WSAWG Minutes 09-May-2002

Attendance , Action Items
Scribe: Shishir Garg, France Telcom

1. Roll call, scribes for minutes/action items (15.30 + 5) 

2. Agenda review, and AOB (15.35 + 5) 

3. Approval of 2 May telcon minutes [2] (15.40 + 5) 

4. Review action items [3] (15.45 + 5) 

Action 1: Completed

Action 2: Chris: Notofication of Desc WG: Done

Action 3: David Booth: Post f2f registration page: Pending. Keep eye on mailing list.

Action 4: Mike and Daniel: Generate a report on WSD Requirement: Pending

5. Status (15.50 + 10)

Chris: registration page still needs to be posted
Daniel: Moving ahead, correcting issues, collecting ballots, no plan to publish until the balloting cycle ends.
Dave Hollander: Use Cases: Complete, except for teleconf confirmation for later today, 
Hugo: Too little time, the message was only for this week, too little time to respond.
Katia: Not recieved message.
Hugo: Was sent only to Mike and Chris.
Chris: USTF may have a 1/2 hour teleconf, if everyone is up to it.
Most can't make it, so it will be rescheduled.
Hugo: Not sure what to do.
Chris: Try to get a weekly slot for this group.
Use case team to start weekly meetings next week.
DaveH: None reported

 6. Review of Requirements WD balloting results (16.00 + 15)

Proposals stemming from ballots: Security and interop ballot has closed. Both got more than a super majority of yes votes.

Chris: Any concerns :

Daniel: Not voting as does not get the system. Surprised with the return on the ballot, nit figured that it was over already. Surprised to the number of replies with the notion of conformance. Not sure where this is going?

Chris: Purpose of the poll was to determine, based on current WD of Req. doc, whether or not we're comfortable with the text, or generally agree but require some word tweaks, or whether the item needs some serious modifications.

Daniel: Agrees to that. What are the results.

Chris: That's exactly what I'm doing. The balloting had 3 working days for closing. For the results, anything that was greater than a certain level are ready for removal of draft status. The question is that based on this result, and also since there were some disagreements, it is useful to ask the question about

Aisha : Found balloting extremely overwhelming, plus had e-mail problems. Not in the position to accept or reject what you're saying, as not seen it yet. Also, when you say we can live with, what does it mean?

Chris: What live with means, you might have worded it differently, but are ready to move on to areas that need more discussion. Trying to find where the consesus is in the WG. If its more than 66% as is, plus a lot more said maybe. So even if you've not voted yet, it's not important yet.

Dave Hollander: It's not making a decision, helping Chris make a decision.

Mark B: OK with the process, going a bit fast for me since he's travelling. SO he missed the deadline. Couple of days extra would be good.

DaveO: would like to second.

Hugo: W3C also having e-mail trouble, you might not be getting any e-mail from them.


Chris: Willing to do an extension, but wants to avoid dragging the process on, need to get closure, want to focus on other things like use cases etc. Want to use the requirements doc as a guide to the future, to get some normalization to our views.

Mark : It's a good indication of what everyone wants

Chris: Willing to postpone this for review.

Dave H: Got lot of e-mail from Chris about some discussion points, lost the context for those, need to narrow the ballot down.

Chris: The process needs you to put your concerns into the e-mail in case there is some disagreement. Chris sent e-mails on topics to stimulate some discussions on the topic, to get additional feedback.

DaveH: Understands the process better now.

Chris: It's already going to take 2-3 weeks to complete this process, extending it further may impede our progress before the next f2f

DaveO: Maybe the issue is that there are too many line items to vote on, we overdid ourselves in coming up with a number of these.

Chris: This was supposed to be in line with time-to-market issues, etc.

DaveO: Not raising a concern about the process, but raises a lack of pruning of the content, leaving the group with a lot of stuff to do.

Chris: This is

Mark: What if we just validate that at the rather than a requirement level. A CSF will apply to all the requirements under that.

