W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2009

Agenda: F2F meeting 2009-01-13/14 (v2)

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Tue, 6 Jan 2009 19:30:41 -0500
Message-Id: <94C587B0-FF6A-4976-9F35-6A0AD2BAECEB@nokia.com>
To: XMLSec WG Public List <public-xmlsec@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, ext Taki Kamiya <tkamiya@us.fujitsu.com>, John Schneider <john.schneider@agiledelta.com>
Agenda: W3C XML Security WG (XMLSec) v2
F2F 13-14 January 2009
F2F #3

9-6 PT each day, arrival and setup at 8:30 am

Information on meeting times in various time zones:
http://www.w3.org/2008/xmlsec/Group/Overview.html#phone

Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
<http://cgi.w3.org/member-bin/irc/irc.cgi>

F2F logistics
http://lists.w3.org/Archives/Member/member-xmlsec/2008Nov/0035.html

Please note that attendance of XMLSEC WG teleconferences is restricted  
to registered WG participants and persons invited by the chair.

Chair: Frederick Hirsch

Attendees, Dial-in Attendees and Regrets listed on admin page at
  http://www.w3.org/2008/xmlsec/Group/Overview.html#f2f3

Tuesday 13 January

1) Welcome, Introductions, Administrivia  (9 - 9:30 am PT)

1a) Introductions as needed, Local logistics

1b) Scribe confirmation

13 January AM
13 January PM
14 January AM
14 January PM

The current scribe list is at the end of this message, will rotate  
through this list.

Scribe Instructions:
http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html

1c)   Meeting planning: weekly meetings

This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is  
cancelled.

Upcoming meeting information is available on the WG Administrative page:
http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

20 January 2009 Teleconference cancelled
27 January 2009 Teleconference #17, 10-12 Eastern

1d) Liaisons and Coordination

See status at members page
http://www.w3.org/2008/xmlsec/Group/Overview.html#coordination

No new updates.

1e) Announcements

Verisign has joined the WG.

2) Minutes Approval

2a) Minutes from 6 January 2009 for approval:

http://www.w3.org/2009/01/06-xmlsec-minutes.html

3) Issues

No new issues.

4) Editorial updates

4a) Initial draft of Security Algorithms

http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html

5) XML Security 1.1   (9:30 - 10:45 am PT)

5a) XML Signature 1.1

Algorithms - review and agreement
NIST re key lengths - update?
Errata incorporation
RFC reference changes
Separate Normative and informative
versioning text addition
Editorial fixes

5b) XML Encryption 1.1

review Draft (to be distributed in advance of meeting)
Algorithms
Errata
RFC reference changes, separate normative and informative references
versioning text addition

5d) Algorithm Note

Review draft note of Algorithms, URIs and references for those  
algorithms

http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html

5d) Next steps before publication, time schedule

6) Break (15 min, 10:45 - 11)

7) XML Security 1.1 test cases and interop (11:00 -11:30)

Actions to draft test cases
Interop planning - distributed interop?

8) Widget Signature review and Signature Properties (11:30 - 12:30)

8a) Review update of signature properties

http://www.w3.org/2008/xmlsec/Drafts/xmldsig-properties/Overview.html

(to be updated with notice on email list)

8b) Walk through latest draft of Widget Signature

http://dev.w3.org/2006/waf/widgets-digsig/

(to be updated with notice on email list)

9) Lunch 12:30 - 1:30

7)  XML Security 2.0 (1:30 - 3:00)

7a) Review Transform Simplification update

Add explicit "see what you sign" stage?

7b) Additional streaming discussion

7c) Backward compatibility, profiles/levels, interoperability,  
extensibility mechanisms

7d) Simple Signing next steps, requirements, PI use

7e) KeyInfo discussion

8) Break  (15 min, 3:00 - 3:15)

9) Canonicalization simplification and next steps, QNames,Namespaces,  
Infoset (3:15 - 4:15)

Review and work through issues and technical approaches, requirements.

