wss message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: RE: [wss] WSS TC Minutes 2006-08-08 (with roll call)
- From: <rudolphm@wellsfargo.com>
- To: <drsecure@us.ibm.com>
- Date: Wed, 16 Aug 2006 19:12:18 -0500
Issue list #90 is posted. Please feel free to point out any
errors of categorization etc.
Thanks,
...Mike Rudolph
IST Security Architecture
Wells Fargo
Bank
Desk (415) 243-5299 ... Cell (415) 806-4815
These opinions are
entirely my own and not necessarily those of Wells
Fargo.
"This
message may contain confidential and/or privileged information. If you are not
the addressee or authorized to receive this for the addressee, you must not use,
copy, disclose, or take any action based on this message or any information
herein. If you have received this message in error, please advise the sender
immediately by reply e-mail and delete this message. Thank you for your
cooperation."
Can we get issues assigned to these items so we can track them and report on
them ?
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
"Paul Cotton"
<Paul.Cotton@microsoft.com>
"Paul Cotton"
<Paul.Cotton@microsoft.com>
08/08/2006 01:29 PM |
|
WSS
TC Minutes 2006-08-08
New ACTION items:
ACTION 2006-08-08-01 Chris
to drive the TC discussion of which URI is
being used for the X509
token.
ACTION 2006-08-08-02 Tony Nadalin to investigate the history of
the key
derivation section in the errata and to post the history to the TC
email
list.
ACTION 2006-08-08-03 Editors to produce 1.1 errata
documents and revised
1.1 documents showing the errata changes by Aug
15.
1. Roll call
Voting Members
Kate
Cherry Lockheed Martin*
Paul
Cotton Microsoft
Corporation*
Thomas DeMartini
ContentGuard*
Don Flinn*
Individual
Ben Hammond
RSA Security*
Frederick Hirsch
Nokia Corporation*
Chris
Kaler Microsoft
Corporation*
Dana Kaufman
Forum Systems, Inc.*
Kelvin Lawrence
IBM*
Rich
Levinson Oracle
John
Linn RSA Security*
Hal
Lockhart BEA
Systems, Inc.*
ronald monzillo
Sun Microsystems*
Anthony Nadalin
IBM*
Kojiro Nakayama
Hitachi, Ltd.*
Mike
Rudolph Wells Fargo*
John
Weiland US Dept of the
Navy*
Pete Wenzel
Sun Microsystems*
Greg
Whitehead Hewlett-Packard*
Members
Chen
Kefeng
GeoTrust
Rich Levinson
Oracle Corporation*
Ron
Williams IBM*
Corinna Witt
BEA Systems, Inc.*
2. Approve
last minutes
Jun 27 minutes:
http://lists.oasis-open.org/archives/wss/200606/msg00003.html
Adopted
unanimously.
3. Issues list
There is no updated issues
list.
a. WSS 1.1 X509v3 URI Problem - Section 8.3, Dana K
http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200606/m
sg00001.html
===
I
don't know if this has already been reported but in WSS 1.1 section
8.3, the
URI for X509v3 is incorrectly documented and conflicts with WSS
X509
Certificate Token Profile 1.1.
The incorrect URI is:
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-sec
urity-1.0#X509v3
The
correct URI for X509v3 is:
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profi
le-1.0#X509v3
==
Hal's
response:
http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200606/m
sg00004.html
Tony
Nadalin suggested removing the #X509V3 on line 158 of X509 Token
Profile 1.1.
Usages of the fragment id in the Token Profile should use
the WSS Core
base URI. Note that the #X509V3 value is defined on line
1399 of WSS
Core 1.1:
http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os
-SOAPMessageSecurity.pdf
Chris suggested that the TC members research which of the two URIs
is
being used (either the one from the token profile or the Core
spec)
before we determine what to change.
ACTION 2006-08-08-01 Chris
to drive the TC discussion of which URI is
being used for the X509
token.
