OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [VER 5] OASIS WSS TC Minutes 2005-10-18


OASIS WSS TC Minutes 2005-10-18

[VER 5]
1. Changed date of meeting to Oct 18.  Renumbered action items.  Added one missed action item to list at top of minutes.
[VER 4]
1. Replaced roll call with information supplied by TC Secretary.
[VER 3]
1. Add Jan Alexander to roll call.
[VER 2]
1. Added roll call.

New Action Items

AI 2005-10-18-01 Gudge to work with Tony to add Issue 446 clarifications
to WSS 1.1 Core specification.

AI 2005-10-18-02 Frederick to review the resolution of Issue 334 and
whether his proposed text was adopted and possibly not implemented.

AI 2005-10-18-03 Ron to raise a new issue to cover his proposal to make
TokenType mandatory in the Kerberos Token Profile.

AI 2005-10-18-04 Editors to finalize namespace, schema file and document
URIs in the next version of the documents provided to the TC.

AI 2005-10-18-05 Tony to determine correct legal notices text (Mary to
provide this text) and then the other Editor's should adopt the same
text.

> 1. Call to order/roll call

40 voting members, 20 required for quorum, at least 28 members present.

Present:
Voting Members
Maneesh         Sahu                    Actional Corporation
Gene            Thurston                AmberPoint
Hal             Lockhart                BEA Systems, Inc.
Denis           Pilipchuk               BEA Systems, Inc.
Corinna         Witt                    BEA Systems, Inc.
Rich            Levinson                Computer Associates
Thomas          DeMartini               ContentGuard
Carolina        Canales-Valenzuela      Ericsson
Dana            Kaufman                 Forum Systems, Inc.
Toshihiro       Nishimura               Fujitsu Limited
Kefeng          Chen                    GeoTrust
Irving          Reid                    Hewlett-Packard
Kojiro          Nakayama                Hitachi
Kelvin          Lawrence                IBM
Mike            McIntosh                IBM
Anthony         Nadalin                 IBM
Ron             Williams                IBM
Don             Flinn                   Individual
Paul            Cotton                  Microsoft Corporation
Vijay           Gajjala                 Microsoft Corporation
Martin          Gudgin                  Microsoft Corporation
Chris           Kaler                   Microsoft Corporation
Frederick       Hirsch                  Nokia Corporation
Abbie           Barbir                  Nortel
Prateek         Mishra                  Oracle Corporation
Vamsi           Motukuru                Oracle Corporation
Ben             Hammond                 RSA Security
Rob             Philpott                RSA Security
Martijn         de Boer                 SAP
Pete            Wenzel                  SeeBeyond
Ronald          Monzillo                Sun Microsystems
Will            Raymond                 Tibco
Hans            Granqvist               VeriSign

Members
Blake           Dournaee                Sarvega
Mike           Rudolph                  Wells Fargo
Jan             Alexander               Microsoft

Status Changes
Regained Voting Status after 10/18 meeting

Carolina        Canales-Valenzuela Ericsson

Lost Voting Status after 10/18 meeting

Maryann         Hondo              IBM

> 2. Reading/Approving minutes of last meeting (Oct 4th) [1]
[1]  http://lists.oasis-open.org/archives/wss/200510/msg00033.html

Minutes adopted unanimously.

> 3. Issues list review
http://www.oasis-open.org/apps/org/workgroup/wss/download.php/14858/OASI
S%20Web%20Services%20Security%20Issues%20List%2078.htm

a) Pending Review

Issue 405 - Move to Closed.

b) Pending (Yellow)

Issue 404 - Move to Pending Review. 
See correction in Oct 18 Kerberos profile document:
http://www.oasis-open.org/apps/org/workgroup/wss/download.php/14951/wss-
v1.1-spec-draft-KerberosTokenProfile-01.pdf

Later in the meeting Ron M pointed the TC to his message:
http://lists.oasis-open.org/archives/wss/200509/msg00082.html
and asked if this part of the thread was still outstanding?

Ron proposed that in most recent Kerberos TP document:
http://www.oasis-open.org/committees/download.php/14864/wss-v1.1-spec-dr
aft-KerberosTokenProfile-01.pdf
line 153-154 should be changed (<new text>:

"When using this element, the @ValueType attribute MUST be specified
<and the @TokenType MUST be specified>.

Tony N feels that this could break WSS 1.0 implementations.

AI 2005-10-18-03 Ron to raise a new issue to cover his proposal to make
TokenType mandatory in the Kerberos Token Profile.

Issue 439 - Move to Pending Review.

Issue 443 - Move to Pending Review.

Issue 445 - Move to Pending Review.

c) Open

Issue 338 - No change.

Issue 429 - No objections to closing issue as per Gudge's email:
http://lists.oasis-open.org/archives/wss/200510/msg00038.html

Issue 431 -  Move to Pending (for Part 2).
Part 1 - PKIPath is already done.  See:
http://lists.oasis-open.org/archives/wss/200510/msg00029.html
Part 2 - Proposal from Vijay:
http://lists.oasis-open.org/archives/wss/200510/msg00043.html
Adopted unanimously.

