We are pleased to announce the availability of two new Committee Specifications by the members of the Biometric Services (BIOSERV) TC:

Biometric Identity Assurance Services (BIAS) SOAP Profile Version 2.0
Committee Specification 01
11 July 2017

and

WS-Biometric Devices Version 1.0
Committee Specification 01
11 July 2017

The Biometric Identity Assurance Services (BIAS) Soap Profile is a
companion standard to ISO/IEC 30108-1:2015, Information technology — Biometric Identity Assurance Services. It specifies the design concepts and architecture, data model and data dictionary, message structure and rules, and error handling necessary to invoke SOAP-based services that implement BIAS operations.

Together, the BIAS standard and the BIAS profile provide an open framework for deploying and remotely invoking biometric-based identity assurance capabilities that can be readily accessed across an SOA infrastructure.

The emergence of web services as a common communications bus has profound implications for biometric services. The next generation will not only need to be intelligent, secure, tamper-proof, and spoof resistant, they will also need to be interoperable.

WS-Biometric Devices is a protocol designed to advance this goal,
with a specific focus on the single process shared by all biometric systems.

These Committee Specifications are OASIS deliverables, completed and approved by the TC and fully ready for testing and implementation.

About the Technical Committee

The OASIS BIOSERV TC is chartered to define, enhance, and maintain open standards that facilitate the use of biometrics and biometric operations over a service-oriented architecture, such as web services. Membership in the BIOSERV TC is open to all OASIS members.

The prose specifications and related files are available here:

– Biometric Identity Assurance Services (BIAS) SOAP Profile Version 2.0

PDF (Authoritative):
http://docs.oasis-open.org/bioserv/BIAS/v2.0/cs01/BIAS-v2.0-cs01.pdf

HTML:
http://docs.oasis-open.org/bioserv/BIAS/v2.0/cs01/BIAS-v2.0-cs01.html

Editable source:
http://docs.oasis-open.org/bioserv/BIAS/v2.0/cs01/BIAS-v2.0-cs01.docx

XML schemas:
http://docs.oasis-open.org/bioserv/BIAS/v2.0/cs01/schemas/

– WS-Biometric Devices Version 1.0

PDF (Authoritative):
http://docs.oasis-open.org/bioserv/WSBD/v1.0/cs01/WSBD-v1.0-cs01.pdf

HTML:
http://docs.oasis-open.org/bioserv/WSBD/v1.0/cs01/WSBD-v1.0-cs01.html

Editable source:
http://docs.oasis-open.org/bioserv/WSBD/v1.0/cs01/WSBD-v1.0-cs01.docx

XML schema:
http://docs.oasis-open.org/bioserv/WSBD/v1.0/cs01/schemas/wsbd-v1.0.xsd

Distribution ZIP files

For your convenience, OASIS provides complete packages of the prose specifications and related files in ZIP distribution files. You can download the ZIP files here:

– BIAS Soap Profile: http://docs.oasis-open.org/bioserv/BIAS/v2.0/cs01/BIAS-v2.0-cs01.zip

– WS-Biometric Devices: http://docs.oasis-open.org/bioserv/WSBD/v1.0/cs01/WSBD-v1.0-cs01.zip

Members of the Bioserv TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:

[1] OASIS Biometric Services (BIOSERV) TC
https://www.oasis-open.org/committees/bioserv/

[2] Public reviews:
– 30-day public review, 20 October 2016:
https://lists.oasis-open.org/archives/members/201610/msg00007.html
– Comment resolution logs:
– BIAS Soap Profile: http://docs.oasis-open.org/bioserv/BIAS/v2.0/csprd01/BIAS-v2.0-csprd01-comment-resolution-log.doc
– WS-Biometric Devices: http://docs.oasis-open.org/bioserv/WSBD/v1.0/csprd01/WSBD-v1.0-csprd01-comment-resolution-log.docx

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3100

The members of the OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) TC [1] have requested that OASIS submit the following OASIS Standard:

Authentication Step-Up Protocol and Metadata Version 1.0
OASIS Standard
24 May 2017

to ITU-T Study Group 17 [2] for approval as an ITU-T Recommendation under the terms of the Submission Request [3].

The OASIS Liaison Policy [4] requires that this Request be posted for member review for 30 days, for comment on the proposed terms, before transmitting it to ITU-T.

Authentication Step-Up Protocol and Metadata Version 1.0 was approved as an OASIS Standard on 24 May 2016 and is available here:

http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/os/trust-el-protocol-v1.0-os.html

Member Review Period:

The member public review starts 26 July 2017 at 00:00 GMT and ends 24 August 2017 at 23:59 GMT.

This is an open invitation to OASIS members to comment on the proposed terms of submission, described in the Request. Comments may be submitted by any OASIS member to the TC by directing them to the oasis-member-discuss@lists.oasis-open.org mailing list. Members should not need to subscribe to the list; as each member should be able to use it automatically. If you have a problem posting to it, let us know. Please direct any other questions to tc-admin@oasis-open.org.

