RE: [wss] New Profiles

["Philpott, Robert" <rphilpott@rsasecurity.com>]

To what is this (proposed) motion being directed?

Are you proposing a modification to the WSS charter to state this?

It is the charter and scope of a TC along with the OASIS TC Process that
guides what the TC can and can't do.  If you aren't targeting this as
input to a charter clarification, I do not understand the context under
which to consider it.

Rob Philpott
Senior Consulting Engineer
RSA Security Inc.
Tel: 781-515-7115
Mobile: 617-510-0893
Fax: 781-515-7020
Email: rphilpott@rsasecurity.com
I-name:  =Rob.Philpott


> -----Original Message-----
> From: DeMartini, Thomas [mailto:Thomas.DeMartini@CONTENTGUARD.COM]
> Sent: Tuesday, September 20, 2005 2:51 PM
> To: flinn@alum.mit.edu; wss@lists.oasis-open.org
> Subject: RE: [wss] New Profiles
> 
> Is your intent with this motion to prohibit other standards
> organizations from defining profiles?
> 
> I think saying all token profiles have to be standardized in OASIS
would
> be like W3C saying all soap headers have to be standardized in W3C.
> 
> I don't have any problems with us officially shutting the door on the
> work this TC will perform, but I don't think we should shut the door
on
> the work other people outside OASIS will perform.
> 
> Accordingly, I suggest amending the motion to
> "Any additional profiles other than those currently contained within
the
> 1.0 and 1.1 WSS specification be developed external to the WSS TC."
> or
> "The WSS TC will not develop any new profiles beyond those contained
> within 1.0 and the current draft of 1.1."
> 
> &Thomas.
> 
> ] -----Original Message-----
> ] From: Don Flinn [mailto:flinn@alum.mit.edu]
> ] Sent: Tuesday, September 20, 2005 10:23 AM
> ] To: wss@lists.oasis-open.org
> ] Subject: [wss] New Profiles
> ]
> ] When we wisely decided that tokens would be specified by separate
> ] documents we did not, unwisely :-), explicitly determine whether new
> ] profiles would be developed under this TC or under a new TC.  The
> ] OTP-Token is one of probably many additional new token profiles.  I
> ] would like to propose, for discussion, the following motion:
> ]
> ] "Any additional profiles other than those currently contained within
> the
> ] 1.0 and 1.1 WSS specification be developed within an OASIS TC other
> than
> ] the existing WSS TC."
> ]
> ] I realize that this is a larger issue than that of the OTP-Token
> ] proposal, but closing this hole will, as a side effect, resolve the
> ] OTP-Token issue.
> ]
> ] However, this raises another issue.  Who or what controls what new
> ] profiles will be incorporated into the WSS protocol?  Should the WSS
> TC
> ] have approval of any new profiles developed by the new TCs or should
> any
> ] profile that gains OASIS status be accepted as a legitimate WSS
> profile.
> ] Since any OASIS member, including WSS TC members, may vote, raise
> issues
> ] and comment on the acceptance of new profiles, I believe that this
> would
> ] be sufficient oversight.
> ]
> ] Don
> ]
> ]
> ] --
> ] Don Flinn, President
> ] Flint Security LLC
> ] Tel: 781-856-7230
> ] FAX: 781-631-7693
> ] email: flinn@alum.mit.edu
> ] http://www.flintsecurity.com
> ]
> ]
> ]
---------------------------------------------------------------------
> ] To unsubscribe from this mail list, you must leave the OASIS TC that
> ] generates this mail.  You may a link to this group and all your TCs
in
> ] OASIS
> ] at:
> ]
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  You may a link to this group and all your TCs in
> OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php