wss message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Minutes WSS TC 5-31-2005
- From: "Weiland, John R. NMIMC GS" <JRWeiland@US.MED.NAVY.MIL>
- To: 'Kelvin Lawrence' <klawrenc@us.ibm.com>, wss@lists.oasis-open.org
- Date: Thu, 2 Jun 2005 03:22:05 -0400
Tuesday May 31, 2005
Meeting called to Order Kelvin
Lawrence, IBM, presided as chair,
John Weiland, US Navy, was minute
taker.
Attendance of Voting
Members
Maneesh Sahu Actional Corporation
Hal Lockhart BEA Systems,
Inc.
Steve Anderson BMC Software
Thomas DeMartini ContentGuard
Carolina
Canales-Valenzuela Ericsson
Dana Kaufman Forum Systems, Inc.
Toshihiro
Nishimura Fujitsu Limited
Kefeng Chen GeoTrust
Hans Granqvist
GeoTrust
Irving Reid Hewlett-Packard
Derek Fu IBM
Kelvin Lawrence
IBM
Mike McIntosh IBM
Anthony Nadalin IBM
Nataraj Nagaratnam IBM
Ron
Williams IBM
Don Flinn Individual
Paul Cotton Microsoft
Corporation
Vijay Gajjala Microsoft Corporation
Chris Kaler Microsoft
Corporation
Jeff Hodges NeuStar, Inc.
Abbie Barbir Nortel
Vamsi
Motukuru Oracle Corporation
Prateek Mishra Principal Identity
Martijn de
Boer SAP
Blake Dournaee Sarvega
Coumara Radja Sarvega
Ronald Monzillo
Sun Microsystems
Jan Alexander Systinet
Symon Chang TIBCO Software,
Inc.
John Weiland US Dept of the Navy
Attendance of Non-Voting
Members
Denis Pilipchuk BEA
Membership Status Changes
Denis
Pilipchuk BEA - Approved for membership 5/5/2005
Maryann Hondo IBM - Lost
voting status after 5/31/2005 call
Kate Cherry Lockheed Martin - Lost voting
status after 5/31/2005 call
30 in attendance out of
42. 22 are required for quorum.
No objections to approving minutes
accepted unanimously.
Issues
List:
Pending Issues:
Status: Closed 357 - Need a Token Type URI in
SAML token profile - Pending for a
couple of weeks, no objections
raised.
Status: Closed 377 - xenc:Reference List SwA
comment
- Already in Draft 19, Frederick is out today.
Status:
Closed 379 - Kerberos TP: Use Kerberos V GSS-API mechanism - Already
in Kerberos Token
Profile
Status: Closed 380 - Kerberos TP: Service principal
names
- Old comment from Hal, who is Ok with it.
380 381 and 382 changes rolled in and published prior to last call
Status:
Closed 381 Kerberos TP: Session key negotiation and key
re-use
Status: Closed 382 Kerberos TP: Replay protection and
mutual authentication - Action to Vijay to reference other mutual authentication
related issue.
Status: Pending 384 Kerberos TP: Channel Binding - Tony has
action to fold into document and publish.
Status: Pending 385 Kerberos TP:
References to obsolete
documents
- Already in latest revision
Status: Closed 386 + 387 Kerberos
TP: Repeat symmetric encryption requirement from Section 3.5 in Section 3.4? -
Published prior to last meeting both moved to closed
Status:
Closed 388 Editorial Comments on Username Token
1.1
- Pending review for some time
Status: Closed 390 Section
Numbering
issue
- Pending review for some time
Status: Closed 391 Tracking
incorporation of SAML
2.0
- Action to follow-up with Ron Monzillo to SSTC
Status: Closed 392 URI
error in Kerberos
Profile
- Published prior to last call closed with no objections
Open
issues:
Status: Open 338 Proposed new
work WSS Templates - No Change
Status: Pending 364 SWA profile: Can XML
attachments be XML canonicalized and used in conjunction with SwA profile? -
Requires review
Status: Pending 370 SWA profile: Add processing
rules/guidance for SOAP and MIME intermediaries - Requires review
Status:
Open 378 Deprecating or otherwise superceding documents
-Kelvin and Paul Cotton will follow up for this TC, Hal will work issue in
stealth mode
Status: Closed 389 ID Clash case email sent on 17th some
follow up emails and discussions. Action to Editors to make change
-http://lists.oasis-open.org/archives/wss/200505/msg00082.html
Michael McIntosh wrote: Thu,
26 May 2005 09:05:15 -0400
Since every WSS implementation, regardless of
what STs it supports, must know that wsu:Id, xenc:*/ID, and ds:*/ID attributes
are of ID type the
WSS Core can say:
The wsse:Security processing
MUST check for duplicate values from among
the set of wsu:Id, xenc:*/ID, and
ds:*/ID attributes.
The SAML Token Profile can
say:
The wsse:Security processing MUST check for duplicate values from among
the set of wsu:Id, saml:AssertionID, xenc:*/ID, and ds:*/ID
attributes.
Since we'd like the WSS processing
to also check any other ID values too, the
WSS Core can say:
The
wsse:Security processing SHOULD check for duplicate values from among
the
set of ID attributes that it is aware of.
The wsse:Security processing MUST
generate a fault if a duplicate ID value
is detected.
Status: Open
393 URI error in Kerberos Profile Update Contributor's list - Action item for
Hans
Status: Open 394 Interop document for SAML 2.0 -
Ron Monzillo can create proposal for scenario. Volunteers to create
scenarios can do so on the mailing list.
Status: Closed 395 Write
a proposal on backward compatibility closed proposal to not add to code. - Note
sent out to TC by Gudge. Ron raised a question about must generate to the
mailing list inspired by this issue. He wanted to be sure everyone was
clear about the language being proposed. Action was to produce proposal
for addition to Core, but issues were judged to be more informational rather
than Normative. No changes are to be made to Core, it will remain in
the email archive.
Status: Open 396 Mutual auth in
Kerberos - pending follow up with Tony
Status: Pending 397 Editors to label
SwA, Kerberos, UserName, X509, Core, Rel, SAML 2.0 documents to 1.1 - in draft
posted yesterday pending review.
Status: Pending 398 Missing
/wsse:Security/@S11:MustUnderstand - in draft posted yesterday pending
review.
Status: Open 399 Recently discover WSS
security threat - Hal and Mike take for action a security consideration that
highlights the issue.
Status: Pending 400 Revisit of the proposed changes
relating to EncryptedHeader 1653 through 1655 be removed pending assigned to
editors
Document
Status:
Will any of the seven documents be in votable status by next
meeting? SwA has no open issues, Kerberos has one open and one unknown,
core has a couple of small changes, and SAML was just posted. A formatting
question was raised as to whether the correct templates were used.
We expect to have a vote next
meeting. June 14th. Vote will be done early in the meeting, if at all
possible, in consideration of TC members dialing in long distance from
Amsterdam.
Kerberos:
No
additional status IBM and Microsoft has had a successful interop, issues
were rolled into profile. Profile is ready pending any additional interest
from the mailing list. Vijay will post.
Meeting adjourned.
Respectfully
Submitted,
John R.
Weiland
Information Technology Specialist
GS 2210
(APPSW) Code 07 Navy Medicine
OnLine
Naval Medical
Information Mngmt Cntr
Bldg 27
8901 Wisconsin Ave
Bethesda, Md. 20889-5605
301-319-1159
JRWeiland@us.med.navy.mil
http://navymedicine.med.navy.mil
"GIVE ME A
PLACE TO STAND AND I WILL MOVE THE EARTH"
A remark of Archimedes quoted by
Pappus of Alexandria
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]