W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2011

Agenda - Distributed Meeting 2011-01-18

From: <Frederick.Hirsch@nokia.com>
Date: Mon, 17 Jan 2011 22:47:17 +0100
To: <public-xmlsec@w3.org>
CC: <Frederick.Hirsch@nokia.com>
Message-ID: <1F649BDE-DFF6-4138-A982-AF8D9B81F6DA@nokia.com>
Agenda: W3C XML Security WG Distributed Meeting #93,  18 January 2011  Distributed Meeting

Logistics details and links to information at the bottom of this email.

1) Administrivia: Scribe confirmation, Agenda review, Meeting  Planning, Liaisons, Announcements

proposed RESOLUTION: Cancel the teleconference 1 February 2011.
2) Minutes Approval

Approve minutes, 11 January 2011


Proposed RESOLUTION: Minutes from 11 January 2011  are approved.

3)  ECC, ISSUE-91

Update on status and next steps from Thomas. 

New information to alter decision whether to make ECC Optional?

WG discussion of http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0035.html ?

WG decision regarding formation of a PAG?

Information on PAG from W3C process: http://www.w3.org/Consortium/Patent-Policy-20040205/#sec-PAG-formation and http://www.w3.org/2007/04/patent-exception-management

proposed ACTION: tlr to update XML Signature 1.1 and XML Encryption 1.1 status sections for ECC status.

4)  XML Security 1.1 CR 

Process for CR: http://www.w3.org/2005/10/Process-20051014/tr.html#cfi

Documents for CR: XML Signature 1.1, XML Encryption 1.1, XML Security Properties, XML Security Generic Hybrid Ciphers

4a)   Explain and reference review

http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0039.html (Magnus), ACTION-767

Editorial updates completed:

http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0042.html (Frederick)


+ Need direct link for X9.44 (not a blocker for CR)

+  Need RFC for ECC-ALGS (but not a blocker for CR)

+ Update 1.1 cross references when going to CR

Need review of XML Signature explain document, references (Cynthia?)

4b) base64 placement, 

ACTION-766		Implement change for base64	Brian LaMacchia

4c) WG decision on at risk items

Items not core to specification that might not achieve interop and might be removed without triggering a new Last Call cycle.

XML Signature 1.1 - At risk: ECC ECKeyValue, DEREncodedKeyValue, XPath 2.0

XML Encryption 1.1 - At risk: ECDH KeyValues, AES Keywrap with padding, ECDH-ES, Derived Keys

XML Security Properties  - At risk: from last week, "RESOLUTION: mark the Created/Expires/ReplayProtect properties as "at risk" and move the entire Signature Properties document to CR along with the other 1.1 CR drafts.", http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/att-0030/minutes-2011-01-11.html#item05

XML Security Generic Hybrid Ciphers - At risk: nothing.

A whole spec cannot be at risk, if if does not achieve exit criteria it stays at CR indefinitely (Thomas to confirm)

4d) WG decision on  Exit Criteria

Two interoperable implementations for all mandatory and optional features?

4e) Publication Schedule

Agree this week, 18 January to bring the following to Candidate Recommendation (CR) status:

XML Signature 1.1, XML Encryption 1.1, XML Security Properties, XML Security Generic Hybrid Ciphers

(see roadmap, http://www.w3.org/2008/xmlsec/wiki/Roadmap)

Hold Director's call week of 24 January, publish 27 January 2011.

5) XML Security  2.0

5a) Make PositionAssertion verification mandatory  if present.

http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0031.html (Henrich)

5b) CURIEs

http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0032.html (Thomas)

proposed RESOLUTION: Remove CURIES from XML Signature 2.0 QNameAware description, add note that they are not in scope since they have their own prefix binding mechanism.