Comments submitted to this list are publicly archived and can be viewed at:

https://lists.oasis-open.org/archives/oasis-member-discuss/

========== Additional references:

[1] OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) TC:
https://www.oasis-open.org/committees/trust-el/

[2] ITU-T SG 17: http://www.itu.int/en/ITU-T/studygroups/2017-2020/17/Pages/default.aspx

[3] Submission Request: https://www.oasis-open.org/committees/document.php?document_id=61193

[4] OASIS Liaison Policy:
https://www.oasis-open.org/policies-guidelines/liaison#submitwork

The OASIS Business Document Exchange (BDXR) TC members [1] have approved submitting the following Candidate OASIS Standards to the OASIS membership in a call for consent for OASIS Standard:

Service Metadata Publishing (SMP) Version 1.0
Candidate OASIS Standard 01
09 March 2017

and

Business Document Metadata Service Location Version 1.0
Candidate OASIS Standard 02
06 June 2017

This Call for Consent is taking place under the revised TC Process rules effective 01 July 2017 [2]. This is a call to the primary or alternate representatives of OASIS Organizational Members to consent or object to this approval. You are welcome to register your consent explicitly on the ballot; however, your consent is assumed unless you register an objection [3]. To register an objection, you must:

1. Indicate your objection on the ballot, and

2. Provide a reason for your objection and/or a proposed remedy to the TC.

You may provide the reason in the comment box or by email to the Technical Committee on its comment mailing list or, if you are a member of the TC, to the TC’s mailing list [3]. If you provide your reason by email, please indicate in the subject line that this is in regard to the Call for Consent. Note that failing to provide a reason and/or remedy may result in an objection being deemed invalid.

These Committee Specifications were approved by the Technical Committee and were submitted for the required 60-day public reviews [4]. All requirements of the OASIS TC Process having been met [5], the Candidate OASIS Standard is now submitted to the voting representatives of OASIS organizational members.

— Details —

The Calls for Consent open 19 July 2017 at 00:00 UTC and close 01 August 2017 at 23:59 UTC. You can access the ballots at:

– Service Metadata Publishing (SMP) v1.0

Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=3104

Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=3104

– Business Document Metadata Service Location v1.0

Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=3105

Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=3105

OASIS members should ensure that their organization’s voting representative responds according to the organization’s wishes. If you do not know the name of your organization’s voting representative is, go to the My Account page at

http://www.oasis-open.org/members/user_tools

then click the link for your Company (at the top of the page) and review the list of users for the name designated as “Primary”.

— Information about the Candidate OASIS Standard and the BDXR TC —

Service Metadata Publishing describes a protocol for publishing service metadata within a 4-corner network.

In a 4-corner network, entities are exchanging business documents through intermediary gateway services (sometimes called Access Points). To successfully send a business document in a 4-corner network, an entity must be able to discover critical metadata about the recipient (endpoint) of the business document, such as types of documents the endpoint is capable of receiving and methods of transport supported. The recipient makes this metadata available to other entities in the network through a Service Metadata Publisher service.

This specification describes the request/response exchanges between a Service Metadata Publisher and a client wishing to discover endpoint information. A client can either be an end-user business application or a gateway/access point in the 4-corner network. It also defines the request processing that must happen at the client.

Business Document Metadata Service Location defines service discovery method values for use in DNS Resource Record service fields. A method is first specified to query and retrieve a URL for metadata services. Two metadata service types are then defined. Also an auxiliary method pattern for discovering a registration service to enable access to metadata services is described. The methods defined here are instances of the generic pattern defined within IETF RFCs for Dynamic Delegation Discovery
Services (DDDS). This specification therefore defines DDDS applications for metadata and metadata-registration services.

The OASIS BDXR TC advances an open standards framework to support public e-procurement and e-invoicing. The group defines specifications for a lightweight and federated messaging infrastructure that supports a 4-corner model for the secure and reliable exchange of electronic documents. Wherever possible, the TC specifications are based on profiles of existing standards from OASIS and elsewhere. BDXR TC members also coordinate the submission of new requirements as use cases for expanded functionality.

The specification documents and related files are available here:

– Service Metadata Publishing (SMP) Version 1.0

http://docs.oasis-open.org/bdxr/bdx-smp/v1.0/cos01/bdx-smp-v1.0-cos01.doc
http://docs.oasis-open.org/bdxr/bdx-smp/v1.0/cos01/bdx-smp-v1.0-cos01.html
http://docs.oasis-open.org/bdxr/bdx-smp/v1.0/cos01/bdx-smp-v1.0-cos01.pdf

– Business Document Metadata Service Location Version 1.0

http://docs.oasis-open.org/bdxr/BDX-Location/v1.0/cos02/BDX-Location-v1.0-cos02.odt
http://docs.oasis-open.org/bdxr/BDX-Location/v1.0/cos02/BDX-Location-v1.0-cos02.html
http://docs.oasis-open.org/bdxr/BDX-Location/v1.0/cos02/BDX-Location-v1.0-cos02.pdf

JSON example file: http://docs.oasis-open.org/bdxr/BDX-Location/v1.0/cos02/examples/

Distribution ZIP files:

For your convenience, OASIS provides a complete package of the prose specifications and related files in ZIP distribution files. You can download the ZIP files here:

– Service Metadata Publishing (SMP) v1.0: http://docs.oasis-open.org/bdxr/bdx-smp/v1.0/cos01/bdx-smp-v1.0-cos01.zip

– Business Document Metadata Service Location v1.0: http://docs.oasis-open.org/bdxr/BDX-Location/v1.0/cos02/BDX-Location-v1.0-cos02.zip

— Additional information —

[1] OASIS Business Document Exchange (BDXR) TC
https://www.oasis-open.org/committees/bdxr/

TC IPR page
https://www.oasis-open.org/committees/bdxr/ipr.php

[2] https://www.oasis-open.org/policies-guidelines/tc-process-2017-05-26#OScallForConsent

[3] https://www.oasis-open.org/policies-guidelines/tc-process-2017-05-26#OScallForConsent

BDXR comment mailing list: bdxr-comment@lists.oasis-open.org
(You must be subscribed to send to this list. To subscribe, see https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=bdxr.)