Issue 435 - Duplicate of 431 (both parts).  See above.  Closed.

Issue 440 - No objections to changes proposed in msg00061.  Move to
Pending.
http://lists.oasis-open.org/archives/wss/200509/msg00047.html 
See proposal in:
http://lists.oasis-open.org/archives/wss/200509/msg00061.html

Issue 441 (Editorial) - Move to Pending Review.

Issue 444 - Move to Pending.
See Thomas's history in:
http://lists.oasis-open.org/archives/wss/200510/msg00037.html
The TC wants to ensure that the changes in
[4] http://lists.oasis-open.org/archives/wss/200503/msg00025.html
are reflected in a revised erratum document.  This subsumes the change
adopted at the Oct 4 meeting.

Issue 446 - Move to Pending.
See Gudge's email:
http://lists.oasis-open.org/archives/wss/200510/msg00044.html
No objection to using Gudge's answers A1 and A4 to clarify the Core
specification. 

AI 2005-10-18-01 Gudge to work with Tony to add Issue 446 clarifications
to WSS 1.1 Core specification.

Issue 447 - Move to Closed.
Prateek Mishra's issue re 1.1 Interop:
http://lists.oasis-open.org/archives/wss/200509/msg00035.html
Gudge's reply:
http://lists.oasis-open.org/archives/wss/200509/msg00039.html

Prateek would like the Core spec to not be silent about the use of the
wsse11:EncryptedHeader/xenc:EncryptedData/@Type attribute.

Paul moved, Gudge seconded to resolve Issue 447 with no change to the
Core specification. 

Adopted unanimously.

Prateek volunteered to check if there are other implementations that
mandate the presence of the
wsse11:EncryptedHeader/xenc:EncryptedData/@Type attribute.

d) Closed

Issue 334 - Frederick expressed concern if the necessary changes had
been made for this Issue.
See line 501 to most recent Core specification
http://www.oasis-open.org/committees/download.php/14865/wss-v1.1-spec-dr
aft-SOAPMessageSecurity-01.pdf

AI 2005-10-18-02 Frederick to review the resolution of Issue 334 and
whether his proposed text was adopted and possibly not implemented.

Issue 428 - Move to Pending.

Thomas asked if the more recent email on Issue 428 was going to cause it
to be re-opened.  See the thread related to:
http://lists.oasis-open.org/archives/wss/200510/msg00019.html

Thomas's original proposal in August was never dealt with:
http://lists.oasis-open.org/archives/wss/200508/msg00049.html

The clarification proposal changes the following text in the Core spec:

"This optional attribute specifies an abstract URI for {where to find} a
security token. If a fragment is specified, then it indicates the local
ID of the [security] token being referenced. [The URI MUST identify a
security token.  The URI MUST NOT identify a wsse:SecurityTokenReference
element, a wsse:Embedded element, a wsse:Reference element, or a
wsse:KeyIdentifier element.]"

Adopted unanimously.

Editors to make above change (note it was based on an August version of
the Core spec).

> 4. Public review status & outlook for 1.1 final phases

Vijay and Gudge have been maintaining a running list of responses for
the public comments and will make this available when we have the final
documents.

Frederick asked about the legal text for the documents:
http://lists.oasis-open.org/archives/wss/200510/msg00040.html

AI 2005-10-18-05 Tony to determine correct legal notices text (Mary to
provide this text) and then the other Editor's should adopt the same
text.

All issues are in Pending or Pending Review (except for the two actions
items on Frederick and Ron). 

Chris Kaler expressed opinion that none of the changes would require
another public review or more interop.    No objections to NOT having
another public review.

Gudge asked if we could get the URIs for the specs finalized.  Mary
stated that the TAB felt there were no current rules on the form of the
URIs.   Each TC is permitted to decide the URI form they prefer to use.

Chris asked the TC if dropping the "2005/xx" in the URIs was acceptable.
No objections to the Editor's doing this for the next documents.

Tony noted that the 1.0 URIs do not change. 

The Editors can get rid of the OASIS identifier in the URIs.

AI 2005-10-18-04 Editors to finalize namespace, schema file and document
URIs in the next version of the documents provided to the TC.

There was some reluctance to vote on the new documents before the next
TC meeting so it was agreed that the Editor's should produce new
documents before the next meeting and we would hold an electronic ballot
for advancement to Committee Specification and a request for OASIS
standardization after the Nov 1 meeting.  Doing this immediately after
the Nov 1 meeting might permit the TC to make its request before the Nov
15 OASIS deadline.

> 5. Other business

None.

> 6. Adjournment

The meeting adjourned at 9:05am PDT.

/paulc

Paul Cotton, Microsoft Canada
17 Eleanor Drive, Nepean, Ontario K2E 6A3
Tel: (613) 225-5445 Fax: (425) 936-7329
mailto:Paul.Cotton@microsoft.com



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]