Chris: clarify?

Mark: If we ballot at the CSF level, we don't ahve to look at each requirement, but look at them collectively

Doug: Understands, but interprets the suggestion to cut off the tree at a depth of 3 rather than 5

Mark: DOes not matter if depth of 5 is important or not,

Chris: For the voting, does this mean that we look at

Daniel: Maybe once we got through the CSFs, and anything that's remaining can be tackled later.

Chris: There's no later on our agenda.

Mike: Seems like we're pushing off the work then.



Mike: Agrees with the pushing off of work.

Chris: Hotspots can be anywhere... heartburn seems to exist regardless

Daniel: How long for the schedule for requirements gathering?

Chris: Should come from the use case process too. The requirement gathering should be ongoing, this process should help us either agree or disagree with the entries we already have. What to get the existing doc to supplement future work going forward.

Daniel: Sounds like you were pushing the gathering process to some end goal

Chris: Want to put the phase that we're in past us. Want to clean the existing doc up, it's not acceptable to many, but this process has not stimulated the required discussions that are needed to clean things up. If time is an issue, we can change it to 5 days, and will leave us with time for nothing else before the next f2f. Need to have cross referencing with use cases, CSFs, what is the scoping for the requirements that we need to have before we can end up proposing things like a WS Security WG?

John: Maybe more complex, but to have these activities to go in parallel. Let

Chris: We've tried that with Security as the main concern. We all know we need a Security WG, what is the documentation that we need to substantiate this?

John: Want to remove Draft status on all or some?

Chris: Some, not all. Where there is a lot of disagreement, those need to be hamemered out, and will go on for a while. Want to get some out

Mike Mahon: Agrees that there are so many of these, it's not

Chris: What's the recommendation?

Mike Mahon: Want Out of Scope as a new option for the balloting.

Chris: Yes, live with, discussion, out of scope as a fourth option.

Mike Mahon: That would be good.

Chris: Ok, this can be done, I don't know how else this should be done.

Daniel: Likes the idea of concurrency.

Chris: 6 needs to be reopened. But want to avoid re-reopening over and over again.

Daniel: Once the draft status is completed, we need to have concurrent discussions on closed ballots.

Chris: Absolutely. this is not that hard, and needs to take up less time than it seems to be taking right now.

Suresh: Agrees with a lot of the comments, takes some efforts to vote, but also helps in looking at issues more closely. Would like some areas to be clustered more closely, propose to put Security behind us before moving on to something else.

Joe: Not against reopening any ballots, else there'll be no end to it.

Heather: Thinks its an unfortunate timing, this will probably be the one time when the ballot is reopened.

Joe: Remember Florida?

Daniel: Supreme court probably needs to be brought in ;-).

Chris: Opening up the Security ballot for voting until EOD Monday night. I mean it this time. It's taking me 4 hours a day, so it's not trivial. Vote when you can, but EOD Monday is final for Security

Action: Chris to send out a new scope for voting adding the new option in.

Chris: We need to focus our attention to areas that we differ our views on most.

Suresh: Will you be summarizing the final wording?

Chris: If the wording has to change, I want the champions (or others) to propose alternate draft wordings, and we vote on that.

Suresh: I see things happening, but I don't see an established pattern.

Chris: The discussion will go on forever. We will close those things one at a time, but at this point, we want to close some of the things that have minimum or no disagreement.

Suresh: Report for each ballot?

Chris: Been doing reports for every single ballot.

Suresh: Expecting one consolidated report.

Joe: That is doable too.

Chris: That's not a good idea, as it will be an ongoing discussion.

Joe: SO no summary?

Chris: Summaries for only the results of the ballot?

Suresh: Yes, you did that.

Chris: How is that not a summary? The discussions are coming out of the ones that people have some disagreement. This will result in reworded proposals, and revoting.

Suresh: I would like to vote on reworded proposals already. It will make it easier for some folks.

Chris: That will be the report.


