IRC log of ws-arch on 2002-06-12

Timestamps are in UTC.

11:38:48 [RRSAgent]
RRSAgent has joined #ws-arch
11:39:04 [Roger]
Roger has joined #ws-arch
11:39:10 [hugo]
hugo has changed the topic to: WSAWG face-to-face meeting
11:39:13 [Roger]
11:39:50 [Roger]
Heather - we are about to start up again.
11:48:31 [chris]
chris has joined #ws-arch
11:51:01 [mikem]
mikem has joined #ws-arch
11:51:53 [chris]
11:52:04 [Roger]
Roger has joined #ws-arch
11:52:18 [Roger]
Heather, are you there?
11:52:22 [mikem]
mikem has joined #ws-arch
11:53:24 [shishir]
shishir has joined #ws-arch
11:53:33 [Dave]
Dave has joined #ws-arch
11:53:35 [yinleng]
yinleng has joined #ws-arch
11:54:02 [Heather]
I'm here
11:54:05 [AllenBr]
AllenBr has joined #ws-arch
11:54:18 [AllenBr]
Review of this afternoon
11:54:18 [AllenBr]
1. work on agoo4 and all csfs
11:54:18 [AllenBr]
primary focus security and security
11:54:18 [AllenBr]
2 last week proposals
11:54:18 [AllenBr]
no pushback on list
11:54:25 [dbooth]
dbooth has joined #ws-arch
11:54:36 [AllenBr]
if time then review glossry
11:54:50 [AllenBr]
all above remarks from chris
11:55:34 [soliton]
soliton has joined #ws-arch
11:55:36 [AllenBr]
Chris: minutes of last telecon
11:56:12 [AllenBr]
Chris: Minutes approved given lack of objection
11:58:03 [chris]
11:58:18 [AllenBr]
Chris: Start with AG004
11:58:33 [AllenBr]
Chris: have already agreed on a log of this.
11:59:36 [AllenBr]
Joe: Can we go to AC006 -- remove text in parentheses
12:00:24 [chris]
resolved: remove parentheticals on AC006.3 and AC006.4
12:01:33 [AllenBr]
Chris: Joe to act as champion for ar006.1
12:02:07 [AllenBr]
Joe: this point is in the interest of completeness. Technology avaiable to address some aspects
12:02:48 [AllenBr]
Roger Cutler: Not clear what text means
12:03:57 [AllenBr]
chris: most believe this to be out of scope
12:04:34 [AllenBr]
DavidO: fair amount of time spent on this topic on email, little for us to actually do, therefore eliminate it.
12:06:28 [AllenBr]
???-1: says in scope change must to should
12:07:01 [AllenBr]
Chris: focus on shoulds
12:07:34 [AllenBr]
???-5: Again, what does this mean
12:07:55 [AllenBr]
Roger: just remove
12:08:10 [AllenBr]
Roger: get rid or make clear
12:09:00 [AllenBr]
Chris: straw poll majority against, is it lie down in the road
12:11:01 [Heather]
Get rid of it
12:11:23 [hugo]
[ more discussions about rewording ]
12:11:51 [AllenBr]
The security framewok should/must provide mechanisms to counter the threat of DOS attacks
12:12:15 [AllenBr]
15 agains, 3 for in straw poll above
12:15:33 [Heather]
DOS is out of our scope, if there is a security wg they could chose to take up the issue
12:15:45 [shishir]
shishir has joined #ws-arch
12:18:55 [Heather]
Allen? Are you still scribing?
12:20:41 [AllenBr]
AllenBr has joined #ws-arch
12:21:28 [dougb]
dougb has joined #ws-arch
12:21:33 [AllenBr]
Proposed AC006.1 The WS SHOULD consider the threat of Accessibility attacks ([D]DOS,DNS spoofing, etc.) in the security framework.
12:21:33 [chris]
resolved: AR006.1 The WG SHOULD consider the threat of Accessibility attacks ([D]DOS, DNS spoofing, etc.) in the security framework.
12:21:59 [AllenBr]
???-1 = Alex
12:22:57 [AllenBr]
ar006.2 change include to enable
12:23:48 [AllenBr]
Chris: objections to change include to enable
12:23:52 [AllenBr]
no objections
12:24:00 [chris]
resolved: 6.2.1-6.6 change "include" to "enable"
12:24:50 [AllenBr]
Chris: Security framewok must include Authentication for the identities of communicating parties
12:26:02 [AllenBr]
joe: difference between 6.2 and 6.5 authenticate data coming from you vs guaranteeing data from you hasn't been corrupted.