5c) Namespace Prefixes in XPath profile

http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0033.html (Meiko)

5d) Status of 2.0 related actions

ACTION-476        Review xml signature 2.0	Frederick Hirsch	2010-08-18	XML Signature 2.0

ACTION-538		Provide proposal related to namespace wrapping attacks once XPath profile available	Meiko Jensen

ACTION-619		Review Meiko proposal for ACTION-538	Ed Simon	

ACTION-717		Document the Performance improvements with 2.0	Pratik Datta	

ACTION-732		Add example to signature 2.0 once Meiko shares text on list, see ACTION-711	Frederick Hirsch	
ACTION-753		Work on creating 2.0 example for Signature 2.0	Scott Cantor

ACTION-759		Update requirements section of c14n2 with context/exclusive c14n requirement and description	Pratik Datta	2011-01-11	

ACTION-763		Review ISSUE-198 and where algorithm should be placed	Pratik Datta	2011-01-11	


6)   Action and Issue Review

6a) Close Pending actions

These will be closed after the meeting unless concern raised before  or  during meeting. Please review in advance of meeting.

ACTION-700		Review xml signature properties interop status re widget signature	Frederick Hirsch

ACTION-729		Highlight potential issue with non-support for xml:base through removal of inclusive in xml signature and c14n2 drafts	Pratik Datta

ACTION-747		Update XPath profile for Option 1 in proposal associated with ACTION-737	Pratik Datta
ACTION-758		Update abstract and intro of c14N2 to remove relationship to C14N1 and exclusive in abstract and explain relationship in intro	Pratik Datta

ACTION-760		Help simplify and clarify processing for Curie in C14N2	Thomas Roessler
ACTION-761		Explain importance and need for Curie support	Thomas Roessler
ACTION-765		Review 1.1 requirements and signature 1.1 and encryption 1.1 explain documents	Frederick Hirsch
ACTION-767		Review XML Encryption 1.1 references to external document sections, explain document and requirements	Magnus Nystrom

ACTION-768		Follow up on ISSUE-226 and byte range with Henrich	Meiko Jensen

7) Other Business

8) Adjourn

Scribing  list
Thomas Roessler (31 August 2010, 4 May, 2010, 20 April 2010)
Magnus Nystrˆm, Microsoft (7 Sept 2010, 27 April, 2010, 2 June, 2009)
Chris Solc, Adobe (14 Sept 2010, 26 January 2010, 8 December 2009)
Shivaram Mysore, Invited Expert (28 Sept 2010, 7 Sept 2010, 6 November 2009 F2F, 23 June 2009)
Brian LaMacchia, Microsoft (19 October 2010, 25 May 2010, 6 November 2009 F2F)
Scott Cantor, invited expert (19 October 2010, 31 August 2010, 1 June 2010, 24 Nov 2009)
Meiko Jensen (2 November 2010 F2F,  21 Sept 2010, 11 May, 2010)
Bruce Rich, IBM (1 & 2 November 2010 F2F, 30 March 2010)
Cynthia Martin, MITRE (30 November 2010, 26 October 2010, 6 July 2010, 2 March 2010)
Ed Simon, Invited Expert (7 December 2010, 15 June 2010, 25 January 2010)
Gerald Edgar, Boeing (14 December 2010, 16 November 2010, 10 August 2010, 22 June 2010, 13 April 2010)
Pratik Datta, Oracle (4 January 2010, 27 July 2010, 20 October 2009)
Hal Lockhart, Oracle (11 January 2011, 17 August 2010, 2 February 2010, 27 October 2009)

Not seen recently:
Bradley Hill, Invited Expert (14 July 2009)
John Wray, IBM (15 Dec 2009, 1 Sept 2009)
Sean Mullan, Oracle (12 January 2010, 6 October 2009)
Aldrin d'Souza, EMC (9 Feb 2010)
Karel Wouters IBBT, (9 March 2010)

Logistics Info:

10-12:00 am Eastern Time
Information on meeting times in various time zones:

Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')

IRC Chat: irc.w3.org (port 6665), #xmlsec

Web-based IRC (member-only): <http://irc.w3.org/?channels=xmlsec>

Please note that attendance of XMLSEC WG teleconferences is  restricted  to registered WG participants and persons invited by the chair.

Scribe Instructions: <http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html

Liaison information: <http://www.w3.org/2008/xmlsec/Group/Overview.html#coordination

Publication Status available at <http://www.w3.org/2008/xmlsec/wiki/PublicationStatus

Roadmap at <http://www.w3.org/2008/xmlsec/wiki/Roadmap>
regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG
Received on Monday, 17 January 2011 21:48:21 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:15 UTC