyond 1.1. So I think it's do it now, or never do
Sun\Ron: I concluded that we weren't making this
level of schema change
Microsoft\Chris: Issue title implies that we are
moving an attribute.
Sun\Ron: Proposal designed to not take anything
away but to make sure
you don't have to use internal overloaded values.
ContentGuard\Thomas: I think there is a disconnect
between what Ron just
said and the latest proposal.
Microsoft\Chris: I'd like to see mocked up
document edits and then we
can see what the changes are and get a feel for
what the impact is (e.g.
will there be possible conflicts if information
appears in two places )
Sun\Ron: I think such a proposal has already been
made. It was only one
or two sentences added. One to advise against the
use of an attribute in
Don: Last meeting everyone agreed this should be
done. Only question was
whether to do it in 1.1 or some later spec.
ContentGuard\Thomas: Reads Ron's e-mail proposal
...Discussion between Ron, Thomas et.al. on what
the proposal says...
ContentGuard\Thomas: Maybe we should write up the
changes required to
each of the token profiles.
Microsoft\Chris: I'd like to see us define what it
means if both
attributes are present.
Sun\Ron: I would say that only one attribute
Microsoft\Chris: But if you only allow one ( the
new one) , how do you
indicate the reference type?
Microsoft\Chris (paraphrasing Ron): If they're
both specified, they must
be consistent, otherwise it's an error.
Sun\Ron: I could go along with that. If you
specify both attributes, the
token type has to be consistent with the value
Microsoft\Chris: I propose we get an updated
proposal sent to the list
that captures the above. I'd like to see us vote
on this at the next
Contentguard\Thomas: I'm not comfortable voting
until I see the changes
to the 1.1 token profiles.
Microsoft\Chris: We don't know that there will be
any impact. If we
decided not to rev the profiles, we can write up
..Some discussion between Chris, Ron and Thomas
about impact and schema
Microsoft\Chris: Ron needs to amend his proposal
as above and to modify
the language so that it doesn't say that the
attribute is deprecated,
but rather is deprecated as a way of indicating
the token type ( rather
than the reference type ).
ACTION: Ron to produce updated proposal. Based on
Contentguard\Thomas: I'm not happy voting on this
until I've seen the
Microsoft\Chris: The TC seems to be OK with having
a vote on the next
call. There may be such a vote.
Microsoft\Vijay: Not yet done.
Microsoft\Chris: Leave 310 open
BEA\Hal: No progress yet
Microsoft\Chris: Leave open
Sun\Ron: Don't want to prohibit ReferenceList.
Agreement was reached but
doc not updated.
Nokia\Frederick: I'll make that update.
Microsoft\Chris: Move to pending.
Microsoft\Chris: 353 is closed ( we have added new
schema elements in
Sun\Ron: I've added text to make the point clear
but apparently is
hasn't helped. I've sent mail to the commentators
but not heard back.
I've fixed the typos.
Microsoft\Chris: Looks like we have a SAML Profile
1.1 ( due to
corrections to typos ).
Sun\Ron: I'm not sure we'd create a 1.1 just for
Sun\Ron: I've prepared a SAML 2.0 profile, I have
a draft that supports
SAML 1.1 and 2.0. I'd like to have that be the
next version of the SAML
BEA\Hal: We should create an 'errata fixed'
document first, then worry
about a second document.
Microsoft\Chris: I don't think there would be
objections to including
SAML 2.0 in a future SAML Token profile.
BEA\Hal: SAML 2.0 will become an OASIS standard
Neustar\Jeff: Still need to figure out how to
deprecate older specs.
Next version of SAML Token Profile should support
1.1 and 2.0, need to
then deprecate the 1.1 only SAML Token Profile
BEA\Hal: Why is it necessary to deprecate the
Neustar\Jeff: Because then people only have to go
to one document to
know about 1.1 and 2.0.
Sun\Ron: Combined document will be the 1.1
document, plus the 2.0 stuff.
If you wanted 1.1 support, you could look at
Microsoft\Chris: Mark 354 as pending. Editors to
create an errata for
SAML 1.1 Token Profile.
ACTION: Editors to create an errata for SAML 1.1
> 7. Interop events status
Microsoft\Chris: One party has an endpoint up, but
no date for event
yet. Gudge is working on a date for the interop
> 8. Remaining business for 2005
IBM\Kelvin: We need to work on the Minimalist
BEA\Hal: Biometric token profile?
Microsoft\Chris: We'd need someone to champion
BEA\Hal: Not clear to me how you use Biometric for
IBM\Kelvin: So current work is 1.1, Kerberos Token
Profile, SWA Profile
and then Minimalist Profile in that order. And
Kerberos completes our
requirements for WS-I BSP.
BEA\Hal: WS-I BSP will probably profile everything
that comes out of
IBM\Kelvin: So that's our work for the first
quarter ish of this year?
BEA\Hal: Well, there are other specs that are in
this space that will be
going into standards orgs at some point.
> 9. Other business
No other business.
> 10. Adjournment
Meeting adjourned at 08:10am PST
To unsubscribe from this mailing list (and be
removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/wss/members/leave_workgroup.php.