----------------------------------------
DRAFT MINUTES
OASIS WS-BRSP TC Meeting
25 September 2014, 11:00am to 12:00pm PDT
----------------------------------------
Scribe: Gershon Janssen
0. Call to Order and roll call
Jacques Durand calls the meeting to order and welcomes everyone.
* Roll call:
Jacques Durand
Gershon Janssen
Pim van der Eijk
Alessio Soldano
Doug Davis
Ram Jeyaraman
Tom Rutt
Micah Hainline
Observer:
Tom Link
Anish Karmarkar
This meeting quorates.
Agenda adopted.
1. Administrative
Approval of August 28, 2014 meeting minutes:
Minutes approved by unanimous consent.
2. BSP11 public review feedback:
* Dispose of the BSP comment we got from the last PR
Summary of comment:
The new PR draft relaxes the requirements from mandating SHA-1 to mandating either SHA-1 or any of the SHA-2 algorithms.
This is understandable given the issues with SHA-1.
The profile goes to great lengths to ensure interoperability when using SHA-1; it specifies how to communicate with the other side that SHA-1 is being used.
There is nothing comparable specified for SHA-2.
The fundamental reason the profiles were created were to enable interoperability, it makes sense to include the same level (or equivalent) of interop requirements for SHA-2 as there are for SHA-1.
TC discussion:
- unless member companies are ready to extend and test appropriately the BSP11 to SHA-2x, then there is not much help in that upgrade
- concern is that the TC has made the profile less interoperable from its previous incarnation
Motion: The PR comment addresses a concern that was discussed at length in the resolution of this issue. After discussion, the TC reached concensus that the current spec meets the needs of current products, by making the use of SHA1 optional with the extensibility point for additional mechanisms. It was agreed to close this PR comment with no action.
Tom Rutt moved; Gershon seconds. Motion carried by unanimous consent.
* Move to CS for BSP1.1
Gershon moved; Tom Rutt seconded. Motion carried by unanious consent.
3. Progressing profiles to OASIS standards
Need to gather 3 statements of use, and this for each profile candidate(see templates sent in a recent email)
- Jacques was not able to find previous statements of use
- All organizations are encouraged to look at providing statements of use.
4. Adjourn
Next meeting: 30/October/2014
Meeting adjourned.