Chris: They've not seen it as we've not done #6 yet. I was hoping to walk out of this meeting and tell the editors to remove the D- from the

DaveO: Seems that when we come to a understanding, we have more questions. We should take a small subset and vote on them to understand the process better.

DaveO: Concern: How confident are you at having a sufficient group in Paris to meet the goals of the meeting.

Daniel: seconds the concern for oversees F2Fs.

DaveO: Does it cover 6 & 7?

Chris: No, only 6 and 8.

7. Review and consideration of proposals stemming from balloting (16.15 + 20)


8. Discussion of thread on drafting WS Sec WG charter (16.35 + 20)

DaveO: We're pretty sure security is atleast one of the high priorities. I think that there's enough proposals to build an iterative process to go down the requirements , coarse to medium grtained requirements, and take off charters to tackle these requirements. Since waterfall approach is missing in getting a list of requirements, the WG will end up redoing

DaveO: Proposal: If we are comfortable with this process, what are the things we could do with Security. I made a proposal for 4

auth, confidentiality, trust models, ... Is that good enough to kick off a WG quickly.

I was also involved in SAML, but don't consider myself a security expert. In general, most of the memebers are generalists, though some are experts in some areas.

DaveO: Gist of the proposal: Pick the low hanging fruit for security.

Mark Jones: Concern about the grand RF debate. Don't think it's going to help if groups have loose charters. Suggest

Daniel: It's too coarse grained to distinguish between RF and

Mark Jones: Under RF, charters have to be very precise.

Chris: Charter a group that goes off and do some general things, but feedback suggests that we can put in the charter that requirments may be developed in the architecture that may require fine-tuning of the charter. That will go through the normal charter, when you work on this, anticipate the change of the charter from the architecture group. The initial charter need not be complete.

Joe: About DaveO's proposal. Very much in favor of  Would like to have DaveO add the points mentioned into the original proposal. Still in agreement with Mark Baker's proposal, its too early to launch a WG. From IETF experience, some times the charter is too loose.

Daniel: Questions the way the group intends to work, and how we intend to work this this group. Base the charter around the existing requirements for security?

DaveO: I thought these requirements were good for phase 1 of the security group. In my thought and my company's thought, these requirements would hit the 80/20 balance for security.

Daniel: We'll hopefully get experts on the security group. Won't they want to write their own charters?

DaveO: Things the general issues outlined are general enough to ... In these broad areas, it's probably safe to say that these are the things for this group to work on first. Maybe we need to go through this once again, one level deeper, to understand the scope of the requirement. In general, we will take the requirements to a certain point from where the WG can take the lead.

Chris: Don't want to flesh the requirements in complete detail. Tell them what needs to be done at a high level, and let the subject experts take it from there.

Suresh: What is the threshold that decides on the formation of a WG? DaveO, what is the criteria in your document that warrants a new WG?

DaveO: I don't mind, in this group, to say that based on our knowledge in our jobs, for us to say that these areas have high priority. While it's nice ot have a repeatable process, this is art to some extent. For a number of reasons, my judgement says that atleast this topic is of high priority.

Daniel: Agrees.

Hugo: W3C chartered this WG to spin off WGs. It's good if the WG thinks we should work on security. It may be early to spawn a new WG, we should get a subset of this group of 70+ to start digging down on security. If by July end we have a good view of security, then it would be good to

Mark Baker: Agrees with Mark Jones on loose charters, RAND and RF etc. Agree with the concern around opening up charters due to IPR concerns.

Doug: Its unclear that that is exactly what this group is going to plan to charter just yet. We need to work more on the architecture before we start to propose new WGs.

Abbie: I proposed a Task Force down the line, but before we do that, we need to set up a workshop.

Hugo: If we feel we're missing experts, and we know some other experts, we can bring them in as invited experts.

Abbie: Atleast one workshop per BOF.

Sandeep: Agree with Daniel, why thrash out a detailed model for each WG. We need the workshop before we can .