10) EXI Discussion (4:30 - 5:30)

11) Review of day, new actions and agenda (5:30 - 5:45)

12) Other Business Day 1

13) Recess (6 pm)

Wednesday 14 January (9 am - 6 pm)

14) Welcome, Administrative

16) Requirements Review (9:00 - 11:00)

Charter milestones
http://www.w3.org/2008/02/xmlsec-charter.html#milestones

16a)  Canonicalization Requirement discussion

http://lists.w3.org/Archives/Public/public-xmlsec/2008Nov/0006.html  
(Juan Carlos)

16b) Requirements document walkthrough

http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs/Overview.html

16c) Additional requirements - working session

List additional requirements associated with approaches taken, reflect  
1.1 and 2.0

Also list non-requirements
e.g., for discussion
"is an XML only serialization required for KeyInfo, maybe we do not  
want this requirement"

17) Break (15 min, 10:30 - 10:45)

18) Review Open Actions and Issues associated with requirements, Next  
steps for requirements (10:45 - 11:15)

Publish First Public Working Draft?

19) XML Security 2.0 Technical Discussion (11:15 - 12:30)

Additional technical discussion based on previous discussions

20) Lunch (12:30 - 1:30)

21)  Best Practices (1:30 - 2:30)

21a) review open issues and actions associated with best practices

ACTION-77 Update best practices document for section titles
Sean Mullan	

ACTION-103	Provide updated email on best practices issue
Juan Carlos Cruellas

ACTION-125	draft best practice around xpath filter 2	
Sean

ACTION-127	draft text on trade-off between different
extensibility mechanisms, for BP draft,
Thomas

ISSUE-52, Rules for syntax of KeyInfo child elements should be  
unambiguous

ISSUE-56 Add references related to timestamping

ISSUE-62 Clarify best practice related to order of schema validation  
and xml security processing for 2nd Edition

ISSUE-64 How to use XML Signature for various applications, e.g. Mail,  
unstructured content

ISSUE-69 Update example file to avoid empty XPath result

21b) Comments received from public working draft?

21c) Next steps for Best Practices
Publish revision?

22) Schema and DTD for 2.0 (2:30 - 3:00)

Schema changes needed. Continue to provide DTDs?

23) Additional KeyInfo and other 2.0 technical discussion (3:00 - 4:00)

10) Action Item and Issue Review (4:00 - 4:30)

10a) Close Pending actions

http://www.w3.org/2008/xmlsec/actions-pending.html
10b) Open Action Review

Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open

Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions

Please review open action list and update your actions appropriately:

http://www.w3.org/2008/xmlsec/actions-open.html

11) Meeting summary, lessons learned, new issues and actions, future  
meetings and planning (4:30 - 5:15)

http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

F2F discussion

12) Other Business (5:15 - 6:00)

13) Adjourn (6:00)

Scribing  list
----------------
Konrad Lanz, IAIK (16 July F2F am)
Pratik Datta, Oracle (19 August 2008)
Subramanian Chidambaram, Nokia (26 August)
Brian LaMacchia, Microsoft (2 September 2008)
Bradley Hill, Invited Expert (9 September 2008)
Juan Carlos Cruellas, Universitat Politècnica de Catalunya (16  
September 2008)
Gerald Edgar, Boeing (7 October 2008)
Chris Solc, Adobe (20 October 2008 F2F am)
Robert Miller, MITRE (20 October 2008 F2F pm)
Bruce Rich, IBM (17 July F2F am, 21 October 2008 F2F am)
Kelvin Yiu, Microsoft (21 October 2008 F2F, pm)
Shivaram Mysore, Invited Expert (4 November 2008)
Magnus Nyström, EMC (11 November 2008)
Ed Simon, Invited Expert (18 November 2008)
Scott Cantor, invited expert (29 July 2008, 2 December 2008)
Hal Lockhart, Oracle (9 December 2008)
John Wray, IBM (16 December 2008)
Sean Mullan, Sun (6 January 2009)

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG
Received on Wednesday, 7 January 2009 00:31:36 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT