[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: WSS Minutes 21 March 06 - v2
WSS TC bi-weekly call Minutes taken by Frederick Hirsch v2 - added attendance. Date: Tuesday, 21 March 2006 Time: 07:00am - 09:00am PT We are grateful to IBM for sponsoring this call Attendance list at end. Agenda: 1. Call to order/roll call Quorum achieved. (22 of 32 present) (Note: Dr Kefeng Chen, Geotrust entered twice in roster due to signing membership agreement, so OASIS needs to update this Kavi record) 2. Reading/Approving minutes of last meeting 21st February(2006) [1] Minutes approved without objection. 3. SAML 2 Interop status Prateek reported that Endpoint has been established, working on next steps with members of TC planning to participate. Prateek will forward information to the list. (Done - See <http://www.oasis-open.org/apps/org/workgroup/wss/email/ archives/200603/msg00021.html> ) 4. Issues list (if any issues) TC thanks Mike Rudolf for updating issues list. No open issues currently on list. Tony has new issue, related to closed issue item, errata item. In non-normative section is a mistaken URI which needs correction. AI - Tony to post red-line version of errata indicating fix for non- normative typo. If no objections raised on the list regarding the fix, will start ballot to approve 3 days after posting on list. 5. Remaining business for 2006 (continuing prior discussion) Errata, SAML 2 interop ( already discussed on this call). OTP profile discussion: Updated converged specification was posted about two weeks ago, no comments on list apart from comments from Tony on list. Concern raised by Tony regarding all contributions associated with the document, and ability to identify all authors and their willingness to license IPR. (see <http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/ 200603/msg00014.html>, <http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/ 200603/msg00017.html> ) John Linn indicated that meeting OASIS policy was confirmed by submitters in last fall, worked with major contributors (authors) to achieve submission. Tony asks about technical contributions by various parties, concerned about potential IPR issues. John Linn - can always have IPR issues from any party. Tony - concerned that we cannot identify everyone that has contributed to document. John Linn - have sought to identify and contact parties that have contributed to document, doing what OASIS policy required. Chris - In the past the TC has had an approach where anyone who has contributed to a submission document has agreed to make the material royalty free. Abbie points out that under the legacy IPR policy, that this is not required. Link to Legacy IPR Policy: <http://www.oasis-open.org/who/ipr/intellectual_property_2000-1-13.php> Paul Cotton states that he is looking for something from contributors of OTP work similar to this statement from the original submissions to WSS : <http://www.oasis-open.org/committees/wss/documents/ipr_statement.shtml> (June 26, signed by original authors of WSS contribution, IBM, Microsoft, Verisign) Issue is that all authors properly identified and willing to contribute under RF policy. John Linn - RSA and Verisign are the submitters. Abbie - Need to understand IPR implications of submission before voting on it. Recommendation that OTP submitters look at submission statement whose URL Paul Cotton provided and consider providing additional clarification. John agrees to speak with Phillip Hallam-Baker (co-editor) and to determine how to respond to concerns. Paul Cotton: Hal had technical questions on key derivation in the list AI Create OTP - issue for Hal technical comments See <http://lists.oasis-open.org/archives/wss/200601/msg00012.html> AI Create OTP - issue Tony sent email which needs to be captured in issues list, reference to SecureID, registered trademark See <http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/ 200603/msg00018.html> Need to double check that trademark use is allowed in document (not allowed in name need to double check) (Note Frederick has raised with OASIS board Process/IPR committees). See consolidated submission <http://www.oasis-open.org/apps/org/workgroup/wss/download.php/17082/ wss-1.1-OTPTokenProfile-draft-01.pdf> Paul Cotton : Line 172-174, 175-177 where is SecureID-AES algorithm defined? John Linn, possible to remove line 172-177 Concern about legal issues associated SecureID-AES Paul Cotton - URIs in section 2.3 describe time based algorithms, need to understand technology references and what patent statement covers. Are they described in non-referenced material? Can we understand IPR status? John - no intent that any algorithm is required to implement this specification Irving Reed - This is about naming, some OTP algorithms are proprietary, still want to be able to name them. Hal - not useful for interop if you cannot find out details of algorithm, need to have published reference Irving Reed - can use if you own/license algorithm, so still useful Hal - reasonable to allow any identifier to be used, but spec should only list those that can be used. No need for proprietary identifier to be standardized. Chris - concern about references to encumbered algorithms/identifiers. John agrees to look at original WSS IPR statement noted above. Question of when a response can be expected, to determine whether we should have next call. Will discuss on list as needed. Decide at end of next week determine whether enough material to have the next WSS call. Will keep call on calendar since we may also have other business - errata, FAQ etc. Paul notes that WSS conflicts with WS-SX F2F meeting. Maybe schedule WSS for 1 hour. Minimal Profile - need a bit more time to research, will report back on next call. 6. Other business Discussion of Hal FAQ posting. <http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/ 200603/msg00019.html> FAQ based on OASIS FAQ template. Asks TC to review and then we can make changes and adopt for web site. Plan to vote on it so it reflects TC opinion. Paul Cotton - comment, would like references to technologies that are referenced in FAQ (e.g. TLS etc), also visible links for those that print document. Question regarding REL - need reference to standard. Action for TC to review. 7. Adjournment [1] http://lists.oasis-open.org/archives/wss/200603/msg00009.html =============================================== Attendance First Last Name Company Abbie Barbir Nortel Networks Limited* Carolina Canales-Valenzuela Ericsson* Symon Chang Blue Titan Software* Kefeng Chen GeoTrust, Inc.* Paul Cotton Microsoft Corporation* Thomas DeMartini ContentGuard* Don Flinn* Individual Ben Hammond RSA Security* Frederic Hirsch Nokia Corporation* Dana Kaufman Forum Systems, Inc.* Rich Levinson Computer Associates* John Linn RSA Security* Hal Lockhart BEA Systems, Inc.* Michael McIntosh IBM* Prateek Mishra Oracle Corporation* Ronald Monzillo Sun Microsystems* Vamsi Motukuru Oracle Corporation* Anthony Nadalin IBM* Kojiro Nakayama Hitachi, Ltd.* Irving Reid Hewlett-Packard* Pete Wenzel Sun Microsystems* Chris Kaler Microsoft Corporation* Kelvin Lawrence IBM* Members Kefeng Chen GeoTrust, Inc.* Kate Cherry Lockheed Martin* Phillip Hallam-Baker VeriSign * Will Raymond Tibco Software Inc.* Greg Whitehead Hewlett-Packard* Lost Status Toshihir Nishimura, Fujitsu Limited Denis Pilipchuk BEA Systems, Inc. Ron Williams IBM* Regained Status Kate Cherry Lockheed Martin* Phillip Hallam-Baker VeriSign * Greg Whitehead Hewlett-Packard* --
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]