See also: IRC log
<trackbot> Date: 19 January 2010
<fjh> http://www.w3.org/2010/01/12-xmlsec-minutes.html
RESOLUTION: January 12 minutes approved
<fjh> editorial updates are listed in agenda
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0091.html
fjh says XML Sig 1.1 is in good shape.
fjh: XML Signature 1.1 and Signature Properties in not quite so good shape.
<fjh> issue-91?
<trackbot> ISSUE-91 -- ECC can't be REQUIRED -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/91
Issue 91: Elliptic Curve
Will be a phone call with RIM.
<tlr> action-488?
<trackbot> ACTION-488 -- Thomas Roessler to rephrase ECC note as appropriate, if needed -- due 2010-01-23 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/488
<tlr> continues
<fjh> :)
<tlr> tlr: there will be a call later this week; we'll see what happens
<fjh> issue-173?
<trackbot> ISSUE-173 -- Signature Properties specification does not state where the properties must be placed -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/173
<fjh> issue-173 closed
<trackbot> ISSUE-173 Signature Properties specification does not state where the properties must be placed closed
<fjh> issue-174?
<trackbot> ISSUE-174 -- Driver XSD schema needed for Signature Properties -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/174
<fjh> issue-174 closed
<trackbot> ISSUE-174 Driver XSD schema needed for Signature Properties closed
<fjh> issue-175?
<trackbot> ISSUE-175 -- Driver RNG schema needed for Signature Properties -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/175
<fjh> issue-175 closed
<trackbot> ISSUE-175 Driver RNG schema needed for Signature Properties closed
<fjh> issue-176?
<trackbot> ISSUE-176 -- RNG schema for Signature 1.1 depends on xslt.rnc -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/176
<fjh> issue-176 closed
<trackbot> ISSUE-176 RNG schema for Signature 1.1 depends on xslt.rnc closed
<fjh> issue-177?
<trackbot> ISSUE-177 -- Sp-example.xml in Signature Properties does not validate again rnc schema any-containing-xmldsig11.rnc -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/177
<fjh> issue-177 closed
<trackbot> ISSUE-177 Sp-example.xml in Signature Properties does not validate again rnc schema any-containing-xmldsig11.rnc closed
<fjh> issue-178?
<trackbot> ISSUE-178 -- Highlight additional text constraints on XSD schema as such. -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/178
<fjh> suggest we focus on encryption for this one, concern specifically on encryption
<fjh> scott notes focus on 2.0 higher priority, not change presentation of existing work since used
<fjh> proposed resolution: WG agrees to not change XML Signature 1.1 for ISSUE-178 and limit changes to essential changes at this point
RESOLUTION: WG agrees to not change XML Signature 1.1 for ISSUE-178 and limit changes to essential changes at this point
<fjh> AKI in X509Data?
AKI is Authority Key Identifier
Brian: SKI was part of original
v3 spec; no agreement on common format of what's inside.
... AKI is identifier of parent-issuing cert; can have two
forms
... Cannot see a reason to add a particular subtype for it in
X509Data
<fjh> brian notes that RetrievalMethod could be used to obtain cert, ski to identify cert
<fjh> use case was to find cert and ca without putting cert into signature, agree RetrievalMethod was supposed to do this.
<scantor> we would have created a new 1.1 RetrievalMethod, but the bug with that element is in the thing you're pointing to (e.g. X509Data) and not the source element
<fjh> issue: update ECC warning for last call
<trackbot> Created ISSUE-179 - Update ECC warning for last call ; please complete additional details at http://www.w3.org/2008/xmlsec/track/issues/179/edit .
<fjh> action-350?
<trackbot> ACTION-350 -- Ed Simon to propose text to align node set result treatment for XSLT and XPath in 1.1 spec -- due 2009-08-04 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/350
<fjh> Not issue for 2.0 due to redesign.
<fjh> For 1.1 implementors have already dealt with it, no need to resolve.
<fjh> action-350 closed
<trackbot> ACTION-350 Propose text to align node set result treatment for XSLT and XPath in 1.1 spec closed
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0080.html
<fjh> action-352?
<trackbot> ACTION-352 -- Ed Simon to propose concrete examples for multiple nodeset cases -- due 2009-08-18 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/352
<fjh> action-352 closed
<trackbot> ACTION-352 Propose concrete examples for multiple nodeset cases closed
<fjh> issue-141?
