See also: IRC log
<Frederick Hirsch> Scribe: Konrad Lanz
can someone please post the agenda url please
<EdS> http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Sep/0011.html
<Frederick Hirsch> agenda http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Sep/0011.html
I dial in again
<Frederick Hirsch> ack ??P8
<Frederick Hirsch> mute ??p8
Juan Carlos Cruellas is next scribe
<scribe> chair: november planary
<scribe> chair: issue with minutes
<Frederick Hirsch> http://www.w3.org/2007/09/04-xmlsec-minutes
RESOLUTION: Last meeting's minutes approved
ACTION 26 open
ACTION 71 open
ACTION 74 open
ACTION 81 open
ACTION 82 open
ACTION 83 open
ACTION 87 closed, http://www.w3.org/2007/xmlsec/interop/xmlsig-interop-doc/testcases.html#directory-structure
ACTION 88 closed
ACTION 89 closed
<Frederick Hirsch> editors draft updated for examples for digest and sig values with ...
<Frederick Hirsch> http://www.w3.org/2007/xmlsec/ws/agenda.html
<scribe> chair: we have an updated program
Frederick Hirsch reflects change
we had before with a tweak
... combining some slight rearrangements
... people should have a look at it
Thomas Roessler: all the speakers are confermed except for ???
<Frederick Hirsch> all speakers confirmed apart from Chris Techter
<Frederick Hirsch> need to determine who is speaking for Oracle
Thomas Roessler: who will present for oracle ...
<scribe> chair: contacted oracle
<Frederick Hirsch> new paper from MITRE
Frederick Hirsch: another paper submitted
<Frederick Hirsch> http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Sep/0009.html
Scribe: Frederick Hirsch
Frederick Hirsch: sent an email
<Frederick Hirsch> http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Sep/0012.html
Frederick Hirsch: Sean Mullan added to the editors ...
Konrad Lanz: +1
<Sean Mullan> fine with me
<Juan Carlos Cruellas> Juan Carlos Cruellas +1
<Frederick Hirsch> http://www.w3.org/2007/xmlsec/interop/xmlsig-interop-doc/testcases.html#Introduction.RecommendationRefs
<Frederick Hirsch> Why do we have two directory structures that appear to both have c14n11 test cases?
Frederick Hirsch: shouldn't we have just have one c14n11 dir
<scribe> Konrad Lanz: ok to test c14n11 alone as well as c14n11 tests with dsig
<scribe> ... standalone optional, sig mandatory
<scribe> ... found some divergence of input files
<scribe> Sean Mullan: merlin always showed intermediate c14n result in those tests
Sean Mullan: merlin's tests showed the intermediate results
<EdS> I can hear everyone fine.
<scribe> thomas: +1 to Sean Mullan
<scribe> Sean Mullan: we need to freeze test cases today, although ok to get it right now
<Sean Mullan> more or less by end of week or so
Konrad Lanz:+1 to end of the week
<Frederick Hirsch> proposed change: combine the c14n11 test cases into one directory with inputs and outputs (sig) as well as intermediate results
Konrad Lanz:-1 to this proposal
<scribe> thomas: needs to be done today or tomorrow
<Frederick Hirsch> ACTION: Konrad Lanz to ensure that the inputs for both c14n11 test directories are the same [recorded in http://www.w3.org/2007/09/11-xmlsec-minutes.html#action04]
<trackbot-ng> Created ACTION-90 - Ensure that the inputs for both c14n11 test directories are the same [on Konrad Lanz - due 2007-09-18].
<Frederick Hirsch> What is the status of the following incomplete sections of the document, and what is the plan for completing?
<Phillip Hallam-Baker> sorry I am late.
<Frederick Hirsch> Section 3.3, Implicit/Explicit rules , XPointers DNs
<scribe> Juan Carlos Cruellas: need to work with Konrad on these
Juan Carlos Cruellas: Sean Mullan, Juan Carlos Cruellas and Konrad Lanz should
work together on document
... currently only description
... no actual input at the moment
Frederick Hirsch: are these harder
?
Frederick Hirsch: just a matter of time or something else?
Juan Carlos Cruellas: just a matter of time
Frederick Hirsch: are you able to contribute after looking at cvs ?
Bruce Rich: focused on implementation
..
