[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: WSS TC Minutes 2006-08-08 (with roll call)
WSS TC Minutes 2006-08-08 New ACTION items: ACTION 2006-08-08-01 Chris to drive the TC discussion of which URI is being used for the X509 token. ACTION 2006-08-08-02 Tony Nadalin to investigate the history of the key derivation section in the errata and to post the history to the TC email list. ACTION 2006-08-08-03 Editors to produce 1.1 errata documents and revised 1.1 documents showing the errata changes by Aug 15. 1. Roll call Voting Members Kate Cherry Lockheed Martin* Paul Cotton Microsoft Corporation* Thomas DeMartini ContentGuard* Don Flinn* Individual Ben Hammond RSA Security* Frederick Hirsch Nokia Corporation* Chris Kaler Microsoft Corporation* Dana Kaufman Forum Systems, Inc.* Kelvin Lawrence IBM* Rich Levinson Oracle John Linn RSA Security* Hal Lockhart BEA Systems, Inc.* ronald monzillo Sun Microsystems* Anthony Nadalin IBM* Kojiro Nakayama Hitachi, Ltd.* Mike Rudolph Wells Fargo* John Weiland US Dept of the Navy* Pete Wenzel Sun Microsystems* Greg Whitehead Hewlett-Packard* Members Chen Kefeng GeoTrust Rich Levinson Oracle Corporation* Ron Williams IBM* Corinna Witt BEA Systems, Inc.* 2. Approve last minutes Jun 27 minutes: http://lists.oasis-open.org/archives/wss/200606/msg00003.html Adopted unanimously. 3. Issues list There is no updated issues list. a. WSS 1.1 X509v3 URI Problem - Section 8.3, Dana K http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200606/m sg00001.html === I don't know if this has already been reported but in WSS 1.1 section 8.3, the URI for X509v3 is incorrectly documented and conflicts with WSS X509 Certificate Token Profile 1.1. The incorrect URI is: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-sec urity-1.0#X509v3 The correct URI for X509v3 is: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profi le-1.0#X509v3 == Hal's response: http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200606/m sg00004.html Tony Nadalin suggested removing the #X509V3 on line 158 of X509 Token Profile 1.1. Usages of the fragment id in the Token Profile should use the WSS Core base URI. Note that the #X509V3 value is defined on line 1399 of WSS Core 1.1: http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os -SOAPMessageSecurity.pdf Chris suggested that the TC members research which of the two URIs is being used (either the one from the token profile or the Core spec) before we determine what to change. ACTION 2006-08-08-01 Chris to drive the TC discussion of which URI is being used for the X509 token. Tony pointed out that the TC interop documents used the WSS Core base URI. b. Kereberos Token Profile Issues, Dana K http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200606/m sg00005.html The proposed errata were adopted unanimously. c. WSS X.509 Certificate Token Profile 1.1 Issues, Dana K http://www.oasis- open.org/apps/org/workgroup/wss/email/archives/200606/msg00006.html >Line 177 (table 2) documents #x509v1 as one of four token types defined in the profile. The TC agreed unanimously to create an errata to remove reference to the #x509v1 token type. d. Another Small WSS X.509 Certificate Token Profile 1.1 Change, DanaK http://www.oasis- open.org/apps/org/workgroup/wss/email/archives/200606/msg00007.html The proposed errata were adopted unanimously. e. WSS 1.1 Profile - minor word change, Dana K http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200606/m sg00008.html The proposed erratum was adopted unanimously. f. Another X509 Token Profile 1.1 URI Issue, Dana K http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200606/m sg00009.html The TC agreed that the correct URI is: http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#Thumb printSHA1 since that is what the TC's interop documents used and what several products use. Change 1014 in WSS Core 1.1 and line 480 in X509 Token Profile 1.1 to use "Thumbprint" in the URI. This erratum was adopted unanimously. g. Key Derivation section in Errata for UsernameToken Profile 1.0 http://www.oasis- open.org/apps/org/workgroup/wss/email/archives/200607/msg00000.html ACTION 2006-08-08-02 Tony Nadalin to investigate the history of the key derivation section in the errata and to post the history to the TC email list. h. SWA 1.1 Profile Issues, Dana K http://www.oasis- open.org/apps/org/workgroup/wss/email/archives/200607/msg00001.html Fredericks reply: http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200607/m sg00002.html The proposed errata were adopted unanimously including Frederick's additional change. i. Kelvin's forward The URL for this message is not yet available. Hal volunteered to make these comments on behalf of BEA. > Section 5.3: > All refered "Section 5.4.1" should be "Section 4.4.1" > All refered "Section 5.4.2" should be "Section 4.4.2" Frederick recommended that the above changes NOT be made. The rest of the SwA changes look okay. Tony recommended the other changes to other documents be adopted. The proposed errata (except for the above change to SwA Section 5.3) were adopted unanimously. 4. Next steps Kelvin pointed out the next TC meeting would be on Aug 22. Frederick asked if the TC wanted to do revised versions of the specifications or just errata documents. Frederick asked if the Editors should try to produce both documents before the next meeting? Paul asked where the "new errata process" was defined that Hal and Frederick had mentioned. Frederick and Hal indicated that it was forthcoming. Chris proposed the following time line: a) in the next week the Editors produce errata documents and revised documents b) we complete the outstanding action items for the next meeting on Aug 22 c) we meet on Aug 22 to review a) and b) d) we do an electronic ballot on the accumulated errata and updated documents after the Aug 22 meeting e) we have a another meeting approximately 6 weeks after the Aug 22 to process any subsequent errata. ACTION 2006-08-08-03 Editors to produce 1.1 errata documents and revised 1.1 documents showing the errata changes by Aug 15. 5. Any other business The Chairs asked for volunteers to supply teleconference support for future TC meetings. 6. Adjournment The meeting adjourned at 11:07 ET. /paulc Paul Cotton, Microsoft Canada 17 Eleanor Drive, Ottawa, Ontario K2E 6A3 Tel: (613) 225-5445 Fax: (425) 936-7329 mailto:Paul.Cotton@microsoft.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]