Agenda of UDDI Spec TC Telecon
Total Page:16
File Type:pdf, Size:1020Kb
Minutes of UDDI Spec TC Telecon
Date: 20050503
Chairs: Luc Clément, Systinet, [email protected] (apologies) Tony Rogers, Computer Associates, [email protected]
Logistics
TC Telecon Call hosted by Tony Rogers, Computer Associates
Dial in International (toll): +61 2 8524 6600 Australia: 1800 766 715 China: 10 800 140 0421 France: 0800 906 251 Greece: 0080 0161 2203 1354 Hong Kong: 800 964 179 Indonesia: 00 1803 06130282 Japan: 00531 250 018 New Zealand: 0800 445 473 Singapore : 0800 616 3024 South Africa: 0800 998 252 South Korea: 007 986 136 0026 Switzerland: 0800 562 761 Taiwan: 00801 615 111 Thailand: 00 1800 61350317 United Kingdom: 0800 169 8423 United States: 1 866 756 8452
Participant Passcode: 782798
Time UTC: Tue-19:30, Seattle: Tue-12:30, New York: Tue-15:30, London: Tue-20:30, Frankfurt: Tue- 21:30, Moscow: Tue-23:30, Melbourne: Wed-05:30
Agenda
1 Attendance...... 2 2 Additions to Agenda...... 2 3 Approval of Previous Minutes...... 2 4 Administration...... 2 4.1 Next Call...... 2 5 Old Business...... 2 5.1 Formation of a “UDDI Adoption TC”...... 2 5.2 Technical Notes...... 2 5.2.1 “Secure Channel for Trustworthiness” Technical Note...... 2 5.2.2 “Understanding Key Partitions” Technical Note...... 3 5.2.3 “HTTP Basic and Digest Authentication” Technical Note...... 3 5.2.4 “WS-Security Modeling” Technical Note...... 3 5.3 Schema Centric Canonicalization Spec Errata...... 3 5.4 Property Support in UDDI...... 3 6 Additions to Agenda...... 3 7 Adjournment...... 4 1 Attendance
Attending: Tony Rogers, Dave Prout, Zhe Wu, Pete Wenzel, Rob Kochman, Claus von Reigen Apologies: Luc Clement, John Colgrave.
2 Additions to Agenda
There was going to be an addition to the agenda concerning the location of the WSDL and XML schema files for the official versions – the current locations are not consistent. Unfortunately, neither Luc Clement nor John Colgrave could make it on the call, so the item must be held over until the next call, when it is hoped both can be on.
3 Approval of Previous Minutes
Motion: Motion to approve the minutes of the last meeting. The minutes can be found at: http://www.oasis-open.org/apps/org/workgroup/uddi- spec/download.php/12218/TC_Minutes-v1-20050412.doc
Minutes: Approved without dissent.
4 Administration
4.1 Next Call
Next call is scheduled for 24 May 2005. We need a host.
Minutes: Rob has volunteered to host this call. He has already provided access details:
Toll-Free (US & Canada): 866-500-6738 Toll: +1-203-480-8000 Participant Passcode: 325260 Not to be outdone by the list above, Rob has provided 42 other numbers for local access from around the world. They won’t be included here, but can be included in the agenda when it is distributed.
5 Old Business
5.1 Formation of a “UDDI Adoption TC”
ACTION: Luc to respond to the SC to get more detail on the deliverables they expect, and some structure to the plan.
Minutes: Deferred to next meeting, when Luc will be able to report. Note: Dave Prout cannot work on this committee.
5.2 Technical Notes
5.2.1 “Secure Channel for Trustworthiness” Technical Note
The completed TN has been posted. Formal review started 29 Mar 05 per http://lists.oasis- open.org/archives/uddi-spec/200503/msg00028.html. Per last telecom: Status: In the midst of 30-day formal review Next steps: Ready for TC vote; vote to be taken at 3 May telecon Target date: vote 3 May during telecom
ACTION: TC Members to review http://lists.oasis-open.org/archives/uddi- spec/200503/msg00028.html and be ready to vote at the 3 May telecon to adopt the “Secure Channel for Trustworthiness” TN as a TC TN
Minutes Claus raised two questions in e-mail: How does the client determine that the server does validation? How does the client establish a secure channel?