BDXR main mailing list: bdxr@lists.oasis-open.org

[4] Public reviews:
– Service Metadata Publishing (SMP) v1.0
60-day public review, 16 March 2017: https://lists.oasis-open.org/archives/members/201703/msg00003.html
– Comment resolution log: http://docs.oasis-open.org/bdxr/bdx-smp/v1.0/cos01/bdx-smp-v1.0-cos01-comment-resolution-log.xls

– Business Document Metadata Service Location v1.0
60-day public review, 16 March 2017: https://lists.oasis-open.org/archives/members/201703/msg00003.html
– Comment resolution log: http://docs.oasis-open.org/bdxr/BDX-Location/v1.0/cos01/BDX-Location-v1.0-cos01-comment-resolution-log.xls

[5] Candidate OASIS Standard Special Majority Votes:

– Service Metadata Publishing (SMP) v1.0:
https://www.oasis-open.org/committees/ballot.php?id=3046 and
https://www.oasis-open.org/committees/ballot.php?id=3079

– Business Document Metadata Service Location:
https://www.oasis-open.org/committees/ballot.php?id=3047 and
https://www.oasis-open.org/committees/ballot.php?id=3078

OASIS is pleased to announce the approval and publication of two new Committee Specifications by the members of the OASIS Key Management Interoperability Protocol (KMIP) TC:

Key Management Interoperability Protocol Specification Version 1.4
Committee Specification 01
18 June 2017

and

Key Management Interoperability Protocol Profiles Version 1.4
Committee Specification 01
18 June 2017

The Key Management Interoperability Protocol (KMIP) is a single, comprehensive protocol for communication between clients and servers to manage a wide range of encryption keys. By replacing redundant, incompatible key management protocols, KMIP provides better data security while at the same time reducing expenditures
on multiple products.

KMIP Specification v1.4 is intended for developers and architects who wish to design systems and applications that interoperate using the Key Management Interoperability Protocol Specification.

KMIP Profiles v1.4 specifies conformance clauses that define the use of objects, attributes, operations, message elements and authentication methods within specific contexts of KMIP server and client interaction.

These are OASIS deliverables, completed and approved by the TC and fully ready for testing and implementation.

The specifications and related files are freely available via the following links:

– Key Management Interoperability Protocol Specification Version 1.4

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/spec/v1.4/cs01/kmip-spec-v1.4-cs01.docx

HTML:
http://docs.oasis-open.org/kmip/spec/v1.4/cs01/kmip-spec-v1.4-cs01.html

PDF:
http://docs.oasis-open.org/kmip/spec/v1.4/cs01/kmip-spec-v1.4-cs01.pdf

– Key Management Interoperability Protocol Profiles Version 1.4

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/profiles/v1.4/cs01/kmip-profiles-v1.4-cs01.docx

HTML:
http://docs.oasis-open.org/kmip/profiles/v1.4/cs01/kmip-profiles-v1.4-cs01.html

PDF:
http://docs.oasis-open.org/kmip/profiles/v1.4/cs01/kmip-profiles-v1.4-cs01.pdf

Mandatory test cases:
http://docs.oasis-open.org/kmip/profiles/v1.4/cs01/test-cases/kmip-v1.4/mandatory/

Optional test cases:
http://docs.oasis-open.org/kmip/profiles/v1.4/cs01/test-cases/kmip-v1.4/optional

Distribution ZIP files

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

– KMIP Specification v1.4: http://docs.oasis-open.org/kmip/spec/v1.4/cs01/kmip-spec-v1.4-cs01.zip

– KMIP Profiles v1.4: http://docs.oasis-open.org/kmip/profiles/v1.4/cs01/kmip-profiles-v1.4-cs01.zip

Members of the OASIS Key Management Interoperability Protocol (KMIP) TC [1] approved these specifications by Special Majority Vote. The specifications had been released for public review as required by the TC Process [2]. The votes to approve as a Committee Specification passed [3], and the documents are now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:

[1] OASIS Key Management Interoperability Protocol (KMIP) TC
https://www.oasis-open.org/committees/kmip/

[2] Public reviews:
– KMIP Specification v1.4
30-day public review, 20 March 2017: https://lists.oasis-open.org/archives/members/201703/msg00007.html
– Comment resolution log:
http://docs.oasis-open.org/kmip/spec/v1.4/csprd01/kmip-spec-v1.4-csprd01-comment-resolution-log.pdf

– KMIP Profiles v1.4
30-day public review, 17 April 2017: https://lists.oasis-open.org/archives/members/201704/msg00003.html
– Comment resolution log:
http://docs.oasis-open.org/kmip/profiles/v1.4/csprd01/kmip-profiles-v1.4-csprd01-comment-resolution-log.txt

[3] Approval ballots:
https://www.oasis-open.org/committees/ballot.php?id=3086
https://www.oasis-open.org/committees/ballot.php?id=3087

We are pleased to announce that the OASIS Open Data Protocol (OData) TC [1] members have released four Committee Specification Drafts for review and comment. This group of documents describe various elements of the Open Data Protocol (OData).

