See also: IRC log
Present: Abbie Barbir, David Booth, David Orchard, Frank McCabe, Mario Jeckle, Mike Mahan, Paul Denning, Ugo Corda, Zulah Eckert
Regrets: Eric Newcomer, Gerald Edgar, Katia Sycara, Roger Cutler, Shishir Garg, Suresh Damodaran, Yinleng Husband,
Chair: MikeC
Scribe: MikeM & DBooth
Scribe: last weeks minutes approved: http://www.w3.org/2002/ws/arch/3/10/2003-10-23-ws-arch.htm
Scribe: ACTION: MikeM and Ugo to write up problem statement about SOAP intermediaries and WSDL [DONE]
<scribe> ACTION: Group should consider the various aspects of "web service reliability" and note any aspects that we haven't covered in one of the models. [DONE]
<scribe> ACTION: dbooth to make the diagrams narrower to fit on printed page [DONE]
<scribe> ACTION: Hao to incorporate Roger's proposed definition for Message Reliability [PENDING]
<scribe> ACTION: Chairs will ping Katia on status of OWL discussions at F2F [PENDING]
<scribe> ACTION: Chairs will put 2 hours for management discussions at F2F [DONE]
<scribe> ACTION: Zulah and Abbie to get together about security and management text [DONE]
<scribe> ACTION: Abbie to rewrite section 3.6
<scribe> ACTION: dbooth to check in new
Discovery and Intro sections to CVS [DONE]
... Paul Denning to merge in important specs missing in Roger's list
[PENDING]
<scribe> ACTION: Zulah and Heather to have
proposed Management Note draft ready for WG to consider at next F2F
[PENDING]
... Zulah to 'turn into a W3C Note' and add the list of authors for the
management text
mikeC: we agree to publish this as a note at the f2f
... WG input should be solicited because this will be a WG product
Scribe: [DBooth took over scribing at this point.]
MikeM: One nit: How requesters and providers "become known to each
other".
... The body explains it well (that it isn't necessarily bilateral), but the
term "become known to each other" sounds like both parties may be aware of
each other.
... Maybe just use the term "become known"
... ALso, in manual versus autonomous discovery, there is also the
distinction between design-time and run-time discovery.
... Autonomous sounds a little misleading because you still need shared
semantics.
... autonomous here is really semi-autonomous due to the fact that the
semantics are shared
Scribe: ACTION: dbooth to clarify that Autonomous Discovery still requires shared semantics, and semantics could either be manually agreed or (potentially) autonomous also.
MikeM: Also about Trust, the issue is mitigated somewhat by privacy policies.
Scribe: ACTION: dbooth to add mention of privacy policy to Trust and Discovery
MikeM: I proposed some text for what to say to the WSDL WG.
... Frank also pointed out that the service (when using intermediaries) may
be spread out, with partial processing by each intermediary.
... I'll roll up comments received so far in prep for F2F.
intermediaries: mikem will have new section ready for f2f which includes franks service model observations
Scribe: wsdl & intermediaries: daveo has made a comment which should be included
DaveO: Some headers may be targeted (e.g., security) to the
ultimate receiver, though the app never actually sees it.
... Or there may be a hand-shake that the app never sees.
MikeC: Is the WSDL WG aware of the gap?
DaveO: Some members, yes, but not the WG as a whole.
MikeC: (Side note) Editors should watch out for references to WSDL1.2, because it's now being called WSDL2.0.
MikeM: There's a diff between security and a WS that is spread out over several nodes.
Ugo: This is a good time to bring it up in WSD WG.
Scribe: ACTION: MikeM to finish preparing text of
Intermediary issue and submit to WSD WG.
... (Others should give MikeM any other suggestions.)
MikeC: I like the app/infrastructure distinction that DaveO has made.
DaveO: Either you break up the ultimate receiver into identifiable
roles, or you subdivide the ultimate receiver some other way.
... The WS-Security example is a good one. THe app doesn't want to see those
security headers, but the firewall needs them.
MikeM: Should WSD say anything about this?
DaveO: A customer of ours brought it up.
MikeC: The issue has been percolating, but now a user company has brought it to the forefront.
Ugo: SOAP has not been clear about what info is for the
infrastructure vs. app.
... The body gets to the ultimate receiver, but the headers may or may not.
... There isn't a strong separation.
MikeC: Has WSI mentioned it?
Ugo: Not in the Basic Profile.
MikeM: I was trying to clarify the distinction between reliability
and performance.
... Any major issues with what Hao proposed?
Scribe: (None voiced)
Frank: It's still just a beginning. We don't have enough to work on yet. He doesn't address transactions yet.
Frank: Zulah, Abbie and I discussed security yesterday.
MikeC: Zulah was going to remove security from the management model.
Zulah: Are we talking about the security model, or Manageably
secure WSs?
... I want to remove security administration from the management model.
... We can't talk about it without a security model.
Frank: I thought having sec admin in there was a good idea.
... Abbie and I discussed inserting security in different models.
... E.g., modifying service model to include trust.
... Something similar is needed for the message model.
... Including privacy of comm. Rather than one model for security, we show
how security fits into other models.
... Augment existing models with security.
Abbie: When you add security, it will affect everything in the
model.
... It cannot be by itself. It's a segment of all other models.
Frank: Examples: Trust in the service area, communication in the message model, . . . .
Abbie: It can't be a separate model.
PaulDenning: By privacy do you mean confidentiality?
Abbie: No
MikeM: Privacy is broken into confidentiality and controlling how the information gets passed around.
MikeC: So should management decouple security as Zulah suggests?
Frank: I think sec admin should stay with the management.
Zulah: It doesn't say much about sec admin. It says there are
policies and semantics, but not much more.
... I'd rather get it out of there, and focus on the management model.
Abbie: Ok
MikeC: So I mis-categorized it in the agenda.
Zulah: We should merge the proposals.
Scribe: (Zulah has an action item to merge them.)
MikeC: Planning to start after lunch on Wednesday (1:30pm), but I'm
arriving on a plane without much leeway, so DBooth or Hugo could chair if my
plane is late.
... At this point, we can't be adding new things to the doc. Anything we're
deadlocked on will have to come out.
... Meta-agenda is to review the document and flag things that need to come
out. Make progress on wordsmithing those things that are pretty good.
... One suggestion: Focus on the Stakeholder's Perspective parts first.
... and then work backwards. We'll timebox our work to ensure that we can
cover the whole thing.
... We've had a request for 2 hours for Management. We'll need a couple
hours for RM.
... Suggestions?
Frank: We should discuss promotion of the spec.
Zulah: Don't put me on Thurs morning (I have a conflict).
Scribe: Planning times: http://www.timeanddate.com/worldclock/fixedform.html
Frank: There will be wireless internet. Bring your card.
MikeC: I think we could list the owners of specs.
dbooth: I'm okay with that.
Ugo: That's only part of the picture.
... E.g., the final BPEL result may be different IPR than the original
submission.
dbooth: One piece of objective info we could include is the IPR policy for each spec.
MikeC: Yes, we could include a pointer to W3C, OASIS, etc., IPR policies.
DaveO: Fine with me.
Scribe: Agreed: Each spec in the list will include a pointer to the spec's IPR policy.
PaulDenning: Need to get clarification on some BEA specs.
Scribe: [Meeting adjourned]