Logistics
Roll-call
Other Business
Business In Order
Action Items & Motions
References
| Meeting Date | 07/11/2002 |
| Meeting Time | 12:00 pm EDT |
| Location | Dial-in Number: 888-742-8686 Call host Waveset Technologies |
| Duration | 1 Hour |
| Chair | Phil Griffin, Griffin Consulting |
| Recording Secretary | Darran Rolls, Waveset Technologies |
| Agenda | As published [1] |
| (PG) | Phil Griffin, Griffin Consulting | OASIS XCBF TC | Present |
| (KB) | Karl Best, OASIS | OASIS | Present |
| (HL) | Hal Lockhart, Entegrity | OASIS XACML TC | Present |
| (JP) | Joe Pato, HP Labs | OASIS SS TC | Absent |
| (HR) | Hari Reddy, ContentGuard | OASIS RL TC | Present |
| (MM) | Monca Martin, Certivo | OASIS XCBF TC | Present |
| (DR) | Darran Rolls, Waveset | OASIS PS TC | Present |
| (KS) | Krishna Sankar, Cisco | OASIS TAB | Absent |
| (CA) | Carlisle Adams, Entrust | OASIS XACML TC | Present |
| HL | WSA-WG OASIS errata handling and report on WSA-WG Security Task Force Meeting as proposed in [2] |
| 4 | Agree to last meeting minutes |
| PG | Motion to accept minutes as published? |
| DR | Seconded - passed (M). |
| PG | Review action items (see item 12 below). |
| 5 | Agree to proposed agenda |
| PG | New business noted and discussed as items 10 & 11 (below) |
| 6 | Agree on our name - SJC or SSJC. |
| PG | Which will it be? |
| KB | You choose. |
| PG | Motion to use SJC as our official acronym - passed (M). |
| 7 | Discuss SJC meeting schedule |
| PG | Have basic rotation. Can we agree on the next three meetings. July 25th, August 8th & 22rd? Stick to existing schedule (Thursday 12 EDT). Hosts? |
| DR | 25th July OASIS. August 8th HP, August 22nd Waveset. |
| DR | DR to note on SJC site and send dates to list (AI). |
| 8 | Discussion of upcoming WS security conference |
| KB | (Update in KS absence). One day August 26th as part of Web Services One conference [3]. KS constructing program, hopefully available by the end of next week. HL, CA, DR from SJC have said they are available. KS sent a draft to the list. In summary, present outline architecture, discuss its pieces and identify any holes. Would be focused on OASIS and W3C efforts. Cover each TC effort/specification in approx. 15 slots. Exact format undefined. W3C/OASIS cooperation will be a key message. |
| DR | Is the outcome of the event official in any way? |
| KB | Hopefully feeds directly into WSA-WG STF and OASIS WSS. |
| CA | Consensus of what's missing should be an official output from this event. |
| KB | To present CA's suggestion to program committee (AI). |
| PG | Note this event on site? |
| KB | Should have an official abstract in a couple of days. |
| DR | To note details on SJC site with a pre-release sentence and follow up with official abstract when available (AI). |
| PG | Add an agenda item for August 22nd meeting to discuss (AI). |
| 9 | Discuss SJC purpose and charter |
| PG | Discuss (DR) proposal [4] |
| PG | Consider 4.1, 4.2, 4.3 |
| PG | Consensus support for these goals. |
| DR | Consider 1.1 |
| HL | Terms are very important; when it means the same thing, we should use the same wording. |
| PG | We probably already have overlap. Lynn Wheeler doc [?? anyone] did a great job of pulling together terms for ASN.1. Pulled existing glossaries together and identity overlap, then over-time ASN.1 tried to resolve differences. |
| CA | SAML/XACML/SPML has roughly already done this (although not officially) |
| HR | How do we "encourage" conformity? Appropriate wording should address this. |
| DR | General support for 1.1 concept in charter and 1.3 as a deliverable. |
| DR | Consider 1.2 |
| HR | What does endorse mean? |
| HL | Possibly three steps: 1 - TC says here's something |
| PG | We are using the doc templates but is there something beyond that? |
| KB | Doc book is an evolving thing but does not have the same scope of this proposal. |
| DR | Consider 1.4 |
| HL | Looks like a lot of work. |
| DR | Consensus to drop from proposal. |
| DR | Consider 1.5. Consensus to table pending 1.2 |
| DR | Consider 2.1 |
| PG | We have already agreed to this. Consider removing the term "road-map" |
| HR | Not sure we have. Concerned over context of end-to-end. |
| KB | Concept of model & roadmap is valuable. |
| CA | Possibly an extension of the domain model concept used in SAML/XACML |
| PG | Out of time. Carry over discussion to next meeting. |
| DR | To update charter discussion document in line with comments and re-post to list (AI). |
| 10 | New Business - Errata of OASIS documentation |
| KB | TAB is probably the best place to address this. Send issues to me. |
| 11 | Report on WSA-WG |
| HL | (DR), (HL) & (KS) attended the WSA-WG Security Task Force (STF). The STF defines three main objectives/deliverables: 1 - Requirements for charter of W3C WS Security Group STF is suggesting a W3C security workshop to help form the charter before the next WSA-WG F2F in September. |
| HR | Was the impact and effect of WSS@OASIS discussed or defined by the STF? |
| HL | Clearly positioned as TBD. |
| PG | Propose a regular agenda item for an WSA-TF STF report to this group (AI). |
| DR | To send minutes of WSA-WG STF meetings to SSJC list (AI). |
| 12 | Review Action Items From 6/26/2002 | ||
| 1 | PG | To include link to published minutes in agenda postings. |
Done |
| 2 | PG | OASIS seminar/workshop on security for web services - agenda item carried over to next meeting. |
Done |
| 3 | PG | Discuss allowing non security OASIS TC's on SJC mailing. Carry this item over to the next meeting. |
Done |
| 4 | JP | To make a statement on "gating factors" for opening SSJC con-call to a wider audience. |
Done |
| 13 | Motion to adjourn |
| Meeting adjourned at 13:05 EST to reconvene July 25th at 12 noon EDT |
| Owner | Action Item | |
| 1 | DR | DR to annotate meeting schedule on SJC site and send to list. |
| 2 | KB | To present to the security conference program committee (CA) suggestion tat there be a published document that details the findings of the conference. |
| 3 | DR | To note details of August security conference on SJC site with a pre-release sentence and follow up with official abstract when available. |
| 4 | PG | Add an agenda item for August 22nd meeting to discuss final arrangements before the security conference. |
| 5 | PG | Create a regular agenda item for an WSA-TF STF update fro this group. (HL) lead, backup (DR) (KS). |
| 6 | DR | To send minutes of WSA-WG STF meetings to SSJC list. |
| 7 | DR | To update charter discussion document in line with comments and re-post to list. |
| Motions | ||
| PG | Motion to accept meeting minutes as published. | Passed unanimously |
| PG | Motion to use SJC as our official acronym. | Passed unanimously |
[1] http://lists.oasis-open.org/archives/security-jc/200207/msg00016.html
[2]
http://lists.oasis-open.org/archives/security-jc/200207/msg00017.html
[3] http://lists.oasis-open.org/archives/security-jc/200207/msg00006.html
[4] http://lists.oasis-open.org/archives/security-jc/200207/msg00005.html