W3C home > Mailing lists > Public > public-xmlsec-maintwg@w3.org > August 2007

Agenda: Distributed meeting 2007-08-14 v2

From: ext Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Mon, 13 Aug 2007 11:32:48 -0400
Message-Id: <89655ECD-6411-49C6-91AA-A21753EAC934@nokia.com>
Cc: Hirsch Frederick <frederick.hirsch@nokia.com>
To: XMLSec <public-xmlsec-maintwg@w3.org>

Agenda: W3C XML Security Specifications Maintenance WG (XMLSec) v2
Teleconference 13 August 2007
Distributed Meeting #13

v2 reordered to focus on concluding XML Signature changes, update  
with latest mailing list items, fix upcoming meeting scribe info

9-10am Eastern Time
(6-7am Pacific, 1400-1500 Dublin, 1500-1600 CET, 1600-1700 Crete)

See <http://www.w3.org/2007/xmlsec/Group/Overview.html> for time in  
other time zones.

Zakim Bridge:
       +1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
     irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
     <http://cgi.w3.org/member-bin/irc/irc.cgi>

Please note that attendance of XMLSEC WG telecons is restricted to  
registered WG participants and persons invited by the chair.

Chair:
    Frederick Hirsch

Regrets:
    Juan Carlos Cruellas

1) Administrivia: scribe confirmation, next meeting, other

1a)  Sean Mullan is scheduled to scribe.

The current scribe list is at the end of this message.

    Scribe Instructions (updated):
    http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html

1b)   Meeting planning

Next meetings:
Tuesday 21 August, Scribe: Giles Hogben
Tuesday 28 August, Scribe: Phill Hallam-Baker

November plenary, 8-9 November (and possibly 10th) scheduled
http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jul/ 
0005.html

1c) Workshop Reminder: position papers due today, 14 August,  
including from WG members.
Chairs of workshop will not submit position papers.

Announcement: http://www.w3.org/2007/xmlsec/ws/
CFP: http://www.w3.org/2007/xmlsec/ws/cfp.html

Information about writing position paper:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0056.html

Submission mailing list archive:
http://lists.w3.org/Archives/Member/member-xmlsec-submit/

Three submitted so far.

1d) Other

Updated administrative web page
http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Aug/ 
0000.html

2) Review and approval of last meeting's minutes
    http://www.w3.org/2007/08/07-xmlsec-minutes

3) Action item review

    Open actions are listed in Tracker at http://www.w3.org/2007/ 
xmlsec/Group/track/actions/open
    Text list: http://www.w3.org/2007/xmlsec/actions-open.html

Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/ 
Overview.html#closing-actions

[OPEN] ACTION-26: Thomas Roessler to draft CG note draft for  
submission to XML CG - due 2007-08-30

[OPEN] ACTION-50: Thomas Roessler to Create workshop logistics page -  
due 2007-08-15

[OPEN] ACTION-65: Juan Carlos Cruellas to develop/retrieve test cases  
for C14N with comments, scheme-based xpointers - due 2007-07-24

New content in latest draft for Scheme Based XPointers
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Aug/ 
0004.html

Keep open - additional information: http://lists.w3.org/Archives/ 
Public/public-xmlsec-maintwg/2007Jul/0054.html

[OPEN] ACTION-68: Sean Mullan to Develop RFC 4514 / RFC 2253 test  
cases - due 2007-07-24

see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0024.html and Juan Carlos message http://lists.w3.org/Archives/Public/ 
public-xmlsec-maintwg/2007Aug/0004.html

[OPEN] ACTION-71: Sean Mullan to Send e-mail to list on UTF-8 and  
printable UTF-8 strings - due 2007-08-07

See agenda item 6.

[OPEN] ACTION-72: Konrad Lanz to Review existing use of XML Signature  
and Xpointer with respect to new redline - due 2007-08-07

[OPEN] ACTION-73: Konrad Lanz to Check which xpointers are used and  
where, contact ebics etc - due 2007-08-07

Note opened additional ACTION-79 based on Konrad's issue, see agenda  
item 4d.

[OPEN] ACTION-74: Thomas Roessler to Update Acknowledgements section  
in XML SIgnature 2nd edition - due 2007-10-09

[OPEN] ACTION-75: Juan Carlos Cruellas to Carlos add test case for  
RFC 4514 warning - due 2007-08-14

[OPEN] ACTION-76: Frederick Hirsch to Make changes to document to (a)  
clarify same-document URI reference, (b) change reference to URI -  
due 2007-08-14

Done see agenda item 4b.

[OPEN] ACTION-77: Frederick Hirsch to Update algorithm URIs for  
c14n11 - due 2007-08-14

Done see agenda item 4a.

[OPEN] ACTION-78: Frederick Hirsch to Put note about corrected  
appendix A all over the place, including editor's note in xmldsig- 
core editor's draft - due 2007-08-14

Done see agenda item 4c.

[OPEN] ACTION-79: Frederick Hirsch to Update [XML Signature] since  
URI-Literal/ RFC 2732 obsoleted by 3986.

Open, see agenda item 4d for proposal.

