W3C home > Mailing lists > Public > public-xmlsec@w3.org > May 2009

Agenda: Distributed Meeting 2009-05-05 v2

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Fri, 1 May 2009 11:44:24 -0400
Message-Id: <01C2E4FD-78FE-45A3-9D39-21F88D8C3193@nokia.com>
To: XMLSec WG Public List <public-xmlsec@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
Agenda: W3C XML Security WG (XMLSec) v2
Teleconference 5 May 2009
Distributed Meeting #30

add best practices agenda item, add Cynthia Martin to regrets and  
scribe list, update on newly published documents, minutes update, add  
xml encryption agenda item

10-12:00 am Eastern Time
Information on meeting times in various time zones:

Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):

Please note that attendance of XMLSEC WG teleconferences is restricted  
to registered WG participants and persons invited by the chair.

Roadmap and status of Draft deliverables (both editors drafts and  
latest publications) are available at

Chair: Frederick Hirsch

Regrets: Cynthia Martin

see http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

1) Administrivia: scribe confirmation, next meeting, other

1a)  Bruce Rich is scheduled to scribe

The current scribe list is at the end of this message, will rotate  
through this list.

Scribe Instructions:

1b)   Meeting planning: weekly meetings

This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is  

Upcoming meeting information is available on the WG Administrative page:

Next meeting:  F2F #4: 12-13 May, 9:00-18:00 ET each day
Hosted by RSA (EMC), Bedford MA, logistics:  http://lists.w3.org/Archives/Member/member-xmlsec/2009Mar/0015.html

1c) Liaisons and Coordination

See status at members page

1d) Announcements

i) Please complete F2F Registration (12-13 May) Questionnaire


ii) Signature Properties published 30 April



iii) Widget Signature LCWD published 30 April

Please review and provide comment before 1 June 2009


iv) SHA-1 collisions in 2^52


2) Minutes Approval

Please review and indicate corrections in attendance list.

Minutes from 28 April 2009, for approval:


Add Shivaram Mysore to attendees list.

3) New issues and Editorial update status (Completed and pending)

Please remember to send note to public list when completing editing,   
indicating what has changed and associated action. Please mark action   
as pending as well.

3i) New Issue, ISSUE-117, Key Wrap (XML Encryption Syntax and
Processing Maintenance)

The description of the traditional key wrap algorithms in XML  
Encryption duplicates substantive specification material from the
normative specifications for these algorithms. That duplication of   
material should be replaced by a reference to the relevant IETF

4) Interop Status and Planning

See wiki page

http://www.w3.org/2008/xmlsec/wiki/InteropPlanning (Frederick)

5) Algorithm URIs


6) F2F Agenda review and planning

Please review F2F Agenda and note missing items or other suggestions


7) Best Practices
7a) ACTION-126: Call out local system access risks regarding XSLT

7b) ACTION-127 trade-off between different extensibility mechanisms

request for intermediary use cases


7c) Best practice on XPath Filter 2.0 preference


7d) Best practices review comment

(Juan Carlos)

switch order of BP 1 and 2, rename BP 1
"Mitigate denial of service attacks by validating the references (that  
might imply potentially dangerous operations ) only after the  
verification of SignedInfo has been completed"
see current practice and comment:

8) XML Encryption 1.1

8a) AES KeyWrap with padding



Added to section 5.6.4 as OPTIONAL, time to revisit?

Need to add to section 5.1 list of algorithms?

8b) Table of contents to one level deeper?

9) Use cases and requirements

9a) Missing byte range use case and requirements?


10) Action Item and Issue Review

10a) Close Pending actions

[pending review] ACTION-264: Frederick Hirsch to Make publication
request for signature properties for this thursday, 30 April - due
2009-05-05 [on ]
http://www.w3.org/2008/xmlsec/track/actions/264 (Completed by Thomas)

[pending review] ACTION-265: Thomas Roessler to Update signature
properties for publication and place in proper location - due
2009-05-05 [on ]

10b) Open Action Review

Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open

Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions

Please review open action list and update your actions appropriately:


11) Issues review


12) Other Business

13) Adjourn

Scribing  list
Cynthia Martin, MITRE ()
Bruce Rich, IBM (17 July F2F am, 21 October 2008 F2F am)
Hal Lockhart, Oracle (9 December 2008)
Phillip Hallam-Baker, Verisign (F2F 13 January 2009, am)
Shivaram Mysore, Invited Expert ( F2F 14 January 2009, pm)
Brian LaMacchia, Microsoft ( F2F 14 January 2009, pm)
Bradley Hill, Invited Expert (27 January 2009)
Sean Mullan, Sun (3 February 2009)
Pratik Datta, Oracle ( F2F 14 January 2009, pm, 10 February 2009)
Konrad Lanz, IAIK (24 February 2009, 16 July F2F am)
Juan Carlos Cruellas, Universitat Politècnica de Catalunya (17
February 2009, 16 September 2008)
Chris Solc, Adobe (3 March 2009, 20 October 2008 F2F am)
Robert Miller, MITRE (10 March 2009, 20 October 2008 F2F pm)
Magnus Nyström, EMC (17 March 2009, 11 November 2008)
Scott Cantor, invited expert (24 March 2009, 29 July 2008, 2 December
Ed Simon, Invited Expert (31 March 2009, 18 November 2008)
Gerald Edgar, Boeing (7 April 2009, F2F 13 January 2009, pm)
John Wray, IBM (21 April 2009, 16 December 2008)
Kelvin Yiu, Microsoft (28 April 2009, 21 October 2008 F2F, pm)

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG
Received on Friday, 1 May 2009 15:45:08 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:11 UTC