OData enables the creation of REST-based data services, which allow resources, identified using Uniform Resource Locators (URLs) and defined in an Entity Data Model (EDM), to be published and edited by Web clients using simple HTTP messages.

The five publications released today are:

– OData Version v4.01 CSPRD02

– OData Common Schema Definition Language (CSDL) XML Representation v4.01 CSPRD02

– OData Common Schema Definition Language (CSDL) JSON Representation v4.01 CSPRD01

– OData JSON Format v4.01 CSPRD02

You can find information about the differences between Version 4.0 and 4.01 in the Committee Note “What’s New in OData Version 4.01” at http://docs.oasis-open.org/odata/new-in-odata/v4.01/cn01/new-in-odata-v4.01-cn01.html.

Public Review Period:

OASIS and the OData TC value your feedback. We solicit feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public review starts 05 July 2017 at 00:00 UTC and ends 03 August 2017 at 11:59 UTC.

Three of the specifications were previously submitted for public review [2]. For those, the 30-day review is limited in scope to changes made from the previous review. Changes are highlighted in redlined DIFF files included in the package [3]. Comments for these draft specifications are limited to the changes from the previous public review.

URLs

The documents and related files are available here:

– OData Version 4.01
Committee Specification Draft 02 / Public Review Draft 02
22 June 2017

— Part 1: Protocol
Editable source (Authoritative):
http://docs.oasis-open.org/odata/odata/v4.01/csprd02/part1-protocol/odata-v4.01-csprd02-part1-protocol.docx

HTML:
http://docs.oasis-open.org/odata/odata/v4.01/csprd02/part1-protocol/odata-v4.01-csprd02-part1-protocol.html

PDF:
http://docs.oasis-open.org/odata/odata/v4.01/csprd02/part1-protocol/odata-v4.01-csprd02-part1-protocol.pdf

— Part 2: URL Conventions
Editable source (Authoritative):
http://docs.oasis-open.org/odata/odata/v4.01/csprd02/part2-url-conventions/odata-v4.01-csprd02-part2-url-conventions.docx

HTML:
http://docs.oasis-open.org/odata/odata/v4.01/csprd02/part2-url-conventions/odata-v4.01-csprd02-part2-url-conventions.html

PDF:
http://docs.oasis-open.org/odata/odata/v4.01/csprd02/part2-url-conventions/odata-v4.01-csprd02-part2-url-conventions.pdf

— ABNF components:
http://docs.oasis-open.org/odata/odata/v4.01/csprd02/abnf/

– OData Common Schema Definition Language (CSDL) XML Representation Version 4.01
Committee Specification Draft 02 / Public Review Draft 02
08 June 2017

Editable source (Authoritative):
http://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/csprd02/odata-csdl-xml-v4.01-csprd02.docx

HTML:
http://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/csprd02/odata-csdl-xml-v4.01-csprd02.html

PDF:
http://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/csprd02/odata-csdl-xml-v4.01-csprd02.pdf

XML schemas:
http://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/csprd02/schemas/.

– OData Common Schema Definition Language (CSDL) JSON Representation Version 4.01
Committee Specification Draft 01 / Public Review Draft 01
08 June 2017

Editable source (Authoritative):
http://docs.oasis-open.org/odata/odata-csdl-json/v4.01/csprd01/odata-csdl-json-v4.01-csprd01.docx

HTML:
http://docs.oasis-open.org/odata/odata-csdl-json/v4.01/csprd01/odata-csdl-json-v4.01-csprd01.html

PDF:
http://docs.oasis-open.org/odata/odata-csdl-json/v4.01/csprd01/odata-csdl-json-v4.01-csprd01.pdf

JSON schemas:
http://docs.oasis-open.org/odata/odata-csdl-json/v4.01/csprd01/schemas/.

– OData JSON Format Version 4.01
Committee Specification Draft 02 / Public Review Draft 02
08 June 2017

Editable source (Authoritative):
http://docs.oasis-open.org/odata/odata-json-format/v4.01/csprd02/odata-json-format-v4.01-csprd02.docx

HTML:
http://docs.oasis-open.org/odata/odata-json-format/v4.01/csprd02/odata-json-format-v4.01-csprd02.html

PDF:
http://docs.oasis-open.org/odata/odata-json-format/v4.01/csprd02/odata-json-format-v4.01-csprd02.pdf

ZIP distribution files:

For your convenience, OASIS provides complete packages of the prose specifications and related files in ZIP distribution files. You can download the ZIP files at:

– OData Version 4.01: http://docs.oasis-open.org/odata/odata/v4.01/csprd02/odata-v4.01-csprd02.zip

– OData Common Schema Definition Language (CSDL) XML Representation Version 4.01: http://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/csprd02/odata-csdl-xml-v4.01-csprd02.zip

– OData Common Schema Definition Language (CSDL) JSON Representation Version 4.01: http://docs.oasis-open.org/odata/odata-csdl-json/v4.01/csprd01/odata-csdl-json-v4.01-csprd01.zip