<trackbot> ISSUE-141 -- C14N 1.1 processing of non-element, non-PI nodes in a node set -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/141
<fjh> issue-141 closed
<trackbot> ISSUE-141 C14N 1.1 processing of non-element, non-PI nodes in a node set closed
<tlr> +1
RESOLUTION: WG will decide on last call for Signature 1.1 and Signature Properties next week; spec frozen except for obvious bugs
<tlr> ACTION: thomas to check namespace document and signature algorithms check [recorded in http://www.w3.org/2010/01/19-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-498 - Check namespace document and signature algorithms check [on Thomas Roessler - due 2010-01-26].
<fjh> issue-150?
<trackbot> ISSUE-150 -- Use of XML encryption type encoding in EXI -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/150
<fjh> issue-178?
<trackbot> ISSUE-178 -- Highlight additional text constraints on XSD schema as such. -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/178
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0084.html
<fjh> Section 8 identifies Joseph Reagle as the contact for the XML Encryption media type. This needs to be updated, perhaps to a generic identity?
<tlr> ACTION: thomas to check in on IANA media type *update* procedures [recorded in http://www.w3.org/2010/01/19-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-499 - Check in on IANA media type *update* procedures [on Thomas Roessler - due 2010-01-26].
<fjh> question, does XML Enc 1.1 need new namespace, is it another "version"?
<fjh> I don't think it warrants a new namespace, apart from new ECC material in schema
<fjh> tlr notes WG had earlier agreement, new namespace only for new schema parts
<fjh> issue: Section 8 identifies Joseph Reagle as the contact for the XML Encryption media type. This needs to be updated, perhaps to a generic identity?
<trackbot> Created ISSUE-180 - Section 8 identifies Joseph Reagle as the contact for the XML Encryption media type. This needs to be updated, perhaps to a generic identity? ; please complete additional details at http://www.w3.org/2008/xmlsec/track/issues/180/edit .
<fjh> issue: clarify section 1.3 of xml encryption re versioning and namespaces
<trackbot> Created ISSUE-181 - Clarify section 1.3 of xml encryption re versioning and namespaces ; please complete additional details at http://www.w3.org/2008/xmlsec/track/issues/181/edit .
<fjh> should check on the xml enc 1.1, e.g. AES-GCM
<tlr> ACTION: thomas to update namespace section in Encryption 1.1 [recorded in http://www.w3.org/2010/01/19-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-500 - Update namespace section in Encryption 1.1 [on Thomas Roessler - due 2010-01-26].
<fjh> ACTION: fjh to make minor editorial updates noted in http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0084.html [recorded in http://www.w3.org/2010/01/19-xmlsec-minutes.html#action04]
<trackbot> Created ACTION-501 - Make minor editorial updates noted in http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0084.html [on Frederick Hirsch - due 2010-01-26].
<fjh> issue-164?
<trackbot> ISSUE-164 -- RNG schema needed for Generic Hybrid Ciphers -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/164
Pratik is updating the spec
Need to come to closure re retrieval method and missing IDs
<fjh> issue: need Retrieval Method proposal for 2.0, KeyInfo correction or continuation of original material
<trackbot> Created ISSUE-182 - Need Retrieval Method proposal for 2.0, KeyInfo correction or continuation of original material ; please complete additional details at http://www.w3.org/2008/xmlsec/track/issues/182/edit .
<fjh> need to add ids to keyinfo children
<tlr> "don't go there"
Suggest that RetrievalMethod should be deprecated
<fjh> discussion of merits of fixing keyinfo
tlr: suggest introducting wrapper element with content model of KeyInfo
<fjh> scott notes changing retrieval method processing rules opens new possibilities
scott: if RetrievalMethod processing can be changed, then maybe RetrievalMethod is redeemable
<fjh> how does id on outer wrapper address concern of locating specific elements within KeyInfo
scott: problem now is RetrievalMethod is ID-based and we are missing ID attributes
<scantor> ACTION: scantor to propose new model for RetrievalMethod in 2.0 [recorded in http://www.w3.org/2010/01/19-xmlsec-minutes.html#action05]
<trackbot> Created ACTION-502 - Propose new model for RetrievalMethod in 2.0 [on Scott Cantor - due 2010-01-26].