12:26:13 [dougb]
I suggest s/D-AR0062.2/D-AR006.2.2/
12:26:45 [mchampion]
mchampion has joined #ws-arch
12:27:58 [AllenBr]
Chris: distinguish between my sending the data and that the data is my data.
12:28:43 [AllenBr]
authorship distinct from sender
12:29:47 [AllenBr]
authentication of authorship the right term?
12:30:08 [dougb]
is this authentication persistent beyond the lifetime of the "pipe"?
12:30:52 [AllenBr]
Difference between securing by channel, or message or by role
12:31:34 [AllenBr]
The security framework must enable persistent authentication of authorship of data
12:32:28 [AllenBr]
???+6: distinguish once again between authentication of source and authentication of authorship
12:32:33 [Heather]
So its 'this is from Joes' vs 'I guarantee the stuff from Joe is intact'
12:33:07 [AllenBr]
12:33:29 [chris]
no, it means, this data was created by joe no matter what
12:35:34 [AllenBr]
Joe: SSL does guarantee authenticity of authorship
12:35:58 [AllenBr]
Agreed that enable does no mean enforce.
12:36:06 [Heather]
Isn't 'Here is a message from Joe' different from 'the message from Joe is origional'?
12:36:31 [chris]
resolved: AR006.2.2 The security framework MUST enable persistent and transient authentication of authorship of data.
12:36:40 [Heather]
12:36:51 [AllenBr]
AR006.2.2 The security framework MUS enable persistent and [Chris got this]
12:38:23 [AllenBr]
Daniel: remove parentheses around data
12:38:49 [AllenBr]
Chris: distinguish non-repudiation of origin from non-repudiation of receipt.
12:38:52 [Heather]
which one are we reviewing now?
12:39:01 [chris]
12:39:07 [chris]
12:39:41 [Heather]
I liked the wording we came up with in our emails
12:40:07 [AllenBr]
Is non-repudiation of origin the same as authentication of authorship
12:40:33 [AllenBr]
Joe: no.
12:41:12 [AllenBr]
Chris: Chris proposed removing NR/Joe said keep
12:41:24 [AllenBr]
Joe: no objection to new words
12:41:30 [Heather]
I thought non-repudiation (logging) occurred by both partners and that was termed as of 'sending' and 'receipt'
12:41:37 [AllenBr]
Roger: we all said great idea let's proceed
12:41:48 [AllenBr]
Chris: read new words
12:43:31 [AllenBr]
The security framework SHOULD enable non-repudiation of origin and redceipt between trnsacting parties
12:43:58 [AllenBr]
Joe: SHOULD instead of MUST because can't be guaranteed.
12:44:21 [Heather]
I can live with this
12:44:33 [AllenBr]
Azula: would like to see MUST.
12:45:35 [Heather]
I would object to MUST
12:45:51 [AllenBr]
Joe: observed how to guarantee legally
12:47:36 [AllenBr]
DavidO: what does this say about priorties (MUST v. SHOULD)
12:48:10 [AllenBr]
Chris: sort is phase1 v. phase2
12:48:12 [chris]
resolved: AR006.6 The security framework MUST enable non-repudiation of origin and receipt between transacting parties
12:48:48 [MChapman]
MChapman has joined #ws-arch
12:48:50 [chris]
heather, if you have any vehement objections to any resolutions, please note in IRC
12:48:50 [Heather]
I object still, it should be SHOULD.
12:49:05 [chris]
is this a lie down in road for you?
12:49:42 [Dave]
Dave has joined #ws-arch
12:49:45 [Heather]
I have been advised by our security Gurus that non-repudiation is easy to say and VERY hard to do, often verging on boiling the ocean if taken very seriously
12:50:09 [chris]
daveo had same issue, we put this in req'ts and when we scope proposed wg, it may or may not be in scope as we determine for prioritization (that was reference above in minutes to sort by phase 1 or phase 2)
12:50:15 [Dave]
I have strong sympathy with your position heather
12:50:17 [Heather]
I am concerned that we are signing up for MORE than is technically feasible with the current common state of art and business need
12:50:21 [chris]
does this change anything for you
12:50:23 [AllenBr]
Alex: what's difference between MUST and SHOULD for implementor. MUST increases barrier for entry
12:50:26 [Heather]
I agree to TRY VERY HARD
12:50:42 [Heather]
but I don't want to declare failure if its not possible to achieve
12:50:49 [Roger]
Heather - my take is that these are GOALS. If the final result doesn't make it on all of them, well that's the way it goes.
