[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes v2, 9 August 2005 - with attendance
V2 Added attendance at end. Minutes, WSS TC Conference Call, 09 August 2005 Minute-taker - Frederick Hirsch, Nokia We are grateful to Oracle for sponsoring this call AI Tony/Dwane Nichols to review Kerberos token profile with respect to RFC 4120 (and obsoleted RFC 1510). Reference in profile to be updated. AI Tony to review text at line 984 in core, see if improvement needed. AI Gudge/VJ to add issue to issues list for encrypted key reference (Corrina issue) Agenda: 1. Call to order, roll call 34 voting members, need 22 - have quorum. 2. Reading/approving minutes of last meeting (July 26th) [1] No objections to approving the minutes. Minutes approved. 3. Issue list review & document status One public review comment on public review comment list - regarding RFC. Issue list 310 - pending Frederick - the new text in the latest core WSS draft at line 984 seems to be unclear. Tony to review text. 334 - pending Frederick - why don't we include xml:id in the list at line 500. Seems painful to require all profiles to be updated to support it. Xml:id at proposed rec, stays in proposed rec until W3C AC decides to approve. Closes in September. Text in this section does not preclude use of xml:id so no action here required. 389 - pending 403 pending Changes are in uploaded document 338 open, no change 394 - open updated status in issues list Ron had action item to send pointer to document to Abbie - done. Gudge sent comment to discussion list RFC 1510 (Kerver v5) has been obsoleted by RFC 4120 Need to check that Kerberos token profile does not require adjustment. Paul - is RFC 4120 backward compatable? Gudge - provides more explanation and detail, clarifies aspect of protocol and intended use, so not clear that it is backward compatible. Tony - we've started reviewing these, will look at it. Asks for help from others on TC. AI Tony to drive review of RFCs with respect to Kerberos profile, doing initial inspected Dwane Nichols from Adobe also volunteers to review RFC 4120/RFC 1510 with respect to Kerberos token profile. References in Kerberos token profile should reference correct RFC. Open issue on this item. Hal - need to decide whether another public review is required, 2 weeks if so. Only required if substantive changes are made. Kelvin - Need to track potential changes to determine what is required. Paul Cotton - do you think any of the changes so far are technical Hal Lockhart- yes Paul Cotton - then to be safe, public comment should be submitted for such changes Tony Nadalin- issues list can be treated as comments Hal Lockhart - 310, 334, 389, 403 Paul Cotton - for every substantive public comment we can expect to raise an issue, so issues list can serve as list of comments/issues. Frederick - Jeff Hodges is at Neustar (to answer Hans question) 4. Interop status for 1.1 Gudge Tony - Oracle, Microsoft, IBM have completed the interop, wrapping up with fourth party. Tony - a few minor issues may result from interop, nothing major. Gudge - some clarifications, nothing major. 5. Other business Hans - RSA & Verisign would like to work together in OASIS in WSS with a one-time password profile. Would like to consider submission - is there interest in the main TC? Frederick - asks about IPR implications, appropriate in WSS or new TC under new IPR policy? Hal - asks about openness Hans - vendor neutral profile, include all existing One time password (OTP) mechanisms. Hal - need an editor and a draft to get started Frederick - what are plans for the Minimalist Profile, and how long do we plan to keep TC running Paul - charter enumerates tokens we should profile in WSS, cannot extend charter. Charter mentions core and 4 profiles. Paul - Do we only need 3 to approve adding this, or the whole TC? Hal - or at least majority? Paul - are there others with IPR that need to join TC so that we are protected? Hans - idea is general framework can support variety of methods, which might have IPR, but not in the general framework Hal - not sure TC should do this. Chris - SwA is about interpretation of security header in specific scenario - input document talked about attachments, took out of 1.0, but addressed in 1.1 which original input document in charter had considered, so was in scope. Charter: http://www.oasis-open.org/committees/wss/charter.php Don - charter mentions initial work, not too narrow. Ron - can be considered related to password derived key work, so can consider close to the work already done Kelvin - is there more you could share so TC can evaluate it for TC consideration. Simon Chang/Tibco - interested in seeing more detail Hans - will send more information to list Additional public review comment Corinna - sent comment to TC rather than public list - comment on encrypted key reference. Should be added to issue list and public review comments. Gudge - need to clarify what to add to issues list, not clear what to add See http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200507/m sg00041.html http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200507/m sg00040.html http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200507/m sg00039.html Add issue to issue list. Not all agree there is an issue, but can close if we agree. AI Gudge/VJ to add issue to issues list for encrypted key reference. Hal - will sponsor teleconference 6 Sept, 18 Oct. Chairs request additional volunteers to provide teleconference bridges. 6. Adjournment [1] http://lists.oasis-open.org/archives/wss/200507/msg00042.html --- Attendance of voting members Maneesh Sahu, Actional Corporation Gene Thurston, AmberPoint Hal Lockhart, BEA Systems, Inc. Denis Pilipchuk, BEA Systems, Inc. Corinna Witt, BEA Systems, Inc. Steve Anderson, BMC Software Rich Levinson, Computer Associates Thomas DeMartini, ContentGuard Toshihiro Nishimura, Fujitsu Limited Kefeng Chen, GeoTrust Irving Reid, Hewlett-Packard Derek Fu, IBM Kelvin Lawrence, IBM Mike McIntosh, IBM Anthony Nadalin, IBM Nataraj Nagaratnam, IBM Kojiro Nakayama, Hitachi Don Flinn, Individual Kate Cherry, Lockheed Martin Paul Cotton, Microsoft Corporation Martin Gudgin, Microsoft Corporation Chris Kaler, Microsoft Corporation Frederick Hirsch, Nokia Corporation Abbie Barbir, Nortel Vamsi Motukuru, Oracle Corporation Prateek Mishra, Oracle Corporation Ben Hammond, RSA Security Rob Philpott, RSA Security Blake Dournaee, Sarvega Pete Wenzel, SeeBeyond Ronald Monzillo, Sun Microsystems Symon Chang, TIBCO Software, Inc. John Weiland, US Dept of the Navy Hans Granqvist, VeriSign Prospective Voting Members Attendance John Linn, RSA Security Maryann Hondo, IBM Duane Nickull, Adobe ---------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]