– OData JSON Format Version 4.01: http://docs.oasis-open.org/odata/odata-json-format/v4.01/csprd02/odata-json-format-v4.01-csprd02.zip

Comments on these works may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used following the directions at:

http://www.oasis-open.org/committees/comments/form.php?wg_abbrev=odata

Feedback submitted by TC non-members for this work and for other work of this TC is publicly archived and can be viewed at:

http://lists.oasis-open.org/archives/odata-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with the public review of these works, we call your attention to the OASIS IPR Policy [4] applicable especially [5] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the XLIFF TC may be found on the TC’s public home page located at:

http://www.oasis-open.org/committees/odata/

========== Additional references:

[1] OASIS Open Data Protocol (OData) TC
http://www.oasis-open.org/committees/odata/

[2] Previous public reviews:

– OData Version 4.01
30-day public review, 19 January 2017:
https://lists.oasis-open.org/archives/members/201701/msg00003.html
– Comment resolution log:
https://lists.oasis-open.org/archives/odata-comment/201706/msg00000.html

– OData Common Schema Definition Language (CSDL) XML Representation Version 4.01
30-day public review, 19 January 2017:
https://lists.oasis-open.org/archives/members/201701/msg00003.html
– Comment resolution log:
http://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/csprd01/odata-csdl-xml-v4.01-csprd01-comment-resolution-log.txt

– OData JSON Format Version 4.01
30-day public review, 19 January 2017:
https://lists.oasis-open.org/archives/members/201701/msg00003.html
– Comment resolution log:
http://docs.oasis-open.org/odata/odata-json-format/v4.01/csprd01/odata-json-format-v4.01-csprd01-comment-resolution-log.txt

[3] Red-lined, change marked files:

– OData Version 4.01:

— Part 1: Protocol
http://docs.oasis-open.org/odata/odata/v4.01/csprd02/part1-protocol/odata-v4.01-csprd02-part1-protocol-DIFF.pdf

— Part 2: URL Conventions
http://docs.oasis-open.org/odata/odata/v4.01/csprd02/part2-url-conventions/odata-v4.01-csprd02-part2-url-conventions-DIFF.pdf

– OData Common Schema Definition Language (CSDL) XML Representation Version 4.01
http://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/csprd02/odata-csdl-xml-v4.01-csprd02-DIFF.pdf

– OData JSON Format Version 4.01
http://docs.oasis-open.org/odata/odata-json-format/v4.01/csprd02/odata-json-format-v4.01-csprd02-DIFF.pdf

[4] http://www.oasis-open.org/policies-guidelines/ipr

[4] http://www.oasis-open.org/committees/odata/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#RF-on-RAND-Mode
RF on RAND Mode

OASIS is pleased to announce the approval and publication of “What’s New in OData Version 4.01,” a Committee Note from the members of the OASIS Open Data Protocol (OData) TC [1].
“What’s New” describes the shape of, and motivation behind, the changes in OData Version 4.01 compared to its predecessor version 4.0, including:

· Extensions to the Query Language,
· Simplifications to the Syntax,
· Simplifications to Payloads, and
· Easier partial adoption of OData in existing REST APIs.

OData 4.01 is a highly compatible, incremental release and a compliant 4.01 OData Service fully supports OData 4.0 clients.

You can access the document at:

What’s New in OData Version 4.01
Committee Note 01
08 June 2017

Editable source:
http://docs.oasis-open.org/odata/new-in-odata/v4.01/cn01/new-in-odata-v4.01-cn01.docx

HTML:
http://docs.oasis-open.org/odata/new-in-odata/v4.01/cn01/new-in-odata-v4.01-cn01.html

PDF:
http://docs.oasis-open.org/odata/new-in-odata/v4.01/cn01/new-in-odata-v4.01-cn01.pdf

Distribution ZIP files

For your convenience, OASIS provides a complete package of the Committee Note that you can download here:

http://docs.oasis-open.org/odata/new-in-odata/v4.01/cn01/new-in-odata-v4.01-cn01.zip

Members of the OData TC approved this Committee Note by a Full Majority vote on 08 June 2017 as documented in the TC minues [2].

Our congratulations to all the members of the TC.

========== Additional references:

[1] OASIS Open Data Protocol (OData) TC
https://www.oasis-open.org/committees/odata/

[2] Approval
https://www.oasis-open.org/committees/download.php/60960/odata-meeting-177_on-20170608-minutes.html

OASIS is pleased to announce the publication of its newest OASIS Standard approved by the OASIS members on 24 May 2017:

Authentication Step-Up Protocol and Metadata Version 1.0
OASIS Standard
24 May 2017

Electronic Identity Credential Trust Elevation Methods are used to increase assurance in entity identification using authentication events and related entity information for the purpose of risk mitigation when making access control policy decisions. The Authentication Step-Up Protocol:

– Proposes simple Trust Elevation architectural patterns demonstrating the use of Trust Elevation in modern Access Control architectures.

– Describes a common metadata set, mechanisms and protocol elements for Trust Elevation information exchanges.

– Promotes the use of Trust Elevation elements to facilitate standardization among the many technologies and approaches currently in use for credential & authentication risk mitigation.