The UDDI registry owner must offer a binding template under the Node Business Entity that offers an SSL connection.
The UDDI registry will need to make available policy information to specify that it does server-side validation of digital signatures.
Claus asked what the server should do if the signature fails validation – Tony suggested that the signed entry be suppressed, but Claus pointed out that this would be a deviation from normal behaviour. Unfortunately, we have no way, at the moment, to indicate in a response that the signature has failed validation.
Perhaps the TN should add a new find qualifier (as a canonical tModel) to specify if the server should omit entries whose signatures failed validation – one find qualifier to omit entries with failed signatures, one to include them (although there is then the question of whether there is any point to checking them, given that we cannot report the fact).
Dave asked if the TN should add another new find qualifier to specify that the client does not want the server to do validation. If the server were suppressing entries due to signature failures, this would allow the client to override that behaviour – perhaps this find qualifier would suffice?
Given how important these questions are, and the impact they could have on the TN, we will not vote on the TN today.
Discussion on the mailing list, please – we need to decide what we will do / what we will advocate.
5.2.2 “Understanding Key Partitions” Technical Note
Document posted at http://www.oasis-open.org/apps/org/workgroup/uddi- spec/download.php/12051/uddi-spec-tc-tn-understandingkeypartitions-20050330.doc.
ACTION: Editors (Max Voskob, Dave Prout, Jin Tong) to review and provide feedback to Tony
Minutes Feedback received from Dave. Waiting on Max and Jin.
5.2.3 “HTTP Basic and Digest Authentication” Technical Note
Document posted at: http://www.oasis-open.org/apps/org/workgroup/uddi- spec/download.php/11960/uddi-spec-tc-tn-httpauth-20050321.doc
ACTION: Andrew to change the tModel reference to HTTP Transport tModel, and re-submit. He will notify Luc and Tony when resubmitting, so they can begin the edit pass
Minutes Andrew has not completed his action – to be reminded. 5.2.4 “WS-Security Modeling” Technical Note
Document posted at: http://www.oasis-open.org/apps/org/workgroup/uddi- spec/download.php/12217/uddi-spec-tc-tn-wssecurity-20040328.doc
ACTION: TC members to review – for discussion at 3 May telecon
Minutes Dave opined out that this TN is a good start but needs clarification: for example, when a service specifies encryption, does this mean the request and response are both encrypted? Or just the response? If the request is to be encrypted, where does the requestor get the public key / certificate? This TN is a good start, but there is still work to be done. Dave questioned the prevalence of examples in V2 form (see Appendix B Examples of Use sections) – it might be wise to have examples in both V3 and V2 (at least). Editors: Dave Prout, Claus von Reigen, Pete Wenzel, Tony Rogers
5.3 Schema Centric Canonicalization Spec Errata
Need to discuss status of AR632 (http://www.oasis-open.org/apps/org/workgroup/uddi- spec/members/action_item.php?action_item_id=632) relating to "CR062: Errata for SCC14N: Prepare an errata appendix that lists the changes for ease of understanding."
Link to CR062: http://www.oasis-open.org/apps/org/workgroup/uddi- spec/download.php/7470/uddi-spec-tc-cr062-element_only_whitespace_and_xmlnsXML- 20040601.doc
ACTION: Andrew to submit errata
Minutes Andrew has not submitted the errata – Tony to remind him.
5.4 Property Support in UDDI
Document posted at: http://www.oasis-open.org/apps/org/workgroup/uddi- spec/download.php/11602/uddi-spec-tc-prop030-property-and-significant-keyname-20050225.doc
ACTION: Luc to provide clarifications per Jin’s request, and to turn his document into a TN draft. Minutes Deferred until Luc has submitted his draft. Luc to present the topic to the TC.
6 Additions to Agenda
Minutes None.
7 Adjournment
Minutes Meeting adjourned 6:54am Australian Eastern Standard Time.