12:51:00 [chris]
i don't think this has to do with implementation, it has to do with whether the framework described enables an implementation...
12:51:35 [AllenBr]
Chris ar006.7
12:51:36 [Roger]
The way the discussion has been going here it seems like the "shoulds" are going to drop out pretty quickly. I myself would be EXTREMELY unhappy to see NR drop out entirely.
12:51:48 [AllenBr]
Alex: remove note under 6.6
12:51:53 [chris]
resolved: remove Note under ar006.6
12:51:54 [TomCarrol]
TomCarrol has joined #ws-arch
12:52:08 [Heather]
I agree that NR should not drop out...
12:52:12 [Roger]
I think the sense is that "TRY VERY HARD" is pretty much what we are saying.
12:52:22 [Heather]
but MUST implies that the problem MUST be solved
12:52:48 [Roger]
No, it implies that there MUST be an attempt. SOMETHING MUST be done. Just how successful that something is ... well ...
12:52:50 [Heather]
Certainly NR is a different degree from Authentication
12:53:10 [Heather]
Authen. MUST be enabled... and if its not, we've failed
12:53:13 [AllenBr]
Many participants consider 6.7 out of scope.
12:53:18 [Roger]
We are not disagreeing, nor are you disagreeing with anyone else in the room here.
12:53:20 [Heather]
if we can't enable NR, then I don't thing we've failed
12:53:40 [Roger]
Hey, I can deal with a certain amount of failure.
12:53:44 [Heather]
12:53:58 [Roger]
You have 30 goals, you're going to get some, sort of get others, and some, well ...
12:54:07 [Heather]
too bad we can't capture the strength of the 'MUST' somehow...
12:54:11 [Heather]
perhaps I split hairs
12:54:11 [dougb]
we're on 6.7 now, that's about key management
12:54:46 [Roger]
Not really -- I think just about everyone has the same worries about NR.
12:54:48 [Heather]
I will revisit w/ our sec people and send email if we feel strongly it should be revisited...
12:55:55 [Heather]
is it 'enable Key Management'?
12:55:57 [chris]
okay, thanks
12:55:58 [AllenBr]
DavidO: what's the nature of things falling through the cracks?
12:56:02 [chris]
12:56:20 [chris]
(enable), but we're considering dropping 6.7 altogether
12:56:29 [Heather]
I'm ok to drop
12:56:49 [AllenBr]
David O: ill advised to propose things that we're not actually going to do.
12:56:52 [Heather]
I'm confused on the falling thru cracks statement
12:58:04 [AllenBr]
Hugo: JoeR's comment was that he didn't know what KDC is.
12:58:18 [AllenBr]
Joe: KDC is something like Kerberos.
12:58:37 [AllenBr]
Roger: thinks we should drop, has nothing to do with web services
12:59:28 [AllenBr]
???-5: must our architecture include this
12:59:46 [AllenBr]
DavidO: if built into infrastructure you get it for free
13:00:21 [AllenBr]
Roger: WS independent of key stuff.
13:01:39 [Dave]
Heather, I was saying that if we don't include something in our works (ie arch document), that doesn't mean the world suddenly forgot about the problem. For example, if we don't say anything about DDOS, that doesn't mean that the world suddenly "forgot" about the problem. I'm trying to argue that we don't have to be the keeper of the litany of the world's ills.
13:02:20 [mchampion]
+1 to "not being keeper of world's ills"
13:02:23 [Heather]
I would agree with you
13:03:17 [AllenBr]
Joe: leave to implementors because everyone does key establishment
13:03:17 [Heather]
We must be carefull not to list so many goals that we force ourselves to boil the ocean
13:03:46 [AllenBr]
David O: should go because we're not going to deal with it in any WG we generate.
13:04:09 [mchampion]
An alternative would be to PRIORITIZE the order in which we will address the world's ills
13:04:41 [AllenBr]
Hugo: charter says we relationship with PKI people so we should consult with them before ditching requirement.