About the TC:

The OASIS Trust Elevation TC works to define a set of standardized protocols that service providers may use to elevate the trust in an electronic identity credential presented to them for Authentication. The Trust Elevation TC is intended to respond to suggestions from the public sector, including the U.S. National Strategy for Trusted Identities in Cyberspace (NSTIC). The Trust Elevation TC promotes interoperability among multiple identity providers–and among multiple identity federations and frameworks–by facilitating clear communication about common and comparable operations to present, evaluate and apply identity [data/assertions] to sets of declared authorization levels.

URIs:

The prose specifications and related files are available here:

Editable source (Authoritative):
http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/os/trust-el-protocol-v1.0-os.docx

HTML:
http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/os/trust-el-protocol-v1.0-os.html

PDF:
http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/os/trust-el-protocol-v1.0-os.pdf

Distribution ZIP files

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

http://docs.oasis-open.org/trust-el/trust-el-protocol/v1.0/os/trust-el-protocol-v1.0-os.zip

Our congratulations to the members of the Trust Elevation TC on achieving this milestone.

We are pleased to announce that XLIFF Version 2.1 from the OASIS XML Localisation Interchange File Format (XLIFF) TC is now available for public review and comment. This version incorporates changes in response to comments from the previous public reviews. You can find details on the changes in section C.2.1 [1].

The XML Localisation Interchange File Format (XLIFF) is a specification for the interchange of localizable software and document based objects and related metadata. The purpose of XLIFF’s extensible XML vocabularies is to store localisable data and carry it from one step of the localization process to the other, while allowing interoperability between and among tools.

The documents and related files are available here:

XLIFF Version 2.1
Committee Specification Draft 04 / Public Review Draft 04
30 May 2017

HTML (Authoritative):
http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd04/xliff-core-v2.1-csprd04.html

PDF:
http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd04/xliff-core-v2.1-csprd04.pdf

Editable source:
http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd04/xliff-core-v2.1-csprd04.xml

Declarative validation artifacts:
http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd04/schemas/

ZIP distribution files (complete):

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd04/xliff-core-v2.1-csprd04.zip

Public Review Period:

OASIS and the XLIFF TC value your feedback. We solicit feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of this technical work.

The public review starts 06 June 2017 at 00:00 UTC and ends 20 June 2017 at 11:59 UTC.

The specification was previously submitted for public review [2]. This 15-day review is limited in scope to changes made from the previous review. Changes are described in detail in Appendix C of the specification at http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd04/xliff-core-v2.1-csprd04.html#specChangeTracking and are also highlighted in the red-lined version of the specification at http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd04/xliff-core-v2.1-csprd04-DIFF.pdf.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be accessed by following the instructions at “Send A Comment” at http://www.oasis-open.org/committees/comments/form.php?wg_abbrev=xliff

Feedback submitted by TC non-members for this work and for other work of this TC is publicly archived and can be viewed at:

http://lists.oasis-open.org/archives/xliff-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review of ‘XLIFF Version 2.1’, we call your attention to the OASIS IPR Policy [3] applicable especially [4] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the XLIFF TC may be found on the TC’s public home page located at:

http://www.oasis-open.org/committees/xliff/

========== Additional references:

[1] Changes made in response to public reviews:
http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd04/xliff-core-v2.1-csprd04.html#csprd03

[2] Previous public reviews:

– 15-day public review, 18 April 2017: https://lists.oasis-open.org/archives/members/201704/msg00006.html
— Comment resolution log:
http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd03/xliff-core-v2.1-csprd03-comment-resolution-log.pdf

– 15-day public review, 10 February 2017:
https://lists.oasis-open.org/archives/xliff/201702/msg00102.html
— Comment resolution log:
http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd02/xliff-core-v2.1-csprd02-comment-resolution-log.pdf

– 30-day public review, 26 October 2016:
https://lists.oasis-open.org/archives/members/201610/msg00011.html
— Comment resolution log:
http://docs.oasis-open.org/xliff/xliff-core/v2.1/csprd01/xliff-core-v2.1-csprd01-comment-resolution-log.pdf

[3] http://www.oasis-open.org/policies-guidelines/ipr

[4] http://www.oasis-open.org/committees/xliff/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#RF-on-RAND-Mode
RF on RAND Mode

OASIS is delighted to announce the formation of a new initiative: the Cybersecurity Standards User Council.

The international Cybersecurity Standards User Council is being formed by Aetna, ANZ Bank, Bank of America, BMO, Boeing, Cisco, JPMorgan Chase, Kaiser Permanente, and U.S. Bank at OASIS. We invite you to review the charter below as well as the Council web site [a] and consider getting involved.

To join the Council:

(a) you must be an employee or designee of an OASIS member organization or an individual member of OASIS, and

(b) you must register for the Council using the “join group” link at [b].

Non-members who wish to participate in the Council are invited to contact us for information about joining OASIS [c].

Members and non-members are invited to attend the Cyber Standards Council pre-launch planning session on 20 June in New York [d].

Please feel free to forward this announcement to any other appropriate lists.

[a] https://cyber-standards-council.org/

[b] https://www.oasis-open.org/apps/org/workgroup/cyber-council/

[c] http://www.oasis-open.org/join/

[d] https://us17.dryfta.com/80-cybersecurity-council-meeting

———-


CALL FOR PARTICIPATION


— Charter —

(1)(a) Name:

OASIS Cybersecurity Standards User Council

(1)(b) Statement of Purpose:

The Cybersecurity Standards User Council provides a neutral forum in which users of cybersecurity products and services can influence and track standards without the requirement to engage in day-to-day specification development issues. Whereas users are initially defined as entities leveraging cybersecurity products and services for their own institutional purposes.