<fjh> adding ids seems a reasonable schema break?
<fjh> scott notes security risk
* I can hardly hear Pratik, Pratik please type in your comments.
<fjh> discussion of 2.0 pseudocode
<fjh> scott notes need normative language
Scott would like to see psuedocode removed from normative sections.
<fjh> Scott suggested collecting pseudo-code into one section, need clear normative language
Doesn't SOAP have both a normative and tutorial-like documents?
<fjh> many specs do, e.g. XML Schema, SOAP etc
<fjh> scott suggests moving some material from signature 2.0 into c14n 2.0
<fjh> schema
Scott highlights that nodeset interface between c14n and signature is not req'd for 2.0
Scott should be able to have a 2.0 c14n alg that can handle SignedInfo
<fjh> discussion of 2.0 signatures can SIgnedInfo be canonicalized with either C14N11 or C14N2.0?
<fjh> scott - when canonicalize SignedInfo, constrain which alg to use based on 2.0 transform model or not
<fjh> constraining would reduce testing work
<fjh> preference for constraining options where possible
<fjh> issue: constrain 2.0 SignedInfo canonicalization choice for 2.0 model?
<trackbot> Created ISSUE-183 - Constrain 2.0 SignedInfo canonicalization choice for 2.0 model? ; please complete additional details at http://www.w3.org/2008/xmlsec/track/issues/183/edit .
<fjh> not necessarily bound to specific algorithm
<fjh> we have similar text for reference model, need similar for SignedInfo
Scott mentions that SignatureMethod has the wildcard in it
Reason for F2F is that we should be ready in a few months to be in a good position for 2.0 and also interop
<fhirsch> 8 weeks notice needed for F2F
<fhirsch> implies decision before April
<fhirsch> 2.0 open issues would justify F2F
<fhirsch> lack of interop would imply long CR
<fhirsch> when can we expect stable 2.0 spec, and review period
tlr says focus on getting 2.0 stable, then evaluate need for F2F
tlr suggests get new round of draft for 2.0, then review, and see whether issues requires F2F
<fhirsch> would like to publish new draft in feb of 2.0
tlr: get new draft in February, see what the level of review feedback is
<fhirsch> request for additional interop testing in conjunction with Last Call publication...
<fhirsch> ask for interop with publication of 2.0 wd
<fhirsch> 2 wks between publications.
fjh: Let Thomas and I know if you have any plans for interop and testing
<fhirsch> scott notes issue of shifting security algs could be addressed by appropriate conformance docs
<fhirsch> scott will raise issue of xml security 1.1 in sstc
discussion about aligning current algorithm lists with specs
discussion of how to co-ordinate with other specs that use XML Signature and XML Encryption with new versions of XML Signature and XML Encryption
<fjh> need agreement on end state for various spec
hal suggests getting a limited set of interested parties together to discuss how to co-ordinate synchronizing algs, crypto specs, and the specs that use them
<fjh> best practice - only conformance statement for algorithms etc
<fjh> ACTION: scantor to raise use of XML Signature 1.1 in OASIS SSTC [recorded in http://www.w3.org/2010/01/19-xmlsec-minutes.html#action07]
<trackbot> Created ACTION-503 - Raise use of XML Signature 1.1 in OASIS SSTC [on Scott Cantor - due 2010-01-26].
fjh says we should continue to discuss on the list
<fjh> ACTION: hal to remind ws-sx of xml signature 1.1 [recorded in http://www.w3.org/2010/01/19-xmlsec-minutes.html#action08]
<trackbot> Created ACTION-504 - Remind ws-sx of xml signature 1.1 [on Hal Lockhart - due 2010-01-26].
<Cynthia> can you state the status of action 91? Thanks
<Cynthia> sorry that's ISSUE-91: ECC can't be REQUIRED in progress
<fhirsch> ACTION: tlr to update acknowledgements in Requirements 1.1 and 2.0, also for Signature Properties [recorded in http://www.w3.org/2010/01/19-xmlsec-minutes.html#action09]
<trackbot> Created ACTION-505 - Update acknowledgements in Requirements 1.1 and 2.0, also for Signature Properties [on Thomas Roessler - due 2010-01-26].
<fjh> ScribeNick: esimon2