OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: OASIS WSS TC Minutes 2005-11-01 (without roll call)

OASIS WSS TC Minutes 2005-11-01

New Action Items


1. Call to order/roll call

<roll call to be provided>

2. Reading/Approving minutes of last meeting (Oct 18th)
[VER 4]
[VER 5]

[VER 5] adopted unanimously.

3. Issues list review

a) Pending Review

Issue 404 - Move to Closed

Issue 439 - Move to Closed

Issue 441 - Move to Closed

Issue 443 - Move to Closed

Issue 445 - Move to Closed

b) Pending (Yellow)

Issue 428 - Move to Pending Review

Issue 431 - Move to Pending Review

Issue 440 - Move to Pending Review

Issue 444 - Done but not yet posted.  Should be done on Nov 1 or Nov 2.
Remains as Pending.

Issue 446 - Move to Pending Review

Issue 449 - Move to Pending Review

FYI the Core Namespace is the following:

Frederick to change the SwA Namespace to be like the Core Namespace (see
above) from:

Related action item for which there was no issue:
AI 2005-10-18-05 Tony to determine correct legal notices text (Mary to
provide this text) and then the other Editor's should adopt the same

Tony: Do SAML and SwA have the correct legal notice text?

Thomas: REL will need to be checked.

Ron: I did not change SAML.  

Frederick: SwA and Tony's docs have the correct text.

Chris: The Editor's need to get the right legal text in SAML and REL

Ron: Is the title of the WSS Core document final as:
"Web Services Security: SOAP Message Security 1.1 (WS-Security 2004)"

Chris: Does anyone think we should change this title.

TC: No response.

Chris: Then the title of the Core spec will NOT be changed.

Ron: Should the copyright be 2002-2005 in all the documents? 

Frederick: In the older documents yes.

Note the Core spec currently says:
>Copyright (C) OASIS Open 2005. All Rights Reserved.
This should be changed to "2002-2005" in Core, X.509, Username, SAML and
This copyright can be "2004-2005" in Kerberos and SwA.
c) Open

Issue 338 - No progress.

Issue 448 - Move to Pending.
Tony agreed to implement the missing three changes.

Issue 450 - Move to Pending
Editor to change: 

a) The [XMLSIG] reference to remove the URI

>[XMLSIG] D. Eastlake, J. R., D. Solo, M. Bartel, J. Boyer , B. Fox , E.
>Signature Syntax and Processing, W3C Recommendation, 12 February 2002.
b) In the Schema file change the URI from the undated reference to the
dated reference for the Feb 2002 document.

Ron: No change need to SAML.

d) Closed

Issue 391 - Abbie will post the [V1] of the document.  

Summary: We have edits pending to all the documents. 

e) New Issues

AI 2005-10-18-03 Ron to raise a new issue to cover his proposal to make
TokenType mandatory in the Kerberos Token Profile. 

After discussion of Ron's proposal the following changes were approved

a) Lines 227-228 (to match value at 220-221):
Change "#Kerberosv5APREQSHA1" to "#Kerberosv5_AP_REQ"

b) Line 160 
Remove "and wsse11:TokenType".

c) Line 161:
Replace "for this token" with "for this attribute".

d) Lines 202-204

Original text:
"When a Kerberos Token is referenced using <wsse:SecurityTokenReference>
@ValueType attribute is not required. If specified, the URI listed above
as Kerberos token type MUST be specified."

Replacement text:
"When a Kerberos Token is referenced using <wsse:SecurityTokenReference>
the @TokenType attribute SHOULD be specified, and its value MUST be the
URI that identifies the Kerberos token type as defined for a
corresponding BinarySecurityToken/@ValueType attribute.  The
Reference/@ValueType attribute is not required. If specified, its value
MUST be equivalent to that of the @TokenType attribute."

Gudge: The sentiment is that the @TokenType attribute is optional but
when it occurs its value must match the value from the table that
defines the values for @ValueType.

Chris: Mark this new issue as Pending.

4. Public review status & outlook for 1.1 final phases

Ron: How will we process the Pending Review items?

Chris: Let's get the documents posted by end of business on Wed Nov 2
and give the TC 24-48 hours to review the Pending Review issues.  Then
we can initiate any votes before the end of the week so we have some
chance to make the monthly OASIS Nov 15 deadline.

Chris: One ballot to make the draft Committee Specifications and the
second ballot is to request standardization by OASIS.

MOVED by Hal Lockhart, seconded Tony Nadalin

The WSS TC approves the submission of the current WSS 1.1 documents as
modified at today's meeting for Committee Specification vote.

WSS TC also requests that the resulting WSS 1.1 Committee Specification
be submitted for OASIS standardization.

Adopted unanimously.

5. Other business


6. Adjournment

The meeting adjourned at 9:00 PDT.


Paul Cotton, Microsoft Canada
17 Eleanor Drive, Nepean, Ontario K2E 6A3
Tel: (613) 225-5445 Fax: (425) 936-7329


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]