User Council members voice concerns, discuss best practices, and identify common technical requirements that can be shared with OASIS Technical Committees including (but not limited to) the Cyber Threat Intelligence (CTI) TC, the Common Security Advisory Framework (CSAF) TC, and the Open Command and Control (OpenC2) TC.

(1)(c) Scope:

The goals of the Cybersecurity Standards User Council are to:

· Enable non-vendor organizations to contribute to cybersecurity standards in ways meaningful to them, such as articulating business requirements, mobilizing support for vertical specializations, and promoting adoption of common best practices;

· Foster peer-based discussions where non-vendor organizations can exchange information on pain points and collaborate to address real-world problems;

· Provide OASIS cybersecurity TCs with a direct mechanism for obtaining user feedback on technical disputes;

· Increase adoption of cybersecurity standards (STIX, TAXII, CSAF, OpenC2, and other relevant standards as identified by the User Council members) and enable a robust ecosystem by engaging more end users in the process.

The User Council may develop Committee Notes and other informative materials, but will not develop any Standards Track Work product materials (such as Committee Specifications) to which the patent licensing or non-assertion provisions of the OASIS IPR Policy would apply.

(1)(d) Deliverables

The Cybersecurity Standards User Council will determine, as part of their activities, the best means for documenting and sharing user scenarios, best practices, technical requirements, etc. with other interested parties, then create and publish such materials as best meets the Council’s goals. The User Council may choose to conduct activities aimed at educating or soliciting feedback from non-members of OASIS.

(1)(e) IPR Mode

The User Council will operate under the terms of the Non-Assertion Mode as defined in the OASIS IPR Policy.

(1)(f) Audience

Work of the Cybersecurity Standards User Council is expected to be of interest to OASIS Technical Committees engaged in cybersecurity issues and governmental, institutional, and commercial parties outside OASIS with a stake in greater cybersecurity.

The Cybersecurity Standards User Council is open to all OASIS members but is designed specifically as a forum for representatives of non-vendor organizations from financial services, healthcare, manufacturing, retail, aerospace, government, and other industry sectors that use products or services which support cybersecurity standards.

(1)(g) Language

The Cybersecurity Standards User Council will conduct its work in English; however, it may also choose to conduct activities or produce deliverables in other languages.

(2)(a) Identification of Similar Work

The Cybersecurity Standards User Council will pursue liaison relationships with end user communities represented by organizations such as FIRST.org, National Council of ISACs, and other groups.

(2)(b) First Meeting

The first official meeting of the members of the Cybersecurity Standards User Council will be held by teleconference on 26 June 2017. A chair or two co-chairs will be elected at this time.

The User Council will hold an open forum for members and non-members on 20 June 2017 in New York City in conjunction with the Borderless Cyber conference. The purpose of this forum will be to build support for the Council and solicit feedback from the community on needs, priorities, and preferred methods of working. User Council members are strongly encouraged but not required to attend this forum. The event will be chaired by Alexander Foley of Bank of America.

(2)(c) Ongoing Meeting Schedule

The User Council will convene monthly conference calls at a time to be determined by the members. Optional face-to-face meetings and public forums may be held in conjunction with the Borderless Cyber conference and other appropriate events at locations throughout the world.

(2)(d) Proposers

Initial Proposers of the User Council are:

· Aetna: David Crawford, david.crawford@aetna.com
· ANZ Bank: Dean Thompson, dean.thompson@anz.com
· Atos: Joerg Eschweiler, joerg.eschweiler@atos.net
· Bank of America: Alexander Foley, alexander.foley@bankofamerica.com
· BMO Financial Group: Vicky Laurens, vicky.laurens@bmo.com
· The Boeing Company: Crystal Hayes, crystal.l.hayes@boeing.com
· Individual member: Stefan Hagen, stefan@hagen.link
· JPMorgan Chase: David Laurance, david.c.laurance@jpmorgan.com
· Kaiser Permanente: Mike Slavick, Michael.Slavick@kp.org
· Kingfisher Operations: Trey Darley, trey@kingfisherops.com
· National Security Agency: Joseph Brule, jmbrule@nsa.gov
· U.S. Bank: Bryan Hall, bryan.hall@usbank.com ; Melanie Merritt, melanie.merritt@usbank.com ; John Paramadilok, John.Paramadilok@usbank.com ; Theresa Pon, TheresaErin.Pon@usbank.com

Additional Proposers for the Cybersecurity Standards User Council are welcome; contact join@oasis-open.org for details.

The final list of Proposers will be published with the official Call for Participation; organizations may join the User Council as members or observers at any time after that announcement.

(2)(e) Primary Representatives’ Support

These organizations have confirmed their support for the Cybersecurity Standards User Council and their intention to be represented in the group: Aetna, ANZ Bank, Bank of America, BMO Financial Group, The Boeing Company, JPMorgan Chase, Kaiser Permanente, Kingfisher Operations, and the National Security Agency, and U.S. Bank.