... bring up things later
Konrad Lanz: Juan Carlos Cruellas +1
<scribe> Konrad Lanz: +1 to Juan Carlos Cruellas
<scribe> ... need teleconference for Sean Mullan, Juan Carlos Cruellas, Konrad Lanz separate call
Juan Carlos Cruellas: propose an Action on Konrad Lanz,
Juan Carlos Cruellas and Sean Mullan to distribute the rest of the work
... by email
... have the call then
<scribe> Konrad Lanz: +1 to Juan Carlos Cruellas, but wants quick call first
<scribe> ... in interest of time
<Juan Carlos Cruellas> OK
<scribe> ACTION: Juan Carlos Cruellas interop editors to plan and distribute work to complete interop tests by next week [recorded in http://www.w3.org/2007/09/11-xmlsec-minutes.html#action05]
<trackbot-ng> Created ACTION-91 - Interop editors to plan and distribute work to complete interop tests by next week [on Juan Carlos Cruellas - due 2007-09-18].
Thomas Roessler: two technical points ...
stay on the call later
<scribe> ... can stay on bridge later, or get reservation for later through thomas
Juan Carlos Cruellas: +1 to have call today
<scribe> Juan Carlos Cruellas: stay on this call for a few minutes at end for planning
Konrad Lanz: let's try to stay on this call and see how it goes
<Frederick Hirsch> What is the status of Appendix A testing? Section 3.2.4.2
<Frederick Hirsch> http://www.w3.org/2007/xmlsec/interop/xmlsig-interop-doc/testcases.html#XMLBASE_ANNEXA
http://www.w3.org/2007/xmlsec/interop/c14n11/appendixa/
Sean Mullan: appendix
<scribe> Sean Mullan: working with amended appendix
Sean Mullan: hard to test
... has to be a signature ...
... we should get this into a signature
... maybe hard to test
... did code modifiction
<scribe> ... had to put special hooks into code to enable use of input
Bruce Rich: not a lot of clarity
... simpler algorithm
<scribe> Bruce Rich: had issues with nested if s and use of english
Bruce Rich: something missing
... when is appendix A when normal uri processing to be used
<scribe> ... what is missing is guidance of when to use normal uri processing or appendix a, e.g. #53, //..
Bruce Rich: unclear what happens to absolute uris
<scribe> ... unclear when using absolute uris - when to collapse multiple /'s
<
message 50 in the xml core June archive, Konrad Lanz:>
However I agree that a complete rewording
might simplify the processing
as I have informally mentioned already in
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0031.html.
I'm unsure about the process if we'd really
like to change this and
hence I sticked as "close" as possible to RFC
3986.
5.2.4. "Remove Dot Segments" is modified to
keep leading "../" segments and to prevent the erroneous
creation of an output that looks like a net path.
(seg/.././/pseudo-netpath/seg/file.ext)
* several changes as in "Remove Dot Segments"
... (see Apendix)
http://www.w3.org/TR/2006/WD-xml-c14n11-20061220/#DocSubsets
Frederick Hirsch: is there a show stopper ...
Bruce Rich: when to follow uri rules
<scribe> Bruce Rich: need to be clearer which part of normal processing to follow
Juan Carlos Cruellas: all test cases by Konrad Lanz have been tested by our implementor
<scribe> Juan Carlos Cruellas: our implementation includes appendix A, all cases have been tested. Do not have RFC 4514 implementation to string conversion
<scribe> Konrad Lanz: agrees language is not clear, ok with changing language but by joining XML Core WG and doing it there
<scribe> ... was looking for smallest change to what was there already
<scribe> ... need to see support for making change in XML Core WG
<scribe> ... do not agree that not clear when appendix A applies
<scribe> (see quoted material above in chat)
Sean Mullan: hard to resolve
Frederick Hirsch: some people having problem with material
Thomas Roessler: please show examples for
ambiguity
... didn't get where the ambiguity was
... tried a few lines of pearl
<Bruce Rich> ambiguity starts with "relative URI" in section 2.4
Thomas Roessler: trade off close to RFC vs. clarity
cannot hear Thomas Roessler, sonds like soap bubbles
Frederick Hirsch, please minute Thomas Roessler
<scribe> Thomas Roessler: asks Bruce to contribute simpler algorithm to XML core, also to put message on list to describe ambiguity
@Bruce Rich: maybe this helps http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0031.html
<Bruce Rich> e.g., is //.. a relative URI? do I apply slash-reduction to http://foo?
