- From: Thomas Roessler <tlr@w3.org>
- Date: Wed, 19 Dec 2007 15:23:09 +0100
- To: public-xmlsec-maintwg@w3.org
Minutes from our meeting on 2007-12-11 were approved; a public
version is available online here:
http://www.w3.org/2007/12/11-xmlsec-minutes-public.html
A text version is included below the .signature.
--
Thomas Roessler, W3C <tlr@w3.org>
[1]W3C
XML Security Specifications Maintenance Working Group Teleconference
11 Dec 2007
[2]Agenda
See also: [3]IRC log; [4]member-confidential full minutes
Attendees
Present
Frederick_Hirsch, Thomas, Ed_Simon, pdatta, brich, rdmiller,
Hal, klanz2
Regrets
Chair
Frederick Hirsch
Scribe
Ed Simon
Contents
* [5]Topics
1. [6]WAF Access Material
2. [7]Minutes approval
3. [8]C14N draft
4. [9]Interop and implementations
5. [10]defCan-1
6. [11]XML Signature
7. [12]Chartering
8. [13]Best Practices
9. [14]Action Item Review
10. [15]Decryption Transform
11. [16]Line Endings
* [17]Summary of Action Items
__________________________________________________________________
<fhirsch3> Agenda:
[18]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Dec/0
011.html
TOPIC; Meetings cancelled Dec 25 and Jan 1
There is a meeting Dec 18
<tlr> Next meeting 18 Dec, skip two weeks, resume Jan 8.
WAF Access Material
Hal will review WAF document
<tlr> it is recorded in last meeting's minutes...
Minutes approval
<tlr> [19]http://www.w3.org/2007/11/04-xmlsec-minutes
RESOLUTION: Minutes from Dec 4 approved
<tlr> [20]http://www.w3.org/2007/12/04-xmlsec-minutes-public
C14N draft
Frederick wants people to review the doc as a whole
C14N wants to go to PR in January
Thomas says things looks OK but would like 2nd pair of eyes to look at
C14N editor's draft
<fhirsch3>
[21]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Dec/0
008.html
Comments should be shared by next week.
Thomas has sent a request for a redline; will get back to us when he
hears a response
Interop and implementations
<tlr>
[22]http://www.w3.org/2007/xmlsec/interop/xmldsig/c14n11/report.html
<tlr> not yet the dsig stuff, just c14n
TLR's implementation report in link above
<tlr> will do dsig shortly
Frederick asks why signatures Sean mentioned are different than in
implementation report
(e.g. defCan-1)
tlr: several participants do not produce c14n as standalone file
<fhirsch3>
[23]http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Dec/0
002.html
tlr: we have issue with 3 tests (tlr please list)
The WG discussed specifics of interop tests and participant status, see
[24]member confidential minutes.
<klanz2> I produce the template now
<fhirsch3> 103 is new test case added by Sun
<fhirsch3>
[25]http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Nov/0
014.html
<fhirsch3> This implementation report is limited to criteria for C14n11
<fhirsch3> will be additional report for Signature etc soon
The table (see link) corresponds to the exit criteria for c14n 1.1; tlr
will look at rest of work very soon
<fhirsch3> Konrad is updating template now for 103
2 things should happen: more green in top few rows and show test cases
to XML Core to make sure they are satisfied
no need for table to be perfect in order to show to XML Core; table is
member-confidential
The WG discussed plans for completing interop tests, see member
confidential minutes.
tlr: we should have a collective look at 3-103 because it is a double
".."
Bruce: some return CR-LF so there may be a canonicalization issue or
simply not posting it in binary
<fhirsch3> into CVS
Konrad: CVS does line break modifications when posting.
<fhirsch3> should be only LF (unix style)
TLR: ran a command line test which suggest the original material was
posted correctly
<tlr> zkwYFWagoDX5nvwATyMGu8gcITc=
<tlr> ACTION: tlr to fix CR/LF issue for test case 103 [recorded in
[26]http://www.w3.org/2007/12/11-xmlsec-minutes.html#action01]
<trackbot-ng> Created ACTION-121 - Fix CR/LF issue for test case 103
[on Thomas Roessler - due 2007-12-18].
problem might be on check out, not check in
TLR will look into the issue
defCan-1
<fhirsch3>
[27]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Dec/0
004.html
<klanz2> Testcase ...spec3-103 referes to xml-base-c14n11... instead of
xmlbase-c14n11...