13:05:19 [Heather]
if there is a security wg, couldn't they resurrect this if they think it should be addressed?
13:06:35 [Dave]
Heather, I think we are going to have a comprehensive security framework document. Then we will have a smaller scope for v1 of security wg. I don't agree with comprehensive lists/mentioning of issues, but the WG seems to disagree with that pov.
13:06:53 [AllenBr]
Hugo: proposes adomption of Protocol editorial device indicating requirements on the to be deleted list.
13:07:14 [chris]
resolved:D-AR006.7 The security framework SHOULD enable key management and key distribution
13:07:15 [chris]
[EDNOTE: we are considering dropping this requirement, feedback ?]
13:07:32 [AllenBr]
Chris: go with new wording for discussion with security WG.
13:07:46 [Heather]
grudging ok
13:07:50 [chris]
resolved: wordsmith the ednote to explain why we might drop it and solicit feedback for those opposed to dropping it.
13:08:03 [Dave]
sorry, I should have said the charter for security wg will consist of comprehensive security framework + set of scoped items for v1 of security specification. But the framework and wg specification are separate items.
13:08:42 [AllenBr]
Roger: get rid of 6.8
13:08:55 [Heather]
Dave: is the wsawg doing the framework and then charter the wg?
13:08:59 [MChapman]
Dave, when I scope a project I list all the must haves. when I plan a project I proiritise the features. We are not prioritising yet (IMHO)
13:09:05 [Heather]
or are we chartering the wg to do the framework
13:09:25 [Dave]
Heather, I misspoke again. the wg will do the framework
13:09:47 [Heather]
13:09:57 [AllenBr]
Chris: this really under the rubric of security considerations.
13:10:12 [Heather]
is 6.8 gone?
13:10:20 [Heather]
(I'd support deletion)
13:10:51 [Dave]
almost gone..
13:11:09 [AllenBr]
13:11:16 [chris]
resolved: drop d-ar006.8
13:12:00 [AllenBr]
13:12:04 [chris]
resolved: drop d-ar006.9
13:15:54 [Heather]
not meaning to regress... but has D-AR006.11 been discussed yet?
13:16:12 [Dave]
not yet, we're noodling on 6.10
13:16:32 [dougb]
getting at the specific meaning of this (new language, possibly not tied to WSDL)
13:16:57 [Heather]
It should be possible to augment WSDL with security policies
13:17:10 [Heather]
Is there a reason we need a 'new' language?
13:17:15 [AllenBr]
break 6.10 into security policy description and binding of such description to endpoints
13:17:46 [Dave]
+1 to allen's suggestion.
13:18:08 [Heather]
binding to endpoints would be part of wsdl i assume
13:18:19 [Heather]
and the sec policy description my be a new document type?
13:18:43 [dougb]
I think that's the general consensus, though said consensus may not be complete.
13:18:50 [Dave]
I would assume that the security wg would do whatever "it" is.
13:19:35 [Heather]
I agree with the POSSIBILITY that security policy may be expressed independently of WSDL... but I'm not convinced
13:19:59 [Heather]
Can we allow for the freedom without requiring the distinction?
13:22:34 [Dave]
Heather, I tend to disagree with you on separation from wsdl. <xhtml> is a very fine document format, imo.
13:23:34 [chris]
resolved: ar006.10.1 WS security framework MUST provide a means of expressing security policy.
13:23:42 [Heather]
Dave, to clarify, you think that security policy requires a new language?
13:23:51 [chris]
resolved: ar006.10.2 WS security framework MUST provide a means to access a web service's security policy
13:24:03 [chris]
resolved: replaces ar006.10
13:24:14 [Roger]
Roger has joined #ws-arch
13:24:37 [Heather]
does 10.2 mean a means to bind the policy to an implementation (endpoint)
13:25:57 [dougb]
I think so but we're moving along to 6.11 - Joe may be about to be voted down...
13:26:30 [Heather]
IBM thinks 6.11 is Out of Scope
13:26:42 [Dave]
I think so, in that I assume security wg may provide how to annotate wsdl or namespace name doc or uddi or .... with security policies
13:26:48 [chris]
resolved: d-ar006.11 is dropped
13:27:33 [dougb]
... 6.12, four arguments at once
13:27:45 [AllenBr]
Martin: common syntax for policy related assertions--a general language of oughts.