(2)(f) Convener

Joerg Eschweiler, je@cybersecurityscout.eu

We are pleased to announce that eXtensible Access Control Markup Language (XACML) Version 3.0 Errata 01 from the OASIS eXtensible Access Control Markup Language (XACML) TC is now available for public review and comment.

This document lists Errata for the OASIS Standard eXtensible Access Control Markup Language (XACML) Version 3.0. A copy of the complete Standard with the errata applied, both red-lined and clean, is included. This is the errata’s second public review.

The documents and related files are available here:

eXtensible Access Control Markup Language (XACML) Version 3.0 Errata 01
Committee Specification Draft 02 / Public Review Draft 02
11 May 2017

Editable source (Authoritative):
http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/xacml-3.0-core-spec-errata01-csprd02.doc

HTML:
http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/xacml-3.0-core-spec-errata01-csprd02.html

PDF:
http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/xacml-3.0-core-spec-errata01-csprd02.pdf

eXtensible Access Control Markup Language (XACML) Version 3.0 Plus Errata 01
OASIS Standard incorporating Public Review Draft 02 of Errata 01
11 May 2017

Editable source (red-lined):
http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/xacml-3.0-core-spec-errata01-csprd02-redlined.doc

HTML:
http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/xacml-3.0-core-spec-errata01-csprd02-redlined.html

PDF:
http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/xacml-3.0-core-spec-errata01-csprd02-redlined.pdf

Editable source (clean):
http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/xacml-3.0-core-spec-errata01-csprd02-complete.doc

HTML:
http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/xacml-3.0-core-spec-errata01-csprd02-complete.html

PDF:
http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/xacml-3.0-core-spec-errata01-csprd02-complete.pdf

XML schema:
http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/schema/xacml-core-v3-schema-wd-17.xsd

ZIP distribution files (complete):

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

http://docs.oasis-open.org/xacml/3.0/errata01/csprd02/xacml-3.0-core-spec-errata01-csprd02.zip

Public Review Period:

OASIS and the XACML TC value your feedback. We solicit feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of this technical work.

The public review starts 02 June 2017 at 00:00 UTC and ends 16 June 2017 at 11:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be accessed by following the instructions found via the button labeled “Send A Comment” at the top of the TC public home page, or directly at:

http://www.oasis-open.org/committees/comments/form.php?wg_abbrev=xacml

Feedback submitted by TC non-members for this work and for other work of this TC is publicly archived and can be viewed at:

http://lists.oasis-open.org/archives/xacml-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review of ‘eXtensible Access Control Markup Language (XACML) Version 3.0 Errata 01’, we call your attention to the OASIS IPR Policy [2] applicable especially [3] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the XLIFF TC may be found on the TC’s public home page located at:

http://www.oasis-open.org/committees/xacml/

========== Additional references:

[1] Previous public reviews:

15-day public review, 23 February 2017:
https://lists.oasis-open.org/archives/members/201702/msg00001.html
– Comment resolution log:
http://docs.oasis-open.org/xacml/3.0/errata01/csprd01/xacml-3.0-core-spec-errata01-csprd01-comment-resolution-log.txt

[2] http://www.oasis-open.org/policies-guidelines/ipr

[4] http://www.oasis-open.org/committees/xacml/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#RF-on-Limited-Mode
RF on Limited Terms Mode

We are pleased to announce that SAML v2.0 Protocol Extension for Requesting Attributes per Request Version 1.0 is now available for public review and comment. This draft specification, related to Security Assertion Markup Language (SAML) v2.0, defines an extension to the core protocol that allows Service Providers to specify ad-hoc sets of attributes per request. This brings more flexibility than existing mechanisms, which are based on signaling pre-defined sets of requested attributes.

The OASIS Security Services (SAML) TC is responsible for the standard XML-based framework for creating and exchanging authentication and information. Interoperable exchange of security information between domains, including the ability to federate identities across domains, is crucial to developing solutions for business problems such as performing Web Single Sign-On, utilizing distributed authorization services, and securing e-business transactions.”

The documents and related files are available here:

SAML v2.0 Protocol Extension for Requesting Attributes per Request Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
09 May 2017

Editable source (Authoritative):
http://docs.oasis-open.org/security/saml-protoc-req-attr-req/v1.0/csprd01/saml-protoc-req-attr-req-v1.0-csprd01.odt

HTML:
http://docs.oasis-open.org/security/saml-protoc-req-attr-req/v1.0/csprd01/saml-protoc-req-attr-req-v1.0-csprd01.html

PDF:
http://docs.oasis-open.org/security/saml-protoc-req-attr-req/v1.0/csprd01/saml-protoc-req-attr-req-v1.0-csprd01.pdf

XML schema:
http://docs.oasis-open.org/security/saml-protoc-req-attr-req/v1.0/csprd01/schema/sstc-req-attr-ext.xsd

Public Review Period:

OASIS and the Security Services (SAML) TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public review starts 29 May 2017 at 00:00 UTC and ends 27 June 2017 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page, or directly at:

https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=security

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:

https://lists.oasis-open.org/archives/security-services-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the KMIP can be found at the TC’s public home page:

https://www.oasis-open.org/committees/security/

========== Additional references:

[1] http://www.oasis-open.org/who/intellectualproperty.php

[2] http://www.oasis-open.org/committees/security/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#RF-on-RAND-Mode
RF on RAND Mode