Logistics
Roll-call
Other Business
Business In Order
Action Items & Motions
References
Meeting Date | 08/22/2002 |
Meeting Time | 10:00 PM PDT |
Location |
Dial-in #: 888-742-8686 Call host: Waveset Technologies |
Duration | 1 Hour |
Chair | Phil Griffin |
Recording Secretary | Darran Rolls |
Agenda | Available in [3] |
(PG) | Phil Griffin, Griffin Consulting | OASIS XCBF TC | Present |
(KB) | Karl Best, OASIS | OASIS | Present |
(HL) | Hal Lockhart, Entegrity | OASIS XACML TC | Present |
(JP) | Joe Pato, HP Labs | OASIS SS TC | Absent |
(HR) | Hari Reddy, ContentGuard | OASIS RL TC | Absent |
(MM) | Monca Martin, Certivo | OASIS XCBF TC | Present |
(DR) | Darran Rolls, Waveset | OASIS PS TC | Present |
(KS) | Krishna Sankar, Cisco | OASIS TAB | Absent |
(CA) | Carlisle Adams, Entrust | OASIS XACML TC | Present |
(BG) | Brad Gandee | OASIS RL TC | Present |
PG | None |
2 | Approve minutes of committee meeting 08-08-2002 published in [1] |
PG | Motion to accept minutes of committee meeting 08-08-2002. Passed unanimously. (M) |
3 | Discuss the OASIS submission dates and calendar |
KB | Change in TC process is before the TAB. Still another month away from board submission. Middle of September is the earliest date. Will announce to the OASIS lists when this becomes effective. Preview - specification approval process goes from 5 months to 2 months with a submission cycle starting every month. |
HL | Current 5 month cycle is 1 month prep - 3 month review - one month vote. What is the new one? |
KB | New cycle with be 2 weeks prep - 1 month review - 2 week vote. |
4 | Discuss the SPML and SAML question DR posed to the SJC in [2] |
DR | Want to explore if there is comment from the SJC that this is potentially a good thing. |
CA | Is this a request-response protocol issue or generating new SAML Statements? |
DR | Both. We would extend the request-response protocol and create new Statements. |
HL | Statement reuse encouraged by the SSTC. Lots of benefits in implantation technology too. |
HL | PG might want to review signature validity issues, may be useful information. Search SSTC list archive for details - topic along the lines of "inclusive canonical representation". |
PG | Note that XCBF does not use the W3C XMLDSIG digital signature techniques
based on the W3C XSD schema. |
PG | XCBF uses the ASN.1 schema from X9.84 for its XML markup and relies on
the same signature processing techniques currently in widespread use today in the IETF SMIME Cryptographic Message Syntax standard for binary data. |
PG | XCBF signature processing does not depend on either the inclusive or exclusive
canonical representation standards from the W3C, so that potential XML processing problems associated with these specifications can be avoided by XCBF by base64 armoring XCBF messages to make them opaque when embedded in XML documents just as is currently done today for other ASN.1 based security objects such as CRLs and X.509 certificates. |
HL | Stated that he had only wanted one signature method for XML. (PG) replied
that we already had two - one for ASN.1 schema based message objects such as CRLs and X.609 Certificates, and another more complex method for arbitrary XML documents, XMLDSIG. |
5 | Discuss proposed SJC charter text |
PG | Make the "security interoperabiliy model" goal a working document available from the JC. When completed, the SJC could consider making this an actual JC deliverable. |
PG | JC discussed the two proposals made some minor changes and additions. |
DR | To summarize comments on (DR) and (MM) proposals and send new draft to list for email vote before the next meeting (AI). |
HL | Note it is one vote per TC not one vote per participant |
PG | When Monica's two proposed items (1) and (2) are amended and agreed, the SJC will propose these to the TAB for consideration as applicable to ALL OASIS TCs. |
6 | Report on WS-1 conference |
KB | Everything looks good. |
HL | Did the issue get resolved re Prateek presenting slides fro PSTC and XCBF? |
DR | Sent slides for PSTC. (DR) to sent this template and contact details to (PG) so he might do the same for XCBF. |
7 | Other business - SJC Participation |
HL | Is the charter is now done, how do we open SJC participation to liaison representatives from other TC's? |
PG | As soon as the Charter is published yes. Based on Karls recommendation, PG will send a note to the chairs alias offering liaison to the SJC (AI). |
8 | Adjournment |
Meeting adjourned at 13:03 EDT to reconvene September 3rd at 9 am EDT |
Owner | Action Item | |
1 | DR | To summarize charter comments and send new draft to list for email vote before the next meeting |
2 | PG | Based on Karls recommendation, PG to send a note to the chairs alias offering liaison to the SJC. |
Motions | ||
PG | Motion to accept minutes of committee meeting 08-08-2002 | Passed unanimously |
PG | Motion to adjourned and reconvene August 22nd at 9 noon EDT. | Passed unanimously |
[1] http://www.oasis-open.org/committees/security-jc/minutes/minutes08-08-2002.html
[2] http://lists.oasis-open.org/archives/security-jc/200208/msg00011.html
[3] http://lists.oasis-open.org/archives/security-jc/200208/msg00017.html