Various participants indicated they would check in material, see
[28]member confidential minutes.
FH: Sean's notes re tests; has anyone responded or looked at his email?
<fhirsch3>
[29]http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Nov/0
014.html
<fhirsch3> dname cases - not all will do these cases. (last week's
minutes)
TLR: Went through DN cases in last meeting; what kind of tests we need.
<fhirsch3> dname cases may not be essential for exit criteria, need
addtl review
FH: Did people review Sean's work?
TLR found a few inconsistencies and will change things in CVS
accordingly. Will likely flush out more inconsistencies in his upcoming
work.
Konrad: Found a few things to fix and will send email.
XML Signature
<fhirsch3>
[30]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Nov/0
027.html
<fhirsch3> Question on namespace document for 2004, should in addition
to link to RFC the namespace document also include text/link to draft
that will eventually superscede the rfc
<fhirsch3> draft
[31]http://www.ietf.org/internet-drafts/draft-eastlake-additional-xmlse
c-uris-00.txt
<fhirsch3> rfc 4051 [32]http://www.ietf.org/rfc/rfc4051.txt
RFC 4051 by D. Eastlake is a list of namespaces for algorithms
TLR says he is OK with adding link; FH suggests pointer from old RFC to
new draft
<fhirsch3> Frederick suggests that in namespace document for older
namespace which refers to RFC 4051, also provide link to new draft
Chartering
<tlr>
[33]http://lists.w3.org/Archives/Public/public-xmlsec-discuss/2007Dec/0
001.html
FH: One comment about derived keys.
tlr: Magnus' proposal to extend ds:KeyInfo element
fh: actually alternative to KeyInfo
Hal: first reaction is this is special case of something more general
<tlr> ACTION-121 done
<tlr> I believe to have fixed the binary issue for the output files
<fhirsch3> hal: add requirement for derived key without necessarily now
adopting specific solution, consider WSS security token references etc
<fhirsch3> hal: do not be so specific
<fhirsch3> +1 to hal
<fhirsch3> ed: remove keyinfo from signature spec, put in own spec
<hal> derived key proposal seems like a special case
tlr: +1 to not putting anything specific in charter
... one chartering relevant question is whether we need to open xml
encryption to accomodate this request
<hal> agree that requirement for derived key support is potentially a
good requiremnt
fh: we should be ready to change XML Encryption in case our work with
XML Signature requires it.
tlr: additional deliverable to update XML Encryption as changes to XML
Signature require it.
<hal> perhaps should consider generally if functionality built on sig
and enc (e.g. WSS) should be encorporated into base specs
<hal> the point is to make an explicit decision
+1 to Hal
<pdatta> +2 to Hal
<fhirsch3> +1 to Hal
<shivaram> +1 to Hal
tlr: may need a relatively broad mandate to deal with encryption
fh: the more we bite off, the more we need to chew (paraphrased)
<tlr> ACTION: hal to propose concrete edit to proposed charter to deal
with encryption / derived specs [recorded in
[34]http://www.w3.org/2007/12/11-xmlsec-minutes.html#action02]
<trackbot-ng> Created ACTION-122 - Propose concrete edit to proposed
charter to deal with encryption / derived specs [on Hal Lockhart - due
2007-12-18].
tlr: this is the time for informal feedback which is encouraged to help
when it is formal feedback time
<klanz2> will do ...
Hal: specs that come to mind are DSS
<shivaram> KeyInfo is also used in XKMS
<fhirsch3> BSP
Yes, XAdES
<klanz2> FYI: [35]http://www.etsi.org/plugtests/XAdES/XAdES.htm
Best Practices
Hal: Saw best practices as long term work
Action Item Review
ACTION-74 continued
ACTION-74 open
<tlr> ACTION-74?
<trackbot-ng> ACTION-74 -- Thomas Roessler to update Acknowledgements
section in XML SIgnature 2nd edition -- due 2007-10-09 -- OPEN
<trackbot-ng> [36]http://www.w3.org/2007/xmlsec/Group/track/actions/74
<tlr> ACTION-105?
<trackbot-ng> ACTION-105 -- Frederick Hirsch to start issues list for
best practices -- due 2007-10-30 -- OPEN
<trackbot-ng> [37]http://www.w3.org/2007/xmlsec/Group/track/actions/105
ACTION-105 closed
<trackbot-ng> ACTION-105 Start issues list for best practices closed
<tlr> ta-dah!
