- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Fri, 18 Sep 2009 12:20:32 -0400
- To: XMLSec WG Public List <public-xmlsec@w3.org>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
Agenda: W3C XML Security WG (XMLSec) v2
Teleconference 22 September 2009
Distributed Meeting #42
10-12:00 am Eastern Time
Information on meeting times in various time zones:
http://www.w3.org/2008/xmlsec/Group/Overview.html#phone
Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
<http://cgi.w3.org/member-bin/irc/irc.cgi>
Please note that attendance of XMLSEC WG teleconferences is
restricted to registered WG participants and persons invited by the
chair.
Publication Status available at
http://www.w3.org/2008/xmlsec/wiki/PublicationStatus
Chair: Frederick Hirsch
Regrets: none
see http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings
1) Administrivia: scribe confirmation, next meeting, other
1a) Kelvin Yiu is scheduled to scribe
The current scribe list is at the end of this message, will rotate
through this list.
Scribe Instructions:
http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html
1b) Meeting planning: upcoming meetings
This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is
cancelled.
Upcoming meeting information is available on the WG Administrative page:
http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings
Next meeting: 29 September 2009, scribe Gerald Edgar
TPAC registration open
TPAC Overview: http://www.w3.org/2009/11/TPAC/overview.html
Please register: http://www.w3.org/2002/09/wbs/35125/TPAC09/
Note registration fee increases after 21 September 2009.
Discussion, possibility of moving from Thur/Fri to Mon/Tue?
http://lists.w3.org/Archives/Member/member-xmlsec/2009Sep/0005.html
registration and hotel urgency
http://lists.w3.org/Archives/Member/member-xmlsec/2009Sep/0004.html
Group attendance questionnaire
http://www.w3.org/2002/09/wbs/42458/tpac2009/
and results
http://www.w3.org/2002/09/wbs/42458/tpac2009/results
1c) Liaisons and Coordination
See status at members page
http://www.w3.org/2008/xmlsec/Group/Overview.html#coordination
1d) Announcements
XMLSec Security Library (xmlsec) version 1.2.13 supports C14N11
(required libXML 2.7.4 or greater)
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0013.html
2) Minutes Approval
Please review minutes, also please indicate corrections in attendance.
8 September 2009 teleconference
http://www.w3.org/2009/09/08-xmlsec-minutes.html
3) Editorial Updates
3a) Updated XML Signature 2.0 draft
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0015.html
(Pratik)
3b) Updated Implementation wiki (ACTION-358)
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0016.html
(Sean)
4) Open Issues noted in XML Signature specification - to resolve
4a) XML Signature and XML Encryption Mandatory to implement algorithms
4a-i) See note in section 6.1 of XML Signature
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-Algorithms
in particular, status of ECDSAwithSHA256 as required.
4a-ii) See note in section 5.1 of XML Encryption
http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/Overview.htm#sec-AlgID
in particular, status of Elliptic Curve Diffie-Hellman (Ephemeral-
Static mode) as required.
See ISSUE-91
4a-iii) XML Security Algorithm Cross-Reference
Document will require update when these issues are resolved
"This algorithm is under consideration as a mandatory to implement
algorithm"
http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html#ECDSA
and
http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html#key-agreement-uris
4b) XML Signature ECKeyValueType
see Note in section 4.4.2.3
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-ECKeyValue
Accept what is in current draft and remove note?
5) C14N 2.0
http://www.w3.org/2008/xmlsec/Drafts/c14n-20/
Please review and comment on public mailing list.
6) XML Signature 2.0
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/
Please review and comment on public mailing list.
7) Streamable XPath Subset
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0005.html
(Pratik, discussed on last call)
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0010.html (Ed)
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0011.html
(Pratik)
8) XPath Filter 2
Action, proposal to clarify C14N11 spec and/or Canonicalization 2.0?
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0009.html (Ed)
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0012.html
(Scott)
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0014.html
(Ed)
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0017.html
(Frederick)
9) Errata
Proposal related to ACTION-297, ACTION-298 and ACTION-320
http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0006.html
(Konrad)
10) Action review
10a) Close Pending actions
These will be closed after the meeting unless concern raised before or
during meeting. Please review in advance of meeting.
ACTION-349: Pratik Datta to Add section on extensibility and byte
ranges to signature 2.0
ACTION-354: Pratik Datta to Circulate draft schema for Transform
ACTION-358: Sean Mullan to Add jdk7 implementation to wiki
ACTION-361: Pratik Datta to Edit 2.0 spec to remove material from
previous version unless incorporated in 2.0, specifically old
transform model. Make clear 1.1 still allowed..
ACTION-363: Scott Cantor to Respond on substantive comments on XSD
schema in RelaxNG email.
10b) Open Action Review
Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open
Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions
Please review open action list and update your actions appropriately:
http://www.w3.org/2008/xmlsec/actions-open.html
11) Issue review
http://www.w3.org/2008/xmlsec/track/issues/open
12) Other Business
13) Adjourn
Scribing list
----------------
Konrad Lanz, IAIK (24 February 2009, 16 July F2F am)
Juan Carlos Cruellas, Universitat Politècnica de Catalunya (17
February 2009, 16 September 2008)
Kelvin Yiu, Microsoft (28 April 2009)
Bruce Rich, IBM (5 May 2009)
Sean Mullan, Sun (12 May 2009 F2F am)
Gerald Edgar, Boeing (12 May 2009 F2F pm, 7 April 2009)
Brian LaMacchia, Microsoft (13 May 2009 F2F am)
Pratik Datta, Oracle (13 May 2009 F2F pm)
Magnus Nyström, EMC (2 June, 2009, 24 March 2009)
Hal Lockhart, Oracle (16 June 2009, 9 December 2008)
Shivaram Mysore, Invited Expert (23 June 2009, F2F 14 January 2009, pm)
Cynthia Martin, MITRE (7 July 2009, 9 June 2009)
Bradley Hill, Invited Expert (14 July 2009, 27 January 2009)
Chris Solc, Adobe (21 July 2009, 3 March 2009)
Thomas Roessler/Ed Simon, Invited Expert (11 August 2009, 31 March 2009)
John Wray, IBM (1 Sept 2009, 21 April 2009)
Scott Cantor, invited expert (8 Sept 2009, 28 July 2009, 24 March 2009)
regards, Frederick
Frederick Hirsch, Nokia
Chair XML Security WG
Received on Friday, 18 September 2009 16:21:32 UTC