13:27:54 [AllenBr]
add autiting to the glossary
13:28:07 [chris]
resolved: add "auditing" to glossary so that people understand what they are agreeing to
13:28:09 [Heather]
I don't see a 6.12...
13:28:20 [chris]
resolved: add ednote to D-AR006.12 that glossary definition pending
13:28:38 [dougb]
Heather, more recent draft
13:30:45 [Heather]
auditing of what?
13:31:02 [AllenBr]
Many questions about what 6.13 means
13:31:24 [AllenBr]
David O: drop since management is covered elsehere.
13:31:28 [dougb]
Heather, one hopes context will be part of auditing def'n
13:31:37 [chris]
resolved: ask darran to simplify and explain by next con-call
13:31:48 [Roger]
Roger has joined #ws-arch
13:31:53 [chris]
s/ resolved: ask darran to simplify and explain by next con-call/ resolved: ask darran to simplify and explain by next con-call d-ar006.13
13:32:03 [dougb]
also ask darran to explain need for this seperate from 18?
13:32:13 [Heather]
I'm not sure security management is part of general management
13:32:20 [Heather]
and probably should stay with security
13:32:30 [Heather]
and i agree it needs more discussion
13:32:44 [Dave]
hmm, a consistent meme to David O suggestions. Perhaps I could come up with a shorthand ;-)
13:33:30 [dougb]
Heather, we're off for a 20m break
13:33:42 [Heather]
whew! i NEED one too.
13:34:01 [Heather]
thanks for trying to keep me involved guys, I really appreciate it
13:50:32 [chris]
glad to have you lurking... too bad the telcon didn't work out
13:51:18 [chris]
I see mike is also lurking?
13:51:56 [mchampion]
Yup, thanks for putting so much into IRC!
13:57:30 [Roger]
Roger has joined #ws-arch
13:57:31 [chris]
okay, we're starting back up
13:57:39 [Heather]
13:57:41 [mikem]
mikem has joined #ws-arch
13:59:30 [AllenBr]
CHris AC20 proposal at teleconference two weeks ago with wholesale replacement.
13:59:37 [dougb]
here we are considering recent proposal for D-AC020...
13:59:42 [AllenBr]
Chris: Can we adopt as is?
14:00:43 [AllenBr]
Roger: privacy concerns often irrelevant, the verbs are the problem
14:02:04 [Heather]
we aren't really enabling protection are we?
14:02:23 [Heather]
aren't we really enabling the expression and access to privacy policy?
14:02:41 [chris]
14:03:03 [Heather]
and 20.1A should be 'SHOULD be able to make'
14:04:37 [mikem]
s/SHOULD/MUST enable/ is being suggested as a pattern to continue following
14:05:57 [Heather]
20.3A suggested wording change: 'must enable access to a Web Service's advertised P3P policy statement'
14:06:48 [AllenBr]
Daniel: Want privacy policies to be expressed in p3p if they exist.
14:07:40 [Heather]
I concur with Daniel on the 'if they exist' part
14:08:18 [AllenBr]
Daniel: reason for wording about domains is to assure that services not involving people actually exercised privacy policies.
14:10:26 [AllenBr]
RC020x should be AR020x! This is an action item.
14:10:27 [shishir]
Does it make sense to extend the notion of privacy policy to 'identity propagation', across multiple domains ...
14:10:44 [Heather]
Somehow I'd like to express that privacy policy support is not required to be compliant with our architecture... but if they chose to support it we should define how for them
14:11:38 [dougb]
Discussion about whether "If advertised privacy policy" phrase is necessary.
14:12:22 [dougb]
Proposal on table for 20.2 Web Service privacy policies MUST be expressed in P3P.
14:13:12 [Heather]
why remove advertised?
14:13:30 [Heather]
the only ones we care about are the advertised ones
14:15:33 [dougb]
latest from group: Advertised Web Service privacy policies MUST be expressed in P3P??
14:15:42 [Heather]
I like that
14:18:18 [dougb]
Passed, on to 20.3
14:20:40 [Heather]
I suggested adding 'advertised' in front of P3P
14:21:38 [AllenBr]
Hugo: Looking for flights from Paris to SJ. Web service has privacy policy. Give service email address. Service contacts other serivces using email address.