Tony pointed out that the TC interop documents used the WSS Core
base
URI.
b. Kereberos Token Profile Issues, Dana K
http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200606/m
sg00005.html
The
proposed errata were adopted unanimously.
c. WSS X.509 Certificate Token
Profile 1.1 Issues, Dana K
http://www.oasis-
open.org/apps/org/workgroup/wss/email/archives/200606/msg00006.html
>Line
177 (table 2) documents #x509v1 as one of four token types defined
in the
profile.
The TC agreed unanimously to create an errata to remove
reference to the
#x509v1 token type.
d. Another Small WSS X.509
Certificate Token Profile 1.1 Change, DanaK
http://www.oasis-
open.org/apps/org/workgroup/wss/email/archives/200606/msg00007.html
The
proposed errata were adopted unanimously.
e. WSS 1.1 Profile - minor word
change, Dana K
http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200606/m
sg00008.html
The
proposed erratum was adopted unanimously.
f. Another X509 Token Profile
1.1 URI Issue, Dana K
http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200606/m
sg00009.html
The
TC agreed that the correct URI is:
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#Thumb
printSHA1
since
that is what the TC's interop documents used and what several
products
use.
Change 1014 in WSS Core 1.1 and line 480 in X509 Token Profile 1.1
to
use "Thumbprint" in the URI.
This erratum was adopted
unanimously.
g. Key Derivation section in Errata for UsernameToken
Profile 1.0
http://www.oasis-
open.org/apps/org/workgroup/wss/email/archives/200607/msg00000.html
ACTION
2006-08-08-02 Tony Nadalin to investigate the history of the key
derivation
section in the errata and to post the history to the TC email
list.
h.
SWA 1.1 Profile Issues, Dana K
http://www.oasis-
open.org/apps/org/workgroup/wss/email/archives/200607/msg00001.html
Fredericks
reply:
http://www.oasis-open.org/apps/org/workgroup/wss/email/archives/200607/m
sg00002.html
The
proposed errata were adopted unanimously including Frederick's
additional
change.
i. Kelvin's forward
The URL for this message is not yet
available.
Hal volunteered to make these comments on behalf of
BEA.
> Section 5.3:
> All refered "Section 5.4.1" should
be "Section 4.4.1"
> All refered "Section 5.4.2" should be "Section
4.4.2"
Frederick recommended that the above changes NOT be made.
The rest of
the SwA changes look okay. Tony recommended the other
changes to other
documents be adopted.
The proposed errata (except for
the above change to SwA Section 5.3)
were adopted unanimously.
4. Next
steps
Kelvin pointed out the next TC meeting would be on Aug 22.
Frederick asked if the TC wanted to do revised versions of
the
specifications or just errata documents. Frederick asked if the
Editors
should try to produce both documents before the next
meeting?
Paul asked where the "new errata process" was defined that Hal
and
Frederick had mentioned. Frederick and Hal indicated that it
was
forthcoming.
Chris proposed the following time line:
a) in
the next week the Editors produce errata documents and
revised
documents
b) we complete the outstanding action items for the next
meeting on Aug
22
c) we meet on Aug 22 to review a) and b)
d) we do an
electronic ballot on the accumulated errata and updated
documents after the
Aug 22 meeting
e) we have a another meeting approximately 6 weeks after the
Aug 22 to
process any subsequent errata.
ACTION 2006-08-08-03 Editors
to produce 1.1 errata documents and revised
1.1 documents showing the errata
changes by Aug 15.
5. Any other business
The Chairs asked for
volunteers to supply teleconference support for
future TC meetings.
6.
Adjournment
The meeting adjourned at 11:07 ET.
/paulc
Paul
Cotton, Microsoft Canada
17 Eleanor Drive, Ottawa, Ontario K2E 6A3
Tel:
(613) 225-5445 Fax: (425) 936-7329
mailto:Paul.Cotton@microsoft.com
smime.p7s
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]