<scribe> Bruce Rich: need to know what to do, direction for interop in two weeks
Frederick Hirsch: if do not have the simpler
algo on the list
... no one can see it
... we really need it on the list
Thomas Roessler: quick clarification, please contribute to xml-core
Frederick Hirsch, please minute Thomas Roessler, can't hear
<scribe> Frederick Hirsch: please contribute simpler algorithm to xmlsec so we can consider in time for interop
<scribe> Thomas Roessler: first step is to get to our wg, can deal with XML Core later
Konrad Lanz:+1 to this proposal
Bruce Rich: will post issues this afternoon
Konrad Lanz:I was kicked out, dialing in again
<Frederick Hirsch> Frederick Hirsch: proposal - Bruce put proposal on XMLSec WG list today, interop implementers/editors review discuss on call (including Bruce, Sean Mullan, Juan Carlos, Konrad)
<Frederick Hirsch> ... put resolution on list for group and also update document
<Frederick Hirsch> ... part of discussion is impact on implementations, feasibility etc
<Frederick Hirsch> jh: proposal - Bruce put proposal on XMLSec WG list today, interop implementers/editors review discuss on call (including Bruce, Sean Mullan, Juan Carlos, Konrad)
<Frederick Hirsch> ... put resolution on list for group and also update document
<Frederick Hirsch> .. part of discussion is impact on implementations, feasibility etc
<scribe> Sean Mullan: 1. is algorithm incorrect, or is it just simplification of wording. If latter, won't impact intetop testing
<scribe> ... if simply matter of wording then can achieve common interpretation
Konrad Lanz:+1 to Sean Mullan
Konrad Lanz:we have had this rewording discussion starting here http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0044.html and it ended here http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0073.html.
<scribe> Thomas Roessler: need one normative algorithm, that is understood
<scribe> ACTION: Thomas Roessler to send note to XML Core indicating potential issue with Appendix A [recorded in http://www.w3.org/2007/09/11-xmlsec-minutes.html#action06]
<trackbot-ng> Created ACTION-92 - Send note to XML Core indicating potential issue with Appendix A [on Thomas Roessler - due 2007-09-18].
<scribe> Thomas Roessler: must have only one normative algorithm, simple language would be good
Konrad Lanz:+1 to Thomas Roessler
<scribe> Konrad Lanz: majority of xml core wg wanted to stay close to RFC language, hence some of this issue
Konrad Lanz:xml core had the perception that stying close to RFC language would avoid making unwanted mistakes, I didn't share that preception, "a complete rewording might simplify the processing"
<scribe> Bruce Rich: cannot re-write simpler language in the RFC language
<Frederick Hirsch> Frederick Hirsch: propose sharing as it is, without changing
<scribe> Bruce Rich: can do
Thomas Roessler: some elaboration to the minutes required on this
Frederick Hirsch: Bruce Rich to supply easier language for appendix a
<Frederick Hirsch> Frederick Hirsch: share with xml core that there is potential issue with Appendix A and possible simplification proposal
Frederick Hirsch: Thomas Roessler take this and go to xml core with it
<scribe> Thomas Roessler: with pointer to minutes and maybe some detail
<Frederick Hirsch> Are the xml:space, xml:lang, xml:id and xml:base tests complete and what is confidence in correctness of tests and ability to implement?
Scribe: Konrad Lanz
<Frederick Hirsch> ACTION: Konrad Lanz to look at xml core list for additional xml:base test cases [recorded in http://www.w3.org/2007/09/11-xmlsec-minutes.html#action07]
<trackbot-ng> Created ACTION-93 - Look at xml core list for additional xml:base test cases [on Konrad Lanz - due 2007-09-18].
cannot hear Thomas Roessler
Thomas Roessler: not conformance testing
Frederick Hirsch: we test the spec not the implemenations
Sean Mullan: only issue brougt up a month ago, but resolved
Bruce Rich: not yet there time will tell
@Bruce Rich: the sooner time tells the better ;-)
<Bruce Rich> will post to list if i find issues in id, lang, space
Juan Carlos Cruellas: brought up a page by
rigo
... to do anything else then reference the old test
... regression tests are of less importance given the time
pressure
<scribe> Juan Carlos Cruellas: on topic regression tests, not time to update the doc, but we need to get the tests content determined
<Juan Carlos Cruellas> http://www.w3.org/Signature/2001/04/05-xmldsig-interop.html
Juan Carlos Cruellas: regression tests are mentioined in section 3.1
Frederick Hirsch: everything in tar/zip
files
... we should figure out what we actually want to run
Juan Carlos Cruellas: it could be done if someone has the time
Frederick Hirsch: what are we planning to do ...
Juan Carlos Cruellas: focus on issues we discovered now
<Sean Mullan> +1
<Bruce Rich> will not have time for much/any of regression tests by interop time
<Frederick Hirsch> propose we run regression tests on '#xpointer(/)', '#xpointer(id(...))'
Frederick Hirsch: we will need regression for the xpointers
<scribe> Konrad Lanz: issues with dereferencing absolute URIs possibly
<scribe> ... everyone with implementation run all tests see what can do
<scribe> +1, lower priority, some never are passed, better to share where we are at
<scribe> Konrad Lanz: will full web access be available at interop event?
<Robert Miller> I have to go. I have another meeting to attend.