14:21:53 [AllenBr]
Other services SPAM using email address.
14:22:50 [chris]
resolved: AC020.1 The Web Services Architecture MUST enable privacy policy statements to be expressed about Web Services.
14:23:04 [chris]
resolved: AC020.2 Advertised Web Service privacy policies MUST be expressed in P3P.
14:23:19 [chris]
resolved: AC020.3 The WSA MUST enable a consumer to access a Web Service's advertised privacy policy statement.
14:24:56 [Heather]
14:25:45 [Roger]
Roger has joined #ws-arch
14:26:24 [AllenBr]
Daniel: why shoul instead of Must. David O: because not testable.
14:27:44 [Heather]
Architecture must enable seems ok... doesn't mean anybody MUST use it...
14:27:56 [chris]
14:28:53 [Heather]
are we arguing on 20.4 ?
14:29:13 [MChapman]
discussing not arguing
14:29:15 [MChapman]
14:29:25 [Heather]
14:29:31 [chris]
yes, do you think it out of scope?
14:29:55 [Heather]
We need to say that if privacy is declared to be supported then the access cannot exceed policies
14:30:07 [Heather]
else we can't enforce this w/ architecture
14:30:30 [MChapman]
how can you test/detect that yiou have exceeded? thats what we are debating
14:30:30 [Heather]
esp if everyone expressed policies, but the infrastructure they are on don't enforce them
14:31:05 [Heather]
oooh, well, thats a toughie
14:31:23 [AllenBr]
Roger: Hugo's proposal is about propagating p3p info from one domain to another.
14:31:26 [Heather]
is there any guidance from the p3p community on that
14:31:33 [Dave]
oh no, we're arguing ;-)
14:31:43 [MChapman]
we are now
14:32:13 [AllenBr]
Daniel: privacy policy first presented to the user will not change during the transaction.
14:32:40 [jdm]
jdm has joined #ws-arch
14:33:18 [Heather]
isn't the issue private data use instead of private data acquisition?
14:33:57 [hugo]
I'd say that acquisition is also use of it
14:34:15 [chris]
proposal: D-AC020.4 WSA MUST enable delegation and propagation of privacy policy
14:34:59 [mchampion]
Sorry if the discussion has moved on ... but all the WSA can do is define a "box" for privacy policy, determine if an existing spec defines it, and say "please respect it."
14:35:03 [dougb]
Heather, please note that we've deemed 20.4 out of scope and the above is a replacement, hitting on a slightly different aspect.
14:35:50 [Heather]
i'm not sure how we even enable delegation and propogation!
14:36:08 [Heather]
i concur the old 20.4 is out of scope
14:36:09 [Roger]
I think we're leaving that for a WG of the future.
14:36:13 [Heather]
14:36:14 [Dave]
Heather, I'm with you on this one (again)
14:37:42 [Heather]
just can't resist last 2 cents onthis... we can enable expression and access to policies from client and service. Thats it
14:37:46 [chris]
resolved: d-ac020.4 out of scope
14:37:52 [Heather]
14:38:05 [chris]
resolved: add D-AC020.5 WSA MUST enable delegation and propagation of privacy policy as draft
14:38:23 [Heather]
'as draft'????? whats that mean?
14:38:31 [Heather]
never mind...
14:39:16 [hugo]
that means that privacy experts will review it
14:39:17 [AllenBr]
Chris: distinguish policy enforcement from policy propagation
14:39:27 [hugo]
it is different from D-AC020.4
14:39:33 [AllenBr]
Chris: Move to AR004
14:39:33 [MChapman]
draft here mening we havent agreed to it yet but also havent agreed to drop it
14:39:39 [Heather]
14:39:56 [AllenBr]
That which was proposed didn't get into draft.
14:39:58 [Heather]
i can live with the fact that we need to talk about it more and its a separate topic
14:40:03 [hugo]
chris, can you drop the URL into IRC?
14:40:32 [Heather]
so there's no 20.5?
14:41:13 [hugo]
there is no 20.4
14:41:22 [AllenBr]
confusion of programming model/platform independence/device independence
14:41:51 [hugo]
14:43:29 [AllenBr]
Mike: generally wants to unify the notions of "independence"
14:47:55 [AllenBr]
Daniel: Three components obliged by charter, but not normative [in terms of the spec]
14:48:14 [AllenBr]
Chris; proposes to defer
14:49:28 [AllenBr]
004 tabled for now
14:49:51 [AllenBr]
Chris: exmine proposal or 10.1
14:49:59 [chris]
14:50:15 [AllenBr]
Mike Champion, we are now doing 10.1!!
