[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wss] Minutes v2, 9 August 2005 - with attendance
Please make that "Duane Nickull". Thanks Frederick.Hirsch@nokia.com wrote: > >V2 Added attendance at end. > >Minutes, WSS TC Conference Call, 09 August 2005 >Minute-taker - Frederick Hirsch, Nokia > >We are grateful to Oracle for sponsoring this call > >AI Tony/Dwane Nichols to review Kerberos token profile with respect to >RFC 4120 (and obsoleted RFC 1510). Reference in profile to be updated. > >AI Tony to review text at line 984 in core, see if improvement needed. > >AI Gudge/VJ to add issue to issues list for encrypted key reference >(Corrina issue) > >Agenda: >1. Call to order, roll call > >34 voting members, need 22 - have quorum. > >2. Reading/approving minutes of last meeting (July 26th) [1] No >objections to approving the minutes. Minutes approved. > >3. Issue list review & document status > >One public review comment on public review comment list - regarding RFC. > >Issue list >310 - pending >Frederick - the new text in the latest core WSS draft at line 984 seems >to be unclear. > >Tony to review text. > >334 - pending >Frederick - why don't we include xml:id in the list at line 500. Seems >painful to require all profiles to be updated to support it. > >Xml:id at proposed rec, stays in proposed rec until W3C AC decides to >approve. Closes in September. > >Text in this section does not preclude use of xml:id so no action here >required. > >389 - pending > >403 pending >Changes are in uploaded document > >338 open, no change > >394 - open > >updated status in issues list >Ron had action item to send pointer to document to Abbie - done. > >Gudge sent comment to discussion list >RFC 1510 (Kerver v5) has been obsoleted by RFC 4120 Need to check that >Kerberos token profile does not require adjustment. > >Paul - is RFC 4120 backward compatable? >Gudge - provides more explanation and detail, clarifies aspect of >protocol and intended use, so not clear that it is backward compatible. > >Tony - we've started reviewing these, will look at it. Asks for help >from others on TC. > >AI Tony to drive review of RFCs with respect to Kerberos profile, doing >initial inspected > >Dwane Nichols from Adobe also volunteers to review RFC 4120/RFC 1510 >with respect to Kerberos token profile. > >References in Kerberos token profile should reference correct RFC. > >Open issue on this item. > >Hal - need to decide whether another public review is required, 2 weeks >if so. Only required if substantive changes are made. > >Kelvin - Need to track potential changes to determine what is required. >Paul Cotton - do you think any of the changes so far are technical Hal >Lockhart- yes Paul Cotton - then to be safe, public comment should be >submitted for such changes Tony Nadalin- issues list can be treated as >comments Hal Lockhart - 310, 334, 389, 403 Paul Cotton - for every >substantive public comment we can expect to raise an issue, so issues >list can serve as list of comments/issues. > >Frederick - Jeff Hodges is at Neustar (to answer Hans question) > >4. Interop status for 1.1 > >Gudge >Tony - Oracle, Microsoft, IBM have completed the interop, wrapping up >with fourth party. > >Tony - a few minor issues may result from interop, nothing major. >Gudge - some clarifications, nothing major. > >5. Other business > >Hans - RSA & Verisign would like to work together in OASIS in WSS with a >one-time password profile. >Would like to consider submission - is there interest in the main TC? > >Frederick - asks about IPR implications, appropriate in WSS or new TC >under new IPR policy? > >Hal - asks about openness >Hans - vendor neutral profile, include all existing One time password >(OTP) mechanisms. > >Hal - need an editor and a draft to get started > >Frederick - what are plans for the Minimalist Profile, and how long do >we plan to keep TC running > >Paul - charter enumerates tokens we should profile in WSS, cannot extend >charter. Charter mentions core and 4 profiles. > >Paul - Do we only need 3 to approve adding this, or the whole TC? >Hal - or at least majority? > >Paul - are there others with IPR that need to join TC so that we are >protected? > >Hans - idea is general framework can support variety of methods, which >might have IPR, but not in the general framework > >Hal - not sure TC should do this. > >Chris - SwA is about interpretation of security header in specific >scenario - input document talked about attachments, took out of 1.0, but >addressed in 1.1 which original input document in charter had >considered, so was in scope. > >Charter: >http://www.oasis-open.org/committees/wss/charter.php > >Don - charter mentions initial work, not too narrow. > >Ron - can be considered related to password derived key work, so can >consider close to the work already done > >Kelvin - is there more you could share so TC can evaluate it for TC >consideration. > >Simon Chang/Tibco - interested in seeing more detail > >Hans - will send more information to list > >Additional public review comment >Corinna - sent comment to TC rather than public list - comment on >encrypted key reference. Should be added to issue list and public review >comments. > >Gudge - need to clarify what to add to issues list, not clear what to >add > >See >http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200507/m >sg00041.html > >http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200507/m >sg00040.html > >http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200507/m >sg00039.html > >Add issue to issue list. Not all agree there is an issue, but can close >if we agree. > >AI Gudge/VJ to add issue to issues list for encrypted key reference. > >Hal - will sponsor teleconference 6 Sept, 18 Oct. > >Chairs request additional volunteers to provide teleconference bridges. > >6. Adjournment > >[1] http://lists.oasis-open.org/archives/wss/200507/msg00042.html > >--- > >Attendance of voting members > >Maneesh Sahu, Actional Corporation >Gene Thurston, AmberPoint >Hal Lockhart, BEA Systems, Inc. >Denis Pilipchuk, BEA Systems, Inc. >Corinna Witt, BEA Systems, Inc. >Steve Anderson, BMC Software >Rich Levinson, Computer Associates >Thomas DeMartini, ContentGuard >Toshihiro Nishimura, Fujitsu Limited >Kefeng Chen, GeoTrust >Irving Reid, Hewlett-Packard >Derek Fu, IBM >Kelvin Lawrence, IBM >Mike McIntosh, IBM >Anthony Nadalin, IBM >Nataraj Nagaratnam, IBM >Kojiro Nakayama, Hitachi >Don Flinn, Individual >Kate Cherry, Lockheed Martin >Paul Cotton, Microsoft Corporation >Martin Gudgin, Microsoft Corporation >Chris Kaler, Microsoft Corporation >Frederick Hirsch, Nokia Corporation >Abbie Barbir, Nortel >Vamsi Motukuru, Oracle Corporation >Prateek Mishra, Oracle Corporation >Ben Hammond, RSA Security >Rob Philpott, RSA Security >Blake Dournaee, Sarvega >Pete Wenzel, SeeBeyond >Ronald Monzillo, Sun Microsystems >Symon Chang, TIBCO Software, Inc. >John Weiland, US Dept of the Navy >Hans Granqvist, VeriSign > >Prospective Voting Members Attendance > >John Linn, RSA Security >Maryann Hondo, IBM >Duane Nickull, Adobe > >--------------- > >--------------------------------------------------------------------- >To unsubscribe from this mail list, you must leave the OASIS TC that >generates this mail. You may a link to this group and all your TCs in OASIS >at: >https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]