Agenda: Distributed meeting 2009-02-17 from Nokia-CIC/Boston on 2009-02-16 (public-xmlsec@w3.org from February 2009)

From: Nokia-CIC/Boston <Frederick.Hirsch@nokia.com>
Date: Mon, 16 Feb 2009 09:29:38 -0500
To: XMLSec WG Public List <public-xmlsec@w3.org>
Cc: "Hirsch Frederick (Nokia-CIC/Boston)" <Frederick.Hirsch@nokia.com>
Message-Id: <79ED1BB4-F907-4849-8575-7F8C0988DF69@nokia.com>
Agenda: W3C XML Security WG (XMLSec)
Teleconference 17 February 2009
Distributed Meeting #20

10-12:00 am Eastern Time
Information on meeting times in various time zones:
http://www.w3.org/2008/xmlsec/Group/Overview.html#phone

Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
<http://cgi.w3.org/member-bin/irc/irc.cgi>

Please note that attendance of XMLSEC WG teleconferences is restricted
to registered WG participants and persons invited by the chair.

Chair: Frederick Hirsch

Regrets:  Rob Miller, Ed Simon

see http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

1) Administrivia: scribe confirmation, next meeting, other

1a)   Juan Carlos Cruellas is scheduled to scribe

The current scribe list is at the end of this message, will rotate
through this list.

Scribe Instructions:
http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html

1b)   Meeting planning: weekly meetings

This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is
cancelled.

Upcoming meeting information is available on the WG Administrative page:
http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

Next meeting 24 Feb, Konrad Lanz is scheduled to scribe.

1c) Liaisons and Coordination

See status at members page
http://www.w3.org/2008/xmlsec/Group/Overview.html#coordination

No new updates.

1d) Announcements

Interim F2F Questionnaire
http://www.w3.org/2002/09/wbs/42458/f2fsched2009/

2) Minutes Approval

2a) Minutes from 3 February 2009, for approval:

http://www.w3.org/2009/02/03-xmlsec-minutes.html

2b)  Minutes from 10 February 2009, for approval:

http://www.w3.org/2009/02/10-xmlsec-minutes.html

3) Issues
ISSUE-98: Reference format needs to be unified [xmlsec-algorithms]
http://www.w3.org/2008/xmlsec/track/issues/98
The format used for references is inconsistent, and should be cleaned  
up before publication as a Note. Also, links to specs' individual  
sections should either all use dated URIs, or all use "latest version"  
URIs.
4) Document editorial updates

4a) XML Security Algorithm Cross-Reference Editors Draft

Comments
http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0039.html  
(Frederick)

Draft update
http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0040.html  
(Thomas)

Draft
http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html

4b) XML Signature 1.1 draft

Updated for ACTION-178, OCSP Response (schema as well)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0046.html  
(Thomas)

Additional changes
http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0049.html  
(Thomas)

ECKeyValue editors note

4c) Transform Simplification

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0047.html  
(Frederick)

5) XML Signature 1.1

http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm

5a) Elliptic curve algorithms
"Related to this, as we're now (potentially) mandating support for a
particular elliptic curve (ansix9p256r1), should we also identify some
recommended curves at the 192-bit or 256-bit security level too?

In addition, it does not quite line up to specify ECDSA-SHA384 and
ECDSA-SHA512 if we only identify a p256-bit curve.

And shouldn't we have a curve statement in XMLEnc 1.1. similar to the  
one
in XMLDsig 1.1?"
http://lists.w3.org/Archives/Member/member-xmlsec/2009Feb/0012.html  
(Magnus)

5b) Mandatory Algorithms Questionnaire and Decision for XML Signature  
1.1 and XML Encryption 1.1

http://www.w3.org/2002/09/wbs/42458/fpwd-ecc/results

5c) KeyInfo and raw data

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0048.html  
(Thomas)

6) XML Signature Transform Simplification: Requirements and Design

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jan/0065.html

Comment
  (Frederick)

7) Algorithm Draft

7a) Note optional algorithms as optional?

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0044.html

8) Properties

8a) Rename usage to role?

http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0045.html

9) Best Practices

9b) Earlier comments from Juan Carlos

http://www.w3.org/2008/xmlsec/Drafts/best-practices/comments-bhill-jcc.html
  (Edited document)

http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0020.html
(Frederick)

http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0030.html
(Juan Carlos)

10) Action Item and Issue Review

10a) Close Pending actions
[pending review] ACTION-196: Thomas Roessler to Draft text on section  
6.1 about XPath, XPath Filter 2 and XSLT best practices - due  
2009-02-10 [on v11]
http://www.w3.org/2008/xmlsec/track/actions/196

[pending review] ACTION-208: Thomas Roessler to Draft editor's note  
concerning ECDSAKeyValueTyp - due 2009-02-17 [on ]
http://www.w3.org/2008/xmlsec/track/actions/208

[pending review] ACTION-209: Thomas Roessler to Incorporate ACTION-178  
into draft - due 2009-02-17 [on ]
http://www.w3.org/2008/xmlsec/track/actions/209

10b) Open Action Review

Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open

Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions

Please review open action list and update your actions appropriately:

http://www.w3.org/2008/xmlsec/actions-open.html

11) Ready to Publish as First Public Working Draft:

http://www.w3.org/2008/xmlsec/wiki/PublicationStatus

11a) XML Security Use Cases and Requirements
11b) XML Signature 1.1
11c) XML Encryption 1.1
11d) XML Security Algorithm Cross-Reference
11e) XML Signature Transform Simplification: Requirements and Design
11f) XML Security Derived Keys
11g) XML Signature Properties: Requirements and Design

12) Ready to publish update:

12a) Best Practices

13) Other Business

14) Adjourn

Scribing  list
----------------
Konrad Lanz, IAIK (16 July F2F am)
Juan Carlos Cruellas, Universitat Politècnica de Catalunya (16
September 2008)
Chris Solc, Adobe (20 October 2008 F2F am)
Robert Miller, MITRE (20 October 2008 F2F pm)
Bruce Rich, IBM (17 July F2F am, 21 October 2008 F2F am)
Kelvin Yiu, Microsoft (21 October 2008 F2F, pm)
Magnus Nyström, EMC (11 November 2008)
Ed Simon, Invited Expert (18 November 2008)
Scott Cantor, invited expert (29 July 2008, 2 December 2008)
Hal Lockhart, Oracle (9 December 2008)
John Wray, IBM (16 December 2008)
Phillip Hallam-Baker, Verisign (F2F 13 January 2009, am)
Gerald Edgar, Boeing (F2F 13 January 2009, pm)
Shivaram Mysore, Invited Expert ( F2F 14 January 2009, pm)
Brian LaMacchia, Microsoft ( F2F 14 January 2009, pm)
Bradley Hill, Invited Expert (27 January 2009)
Sean Mullan, Sun (3 February 2009)
Pratik Datta, Oracle ( F2F 14 January 2009, pm, 10 February 2009)

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG
Received on Monday, 16 February 2009 14:36:19 UTC