14:51:01 [mchampion]
14:51:27 [Heather]
14:51:54 [AllenBr]
Dave O: What kind of document can be gotten my dereferencing a namespace URI.
14:53:31 [Heather]
wasn't there an objection that RDF was not a syntactic schema language
14:53:40 [mchampion]
My position is that this wording should be rich enough to include XSD, RDF schema, some future ISO schema, etc.
14:54:00 [chris]
yes, I've expressed your concerns here
14:54:24 [soliton]
soliton has joined #ws-arch
14:55:31 [Heather]
but who does the normative definition in the future stuff? us?
14:55:37 [dougb]
Dave O expressing an attempt to exclude HTML from this CSF, others worried "syntactic" also excludes RDF schema.
14:55:53 [Heather]
you're not arguing are you?
14:55:56 [Heather]
14:57:02 [Heather]
Can we declare XML Schema today and other representations may be normatively defined in the future?
14:57:11 [dougb]
Dave O: Thou shalt use XML schema when expressing syntax of messages for interaction with a web service (today)?
14:57:54 [dougb]
Hugo: RDF schema can solve all of the problems of the world.
14:58:52 [Heather]
I don't think DavidO's suggestion is so bad
14:59:16 [hugo]
dougb, I didn't say this :)
14:59:57 [dougb]
No, others still requested that it be minuted :-)
15:00:34 [hugo]
I said: if I had a technology solving all of the problems of the world and it were expressed with an RDF Schema and couldn't be expressed as an XML Schema, then we couldn't use it with this security
15:04:19 [mchampion]
Why do we need AC010.1 at all? The real requirement is captured by AC010, no?
15:04:40 [soliton]
architectual artifacts may be more easily expressed in UML.
15:05:41 [chris]
resolved: AC021
15:05:42 [chris]
conforms to the internationalized character model defined in
15:05:42 [chris]
"Character Model for the World Wide Web
15:05:48 [chris]
15:06:09 [chris]
we've tabled ac010.1 for now...
15:06:32 [chris]
ac021 s/h/b ac022
15:08:57 [dougb]
... suggestion to forward "easy kill" suggestions to Chris (via email) for consideration before third cup of coffee tomorrow.
15:09:34 [dougb]
Chris: it's after 17:00, we're done.
15:09:39 [yinleng]
yinleng has left #ws-arch
15:10:18 [Heather]
when do you start in the morning?
15:11:20 [dougb]
9:00 our time
15:11:41 [Heather]
ok... see you at 3am.... yawn
15:11:54 [Heather]
good thing theres no video conferencing :-)
15:12:06 [soliton]
Heather, you are amazing.
15:12:20 [soliton]
I gave up after two days last time
15:12:34 [Heather]
we'll see how I do tomorrow :-)
15:12:37 [soliton]
it was really pain to get up at 2 am in morning.
15:12:52 [Heather]
I appreciate everyone trying to keep me up to date so I can participate
15:13:36 [soliton]
should we have a relibility meeting?
15:13:41 [AllenBr]
CHris: separate into to groups tomorrow morning to kill of easy outstanding items, while in parallel working on the scoping of the security WG.
15:14:45 [Heather]
solition: we can... when?
15:15:13 [hugo]
IRC log:
15:15:16 [soliton]
don't know yet, who else from the group are here?
15:15:35 [hugo]
15:15:39 [chris]
thanks guys for sticking it out on IRC!
15:22:17 [Heather]
Soliton... is Zula there?
15:22:23 [Heather]
and igor?
15:23:35 [soliton]
did not see igor
15:23:41 [soliton]
but zula seems to be here
15:25:15 [soliton]
hi, Heather,
15:25:27 [soliton]
let's try tomorrow, after 5:00 (here time)
15:25:39 [Heather]
k... ttyl then
15:25:53 [Heather]
have a fun dinner! I am so envious of the great french dining!
15:25:53 [soliton]
ok, have a good sleep
15:26:03 [Heather]
a nap is definitely in order!
15:26:05 [soliton]
they are really really good
15:26:14 [soliton]
you really should be here