<tlr> ACTION-112 open
ACTION-112 open
<tlr> ACTION-112?
<trackbot-ng> ACTION-112 -- Thomas Roessler to prepare interop report
template -- due 2007-11-15 -- OPEN
<trackbot-ng> [38]http://www.w3.org/2007/xmlsec/Group/track/actions/112
<hal> leaving for ws-fed call - see you next week
ACTION-115 open
ACTION-116 closed
<trackbot-ng> ACTION-116 Remind Donald to review XML Signature and
Encryption home pages for accuracy closed
<fhirsch3>
[39]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Dec/0
012.html
ACTION-120 closed
<trackbot-ng> ACTION-120 Rename test cases as proposed closed
<fhirsch3>
[40]http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Dec/0
001.html
Decryption Transform
tlr: Decryption Transform is currently a Recommendation, could change
current draft into note or just leave it as it is as we have no
implementation experience
Pratik: We have an implementation of the Decryption Transform
<fhirsch3> Choices are (1) not deliver any Decryption Transform
changes, e.g. Rec stays same. Current expectation (2) deliver Note with
changes to date (3) additional work to deliver more complete result
<fhirsch3> Issue with #2 is that it can be misleading since incomplete
change
<fhirsch3> issue with #2 and #3 not enough implementations
Pratik: changes to canonicalization would affect Decryption Transform
tlr: one needs two interoperable implementations for something to go to
Recommendation status
... no point if we are not going to have a second implementation
Konrad: not opposed to keeping Decryption Transform on stack in case we
want to do something with it
tlr: might cause addition work for patent attorneys
fh: Pratik, do you know of other implementations?
Pratik: will try to find out.
Line Endings
tlr: use -A to update file to UNIX line endings in CVS
<fhirsch3> "cvs update -A"
Konrad: will get back within 12 hours
Summary of Action Items
[NEW] ACTION: hal to propose concrete edit to proposed charter to deal
with encryption / derived specs [recorded in
[41]http://www.w3.org/2007/12/11-xmlsec-minutes.html#action02]
[NEW] ACTION: tlr to fix CR/LF issue for test case 103 [recorded in
[42]http://www.w3.org/2007/12/11-xmlsec-minutes.html#action01]
[End of minutes]
__________________________________________________________________
References
1. http://www.w3.org/
2. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Dec/0011.html
3. http://www.w3.org/2007/12/11-xmlsec-irc
4. http://www.w3.org/2007/12/11-xmlsec-minutes.html
5. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#agenda
6. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item01
7. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item02
8. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item03
9. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item04
10. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item05
11. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item06
12. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item07
13. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item08
14. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item09
15. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item10
16. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#item11
17. http://www.w3.org/2007/12/11-xmlsec-minutes-public.html#ActionSummary
18. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Dec/0011.html
19. http://www.w3.org/2007/11/04-xmlsec-minutes
20. http://www.w3.org/2007/12/04-xmlsec-minutes-public
21. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Dec/0008.html
22. http://www.w3.org/2007/xmlsec/interop/xmldsig/c14n11/report.html
23. http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Dec/0002.html
24. http://www.w3.org/2007/12/11-xmlsec-minutes#item04
25. http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Nov/0014.html
26. http://www.w3.org/2007/12/11-xmlsec-minutes.html#action01
27. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Dec/0004.html
28. http://www.w3.org/2007/12/11-xmlsec-minutes
29. http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Nov/0014.html
30. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Nov/0027.html
31. http://www.ietf.org/internet-drafts/draft-eastlake-additional-xmlsec-uris-00.txt
32. http://www.ietf.org/rfc/rfc4051.txt
33. http://lists.w3.org/Archives/Public/public-xmlsec-discuss/2007Dec/0001.html
34. http://www.w3.org/2007/12/11-xmlsec-minutes.html#action02
35. http://www.etsi.org/plugtests/XAdES/XAdES.htm
36. http://www.w3.org/2007/xmlsec/Group/track/actions/74
37. http://www.w3.org/2007/xmlsec/Group/track/actions/105
38. http://www.w3.org/2007/xmlsec/Group/track/actions/112
39. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Dec/0012.html
40. http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Dec/0001.html
41. http://www.w3.org/2007/12/11-xmlsec-minutes.html#action02
42. http://www.w3.org/2007/12/11-xmlsec-minutes.html#action01
Received on Wednesday, 19 December 2007 14:23:20 UTC