4) XML Signature Editors Draft - Wrap up changes

http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/

4a) ACTION-77 done, Update C14N11 algorithm URIs
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Aug/ 
0010.html

4b) ACTION-76 done, (a) clarify same-document URI reference, (b)  
change reference to URI

see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Aug/ 
0011.html

and red-lining correction http://lists.w3.org/Archives/Public/public- 
xmlsec-maintwg/2007Aug/0020.html

Comment on change in 4.3.3.1 http://lists.w3.org/Archives/Public/ 
public-xmlsec-maintwg/2007Aug/0013.html

4c) ACTION-78 done, put note about corrected appendix A all over the  
place, including editor's note in xmldsig-core editor's draft

http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Aug/ 
0017.html

4d) URI-Literal/RFC 2732 fix: ACTION-79 - proposal made, Update [XML  
Signature] since URI-Literal/ RFC 2732 obsoleted by 3986.

see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Aug/ 
0023.html

Thomas: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Aug/0036.html

Revised proposed changes:

1. Remove from Section 4.3.3.1, "The URI Attribute, the following text:

"However, some Unicode characters are disallowed from URI references   
including all non-ASCII characters and the excluded characters listed  
in  RFC3986 [URI, section 2.4]. However, the number sign (#), percent  
sign (%),  and square bracket characters re-allowed in RFC 2732 [URI- 
Literal] are  permitted."

http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-URI

2. Change "Disallowed characters must be escaped as follows:"
to

"Characters disallowed in URI references by [URI] MUST be escaped as  
specified in [URI]:"

3. Remove URI-Literal from list of references, i.e. remove:

  "URI-Literal
  RFC 2732. Format for Literal IPv6 Addresses in URL's. R. Hinden,  
B.  Carpenter, L. Masinter. December 1999.
  http://www.ietf.org/rfc/rfc2732.txt"

Change consistent with Konrad's message -
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Aug/ 
0008.html

4e) Deprecating XPointer decision

Frederick: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Aug/0018.html

Thomas: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Aug/0037.html

Proposal: In section 4.3.3.2 The Reference Processing Model,

Replace "Support of the xpointer() scheme [XPointer-xpointer] beyond  
the minimal usage discussed in this section is discouraged." with

"[XPointer-xpointer] is in Working Draft status as of publication of  
this edition of XML Signature.  Therefore, support of the xpointer()  
scheme beyond the minimal usage discussed in this section is  
discouraged."

http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec- 
ReferenceProcessingModel

4f) Record WG resolution *not* to list Exclusive algorithms explicitly.

http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-c14nAlg

Note that exclusive canonicalization is explicitly mentioned in   
Section 6.5.

There has been no discussion of this item on the list or call since  
31 July, http://www.w3.org/2007/07/31-xmlsec-minutes .

5) Test case document

Warning: Source, xslt, and html are now in CVS. Please only edit  
version from CVS.

Editors Draft link: http://www.w3.org/2007/xmlsec/interop/xmlsig- 
interop-doc/testcases.html

5a)  ACTION-78 done, put note about corrected appendix A all over the  
place, including editor's note in xmldsig-core editor's draft

note added to test cases document
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Aug/ 
0017.html

5b) Stand-alone executable files for each test case needed.

Input, output, possibly context.

5c) Review comments:

Frederick: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Aug/0031.html

Note: use signatures even for C14N is twofold, automated testing,  
universable usability by implementations, HMAC-SHA-1

6) Best Practices - reversibility warning

Request for ASN.1 expert review - Ed, http://lists.w3.org/Archives/ 
Public/public-xmlsec-maintwg/2007Aug/0035.html

Put latest draft text on wiki?

- additional review for warning
- add item to interop test draft

7) Test case process outline on wiki

see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0025.html

8) Decryption Transform

8a) Change to correspond to Signature change regarding fragments  
(ACTION-76)

Proposal: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Aug/0012.html

8b) In general, more changes needed related to XPointer issues

9) C14N11 - Appendix A

Konrad had pointed out some issues with Appendix A at
http://lists.w3.org/Archives/Public/public-xml-core-wg/2007May/0046

Appendix update: Konrad
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/ 
0073.html

includes changes from Juan Carlos.

10) Any other business

11) Adjourn

Scribe list
-----------
Elisabetta Carrara
Ram Mohan
Chris Nautiyal
Rich Salz
Daniel Schutzer
Andrew Sullivan
Panagiotis Trimintzios
Tarun Tyagi
Gregory Berezowsky (F2F 3 May 07 am)
Sean Mullan (F2F 3 May 07 pm)
Juan Carlos Cruellas (15 May 2007)
Phillip Hallam-Baker (22 May 2007)
Giles Hogben  (29 May 2007)
Konrad Lanz (6 June 2007)
Donald Eastlake (12 June 2007)
Peter Lipp (Konrad, 19 June 2007)
Ed Simon (26 June 2007)
Hal Lockhart (10 July 2007)
Thomas Roessler (17 July 2007, 17 Apr 07)
Anthony Nadalin (31 July 2007)
Rob Miller  (F2F 2 May 07 pm, 7 Aug 07)
Received on Monday, 13 August 2007 15:33:23 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:22:01 GMT