Chris: Out of time. Feel free to fill out all ballots, and also #1 if you feel necessary. Will give 5 days for all ballots going forward. I do want to get this over with at the earliest.

Action Items

ACTION: Chris to send schedule proposal: COMPLETE [1]
recorded in
ACTION: Chris, to notity Description group of Nov. dates: COMPLETE [2]
recorded in
ACTION: David both to post logisticts and registration to SysReq, PARTIALLY COMPLETE (logistics only) [3]
recorded in
ACTION: ACTION: Mike and Daniel to generate report on Description requirements, due next week: PENDING [4]
 recorded in
ACTION: Group members to register early and often once that page is made available [5]
recorded in
ACTION: Use case team to start next week with a weekly meeting, after this meeting preferred.  Hugo will pursue / persuade. [6]
recorded in
ACTION: Chris to extend Security ballot deadline to COB on 13 May. [7]
recorded in
ACTION: All members who have not voted on Security ballot should do so by new deadline [8]
recorded in
ACTION: Chris to forward updated deadlines for other ballots. [9]
recorded in


AT&T Ayse Dilber
AT&T Mark Jones
BEA Systems David Orchard
Carnegie Mellon University Katia Sycara
Cisco Systems Inc Sandeep Kumar
Computer Associates Igor Sedukhin
Contivo Dave Hollander
DISA Marcel Jemio
EDS Mike Ballantyne
Exodus/Digital Island Joseph Hui
France Telecom Shishir Garg
Hewlett-Packard Company Yin-Leng Husband
Hewlett-Packard Company Zulah Eckert
IBM Heather Kreger
Intalio Inc Bob Lojek
IONA Steve Vinoski
Macromedia Glen Daniels
MartSoft Corp. Jin Yu
Microsoft Corporation Allen Brown
Nokia Michael Mahan
Nortel Networks Abbie Barbir
Planetfred, Inc. Mark Baker
Rogue Wave Software Patrick Thompson
Rogue Wave Software David Noor
Sterling Commerce(SBC) Suresh Damodaran
Sun Microsystems, Inc. Chris Ferris
Sun Microsystems, Inc. Doug Bunting
Sun Microsystems, Inc. Mark Hapner
Systinet Anne Thomas Manes
W. W. Grainger, Inc. Tom Carroll
W. W. Grainger, Inc. Daniel Austin
W3C Hugo Haas
webMethods, Inc. Prasad Yendluri
Apple Mike Brumbelow
Boeing Company Gerald Edgar
ChevronTexaco Roger Cutler
CrossWeave, Inc. Timothy Jones
DaimlerChrysler Research an d Technology Mario Jeckle
Ericsson Nilo Mitra
Intel Corporation Sharad Garg
Intel Corporation Joel Munter
IONA Eric Newcomer
Microsoft Corporation Henrik Nielsen
MITRE Corporation Paul Denning
Oracle Corporation Jeff Mischkinsky
SAP Sinisa Zimek
SeeBeyond Technology Corp Alan Davies
Sybase, Inc. Himagiri Mukkamala
TIBCO Software, Inc. Scott Vorthmann
T-Nova Deutsche Telekom Jens Meinkoehn
W3C David Booth
Waveset Technologies Darran Rolls
XQRL Inc. Tom Bradford
Artesia Technologies Dipto Chakravarty
Cisco Systems Inc Krishna Sankar
DaimlerChrysler Research Hans-Peter Steiert
Documentum Don Robertson
EDS Waqar Sadiq
IBM Jim Knutson
Ipedo Srinivas Pandrangi
Ipedo Alex Cheng
Macromedia Tom Jordahl
MartSoft Corp. Jun Chen
MITRE Corporation James Davenport
Software AG Michael Champion
Software AG Nigel Hutchison
The Thomson Corporation Hao He
VeriSign, Inc. Michael Mealling
XQRL Inc. Daniela Florescu