OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes WSS TC 5-31-2005

Tuesday May 31, 2005
 
Meeting called to Order Kelvin Lawrence, IBM, presided as chair,
John Weiland, US Navy, was minute taker.
 
Attendance of Voting Members
Maneesh Sahu Actional Corporation
Hal Lockhart BEA Systems, Inc.
Steve Anderson BMC Software
Thomas DeMartini ContentGuard
Carolina Canales-Valenzuela Ericsson
Dana Kaufman Forum Systems, Inc.
Toshihiro Nishimura Fujitsu Limited
Kefeng Chen GeoTrust
Hans Granqvist GeoTrust
Irving Reid Hewlett-Packard
Derek Fu IBM
Kelvin Lawrence IBM
Mike McIntosh IBM
Anthony Nadalin IBM
Nataraj Nagaratnam IBM
Ron Williams IBM
Don Flinn Individual
Paul Cotton Microsoft Corporation
Vijay Gajjala Microsoft Corporation
Chris Kaler Microsoft Corporation
Jeff Hodges NeuStar, Inc.
Abbie Barbir Nortel
Vamsi Motukuru Oracle Corporation
Prateek Mishra Principal Identity
Martijn de Boer SAP
Blake Dournaee Sarvega
Coumara Radja Sarvega
Ronald Monzillo Sun Microsystems
Jan Alexander Systinet
Symon Chang TIBCO Software, Inc.
John Weiland US Dept of the Navy
 
Attendance of Non-Voting Members
Denis Pilipchuk BEA
 
Membership Status Changes
Denis Pilipchuk BEA - Approved for membership 5/5/2005
Maryann Hondo IBM - Lost voting status after 5/31/2005 call
Kate Cherry Lockheed Martin - Lost voting status after 5/31/2005 call
 
30 in attendance out of 42.   22 are required for quorum.
 
No objections to approving minutes accepted unanimously.
 
Issues List:
             Pending Issues:
Status: Closed   357 - Need a Token Type URI in SAML token profile        - Pending for a couple of weeks, no objections raised.                    
Status: Closed   377 - xenc:Reference List SwA comment                             - Already in Draft 19, Frederick is out today.  
Status: Closed   379 - Kerberos TP: Use Kerberos V GSS-API mechanism - Already in Kerberos Token Profile              
Status: Closed   380 - Kerberos TP: Service principal names                        - Old comment from Hal, who is Ok with it. 
                                 380 381 and 382 changes rolled in and published prior to last call
Status: Closed   381 Kerberos TP: Session key negotiation and key re-use
Status: Closed   382 Kerberos TP: Replay protection and mutual authentication - Action to Vijay to reference other mutual authentication related issue.
Status: Pending 384 Kerberos TP: Channel Binding - Tony has action to fold into document and publish.
Status: Pending 385 Kerberos TP: References to obsolete documents                  - Already in latest revision
Status: Closed   386 + 387 Kerberos TP: Repeat symmetric encryption requirement from Section 3.5 in Section 3.4? - Published prior to last meeting both moved to closed
Status: Closed   388 Editorial Comments on Username Token 1.1                 - Pending review for some time
Status: Closed   390 Section Numbering issue                                                  - Pending review for some time
Status: Closed   391 Tracking incorporation of SAML 2.0                              - Action to follow-up with Ron Monzillo to SSTC
Status: Closed  392 URI error in Kerberos Profile                                          - Published prior to last call closed with no objections
 
          Open issues:
Status: Open     338  Proposed new work  WSS Templates - No Change
Status: Pending 364 SWA profile: Can XML attachments be XML canonicalized and used in conjunction with SwA profile? - Requires review
Status: Pending 370 SWA profile: Add processing rules/guidance for SOAP and MIME intermediaries - Requires review
Status: Open     378 Deprecating or otherwise superceding documents -Kelvin and Paul Cotton will follow up for this TC, Hal will work issue in stealth mode
Status: Closed  389 ID Clash case email sent on 17th some follow up emails and discussions.  Action to Editors to make change -http://lists.oasis-open.org/archives/wss/200505/msg00082.html
 
 Michael McIntosh wrote: Thu, 26 May 2005 09:05:15 -0400
Since every WSS implementation, regardless of what STs it supports, must know that wsu:Id, xenc:*/ID, and ds:*/ID attributes are of ID type the 
WSS Core can say:
The wsse:Security processing MUST check for duplicate values from among
the set of wsu:Id, xenc:*/ID, and ds:*/ID attributes.
 
The SAML Token Profile can say:
The wsse:Security processing MUST check for duplicate values from among
the set of wsu:Id, saml:AssertionID, xenc:*/ID, and ds:*/ID attributes.
 
Since we'd like the WSS processing to also check any other ID values too, the
 
WSS Core can say:
The wsse:Security processing SHOULD check for duplicate values from among
the set of ID attributes that it is aware of.
The wsse:Security processing MUST generate a fault if a duplicate ID value
is detected.
 
Status: Open     393 URI error in Kerberos Profile Update Contributor's list - Action item for Hans
Status: Open     394 Interop document for SAML 2.0 - Ron Monzillo can create proposal for scenario.  Volunteers to create scenarios can do so on the mailing list.
Status: Closed   395 Write a proposal on backward compatibility closed proposal to not add to code. - Note sent out to TC by Gudge.  Ron raised a question about must generate to the mailing list inspired by this issue.  He wanted to be sure everyone was clear about the language being proposed.  Action was to produce proposal for addition to Core, but issues were judged to be more informational rather than Normative.   No changes are to be made to Core, it will remain in the email archive.
Status: Open     396 Mutual auth in Kerberos - pending follow up with Tony
Status: Pending 397 Editors to label SwA, Kerberos, UserName, X509, Core, Rel, SAML 2.0 documents to 1.1 - in draft posted yesterday pending review.
Status: Pending 398 Missing /wsse:Security/@S11:MustUnderstand - in draft posted yesterday pending review.
Status: Open     399 Recently discover WSS security threat - Hal and Mike take for action a security consideration that highlights the issue.
Status: Pending 400 Revisit of the proposed changes relating to EncryptedHeader 1653 through 1655 be removed pending assigned to editors
 
     Document Status:
Will any of the seven documents be in votable status by next meeting?  SwA has no open issues, Kerberos has one open and one unknown, core has a couple of small changes, and SAML was just posted.  A formatting question was raised as to whether the correct templates were used.
 
We expect to have a vote next meeting. June 14th.  Vote will be done early in the meeting, if at all possible, in consideration of TC members dialing in long distance from Amsterdam.
 
    Kerberos:
No additional status  IBM and Microsoft has had a successful interop, issues were rolled into profile.  Profile is ready pending any additional interest from the mailing list.  Vijay will post.
 
Meeting adjourned.
Respectfully Submitted,

John R. Weiland
Information Technology Specialist
GS 2210 (APPSW) Code 07 Navy Medicine OnLine

Naval Medical Information Mngmt Cntr
Bldg 27
8901 Wisconsin Ave
Bethesda, Md. 20889-5605

301-319-1159
JRWeiland@us.med.navy.mil
http://navymedicine.med.navy.mil
"GIVE ME A PLACE TO STAND AND I WILL MOVE THE EARTH"
A remark of Archimedes quoted by Pappus of Alexandria


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]