W3C home > Mailing lists > Public > public-xmlsec@w3.org > July 2009

Agenda: Distributed Meeting 2009-07-14 v2

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Tue, 14 Jul 2009 09:34:10 -0400
Message-Id: <21AAA617-4A8B-428C-8064-319801CFF59D@nokia.com>
To: XMLSec WG Public List <public-xmlsec@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
Agenda: W3C XML Security WG (XMLSec) v2
Teleconference 14 July 2009
Distributed Meeting #36

re-order, add recent completed edits and discussions.

10-12:00 am Eastern Time
Information on meeting times in various time zones:

Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):

Please note that attendance of XMLSEC WG teleconferences is   
restricted  to registered WG participants and persons invited by the   

Publication Status available at

Chair: Frederick Hirsch

Regrets: Brian LaMacchia, Ed Simon

see http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

1) Administrivia: scribe confirmation, next meeting, other

1a)  Brad Hill is scheduled to scribe

The current scribe list is at the end of this message, will rotate
through this list.

Scribe Instructions:

1b)   Meeting planning: upcoming meetings

This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is   

Upcoming meeting information is available on the WG Administrative page:

Next meeting:  21 July, scribe TBD

TPAC registration open
TPAC Overview: http://www.w3.org/2009/11/TPAC/overview.html

Please register: http://www.w3.org/2002/09/wbs/35125/TPAC09/
Note registration fee increases after 21 September 2009.

XML Security Thursday and Friday 5-6 November as originally planned.

1c) Liaisons and Coordination

See status at members page

1d) Announcements


2) Minutes Approval

Please review minutes, also please indicate corrections in attendance.

7 July 2009 teleconference

3) KDF and KDF3




updated XMLEnc 1.1 text for the KDF3 AlgorithmID parameter. At the  
same time, I also drafted some provisional text for the PartyUIInfo  
and the PartyVIInfo parameters since what we had would not allow for  
interoperability. This is all checked in.
accept changes, additional changes needed?
4) Generic Hybrid Ciphers First Public Working Draft publication?


Separate document or incorporate into XML Encryption 1.1


5) XMLEnc editorial comments


(Brian - ok)

accept changes, editorial action?

6) Editorial update status

Please remember to send note to public list when completing editing,   
indicating what has changed and associated action. Please mark action   
as pending as well and update the explain.html document for XML   
Signature 1.1 or XML Encryption 1.1.

6a) Updated XML Signature 1.1 DSS security considerations, ACTION-327


6b) Updated XML Encryption 1.1 references, ACTION-328

Incorporated update to references provided by Peter, as well as   
additional changes from Cynthia (Frederick)


Please review the section references to RFC 3447

status of ietf draft, ISSUE-137


6c) Update XML Encryption 1.1 with explicit URIs for DH choices

added a new URI for DH ephemeral-static with new KDFs, moved the   
identifiers for both legacy and new into their respective  
subsections,  and removed the language that I had in earlier that did  
the  distinguishing based on absence or presence of <KA-Nonce>

6d) Superseding Derived Keys document

Resolution to accept for publication replacement?

6e) XML Encryption cleanup


For clarity, changed name of CarriedKeyName child element of  
DerivedKeyType to DerivedKeyName.


Section 3.5.2:
- Corrected description of DerivedKeyName (CarriedKeyName) and  
MasterKeyName (only DerivedKeyName
  may be present in a ds:KeyInfo KeyName value)
- For clarity, changed name of CarriedKeyName child element of  
DerivedKeyType to DerivedKeyName.

Section 4:
- Updated processing instructions to take into account possibility of  
derived keys

Section 5.4.1:
- Added text explaining the AlgorithmID, PartyUIInfo and PartyVIInfo  
attributes and what values
  they may take in this version of the specification.

Section 5.6.2:
- Corrected reference (from to

6f) XML Signature reference correction

Corrected reference to RFC 3447.
6g) add dsa-SHA256 and various formatting cleanup to Algorithms document


6h) New XML Signature 2.0 draft (later in agenda)


7) Proposed XML Signature 1.1 References update


8) Conclusion of ACTION-320

Action completed, accept.

9) Updated 1.1 Working Draft Publication


9a) XML Signature 1.1
- reference updates
- explain update still needed.

9b) XML Encryption 1.1
- explain update still  needed.

9c) XML Security Algorithms Note
- algorithm update still needed (Thomas action)

9d) Best Practices XML Signature

9e) Transform Simplification: Requirements and Design

9f) Derived Keys
- Draft with status noting superseded

10) 2.0 Draft Discussion

10a) Additional comment on C14N 2.0 draft?
http://www.w3.org/2008/xmlsec/Drafts/c14n-20/Overview.html (Pratik)

10b) XML Signature 2.0


11) Exclusive C14N errata

review completed, ready to publish (discussed generally on last

11a) Proposed revision to E02, DTD/Schema issue


11b) Proposed New E07 for ISSUE110, "visibly utilizes"


12) Action Item and Issue Review

12a) Close Pending actions

These will be closed after the meeting unless concern raised before   
or  during meeting. Please review in advance of meeting.

ACTION-158: Frederick Hirsch to Take pass through references in Dsig  
Core - update, split into normative/informative -  due 2009-03-30  
[on ] http://www.w3.org/2008/xmlsec/track/actions/158

ACTION-323 Write a proposal for use of Alg IDs for KDF key Magnus  

ACTION-326: Brian LaMacchia to Update ACTION 319 for  explicit URI -  
due 2009-07-14 [on ]http://www.w3.org/2008/xmlsec/track/actions/326

ACTION-327: Frederick Hirsch to Update DSS security  warning - due  
2009-07-14 [on ]

ACTION-330 Update algorithms doc per http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0013.html 
  Thomas Roessler

ACTION-333: Thomas Roessler to Draft one-pager that  says "derived key  
stuff has been folded into encryption - due  2009-07-16 [on ] http://www.w3.org/2008/xmlsec/track/actions/333

12b) Open Action Review

Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open

Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions

Please review open action list and update your actions appropriately:


13) Issues review


14) Other Business

15) Adjourn

Scribing  list

Bradley Hill, Invited Expert (27 January 2009)
Konrad Lanz, IAIK (24 February 2009, 16 July F2F am)
Chris Solc, Adobe (3 March 2009, 20 October 2008 F2F am)
Scott Cantor, invited expert (24 March 2009)
Ed Simon, Invited Expert (31 March 2009)
John Wray, IBM (21 April 2009)
Kelvin Yiu, Microsoft (28 April 2009)
Bruce Rich, IBM (5 May 2009)
Sean Mullan, Sun (12 May 2009 F2F am)
Gerald Edgar, Boeing (12 May 2009 F2F pm, 7 April 2009)
Brian LaMacchia, Microsoft (13 May 2009 F2F am)
Pratik Datta, Oracle (13 May 2009 F2F pm)
Magnus Nyström, EMC (2 June, 2009, 24 March 2009)
Hal Lockhart, Oracle (16 June 2009, 9 December 2008)
Shivaram Mysore, Invited Expert (23 June 2009,  F2F 14 January 2009, pm)
Cynthia Martin, MITRE (7 July 2009, 9 June 2009)

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG
Received on Tuesday, 14 July 2009 13:34:56 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:11 UTC