# XML Security Working Group Teleconference

## 03 Apr 2012

[Agenda][3]

See also: [IRC log][4]

## Attendees

Present

    Frederick_Hirsch, Chris_Solc, Scott_Cantor, Ed_Simon, Pratik_Datta

Regrets

    Bruce_Rich, Gerald_Edgar

Chair

    Frederick_Hirsch

Scribe

    fjh

## Contents

  * [Topics][5]

    1. [Administrative][6]

    2. [Minutes Approval][7]

    3. ["XML Security Algorithm Cross-Reference"][8]

    4. [Functional explanation documents as W3C Notes][9]

    5. [Draft XML Signature 1.1 and XML Encryption 1.1 interop test
reports][10]

    6. [XML Security 2.0][11]

    7. [action review][12]

    8. [Other Business][13]

    9. [Adjourn][14]

  * [Summary of Action Items][15]

* * *

<trackbot> Date: 03 April 2012

### Administrative

fjh: CR of "XML Encryption 1.1" and "XML Encryption 1.1 CipherReference
Processing using 2.0 Transforms"

... published on 13 March 2012 - [http://lists.w3.org/Archives/Public/public-
xmlsec/2012Mar/0011.html][16]

... Every Rec track spec in 1.1 and 2.0 is now in CR.

... PAG is attempting to schedule call for Thur or Fri

### Minutes Approval

Approve minutes, 13 March 2012

[http://lists.w3.org/Archives/Public/public-
xmlsec/2012Mar/att-0010/minutes-2012-03-13.html][17]

Proposed RESOLUTION: Minutes from 13 March 2012 are approved.

**RESOLUTION: Minutes from 13 March 2012 are approved.**

### "XML Security Algorithm Cross-Reference"

fjh: I updated to note that AES128-GCM is mandatory, to update the xml
encryption 1.1 reference, and to fix internal xml encryption links (Frederick)

see [http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html][18]

[http://lists.w3.org/Archives/Public/public-xmlsec/2012Mar/0011.html][16]

Will publish update to this draft with next round of publications

### Functional explanation documents as W3C Notes

fjh: Created Editors drafts for W3C Notes (Frederick)

[http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core1-explain/Overview.html][19]

[http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core1-explain/Overview.html][20]

Will publish update to these drafts with next round of publications

### Draft XML Signature 1.1 and XML Encryption 1.1 interop test reports

Review and discuss interop test reports

XML Signature 1.1 Interop Test Report

[http://www.w3.org/2008/xmlsec/Drafts/xmldsig-
core1-interop/Overview.src.html][21]

XML Encryption 1.1 Interop Test Report

[http://www.w3.org/2008/xmlsec/Drafts/xmlenc-
core1-interop/Overview.src.html][22]

fjh: colored sections green for what is done, red is what is not done

... for XML Signature 1.1 interop is done for elliptic curve and SHA
algorithms

... the gap is for X509 data enhancements, and perhaps some work on KeyInfo

... some of the clarifications may not need interop

... expect no need to interop test exclusive c14n since deployed and in use,
spec merely updated to reflect practice

<scribe> **ACTION:** pdatta to contact sean regarding signature 1.1 interop
and whether x509 enhancements were implemented [recorded in
[http://www.w3.org/2012/04/03-xmlsec-minutes.html#action01][23]]

<trackbot> Created ACTION-880 - Contact sean regarding signature 1.1 interop
and whether x509 enhancements were implemented [on Pratik Datta - due
2012-04-10].

scantor: notes that his implementation includes some of the x.509 changes

fjh: looks like XML Signature 1.1 interop isn't that far from completion if we
can resolve some of the details with x509 and keyinfo

... more to do with encryption, [http://www.w3.org/2008/xmlsec/Drafts/xmlenc-
core1-interop/Overview.src.html][22]

... for derived key, saw algorithm test but not XML

pdatta: correct, xml structure and encryption not done

scantor: XML not always needed, sometimes

... do we have full end to end ECDH test vector

pdatta: XML Encryption 1.1 test cases document should help,
[http://www.w3.org/TR/2012/WD-xmlenc-core1-testcases-20120105/][24]

fjh: I should reference this document from the interop document

pdatta: Oracle has successfully completed tests based on the test cases
document

fjh: we need a second implementation

... this could move XML Encryption 1.1 along

<scribe> **ACTION:** fjh to ask magnus re xml encryption 1.1 test cases
document [recorded in [http://www.w3.org/2012/04/03-xmlsec-
minutes.html#action02][25]]

<trackbot> Created ACTION-881 - Ask magnus re xml encryption 1.1 test cases
document [on Frederick Hirsch - due 2012-04-10].

pdatta: is wss4j helpful?

scantor: no

<scantor> wss4j

<scantor> they use Santiario primarily for XML sec

<scantor> Santuario

<scribe> **ACTION:** fjh to ask bruce rich about xml encryption 1.1 interop
[recorded in [http://www.w3.org/2012/04/03-xmlsec-minutes.html#action03][26]]

<trackbot> Created ACTION-882 - Ask bruce rich about xml encryption 1.1
interop [on Frederick Hirsch - due 2012-04-10].

### XML Security 2.0

pdatta: XML Canonicalization 2.0 is implemented by Oracle, have a test cases
document

... need to make test cases document for XML Signature 2.0, and implementation
is needed

fjh: first step is to get second implementation for C14N 20

<scribe> **ACTION:** fjh to review C14N 20 test cases document [recorded in
[http://www.w3.org/2012/04/03-xmlsec-minutes.html#action04][27]]

<trackbot> Created ACTION-883 - Review C14N 20 test cases document [on
Frederick Hirsch - due 2012-04-10].

### action review

open actions

ACTION-238?

<trackbot> ACTION-238 -- Thomas Roessler to update the proposal associated
with ACTION-222 and send to list. -- due 2012-01-31 -- OPEN

<trackbot> [http://www.w3.org/2008/xmlsec/track/actions/238][28]

ACTION-717?

<trackbot> ACTION-717 -- Pratik Datta to document the Performance improvements
with 2.0 -- due 2010-11-09 -- OPEN

<trackbot> [http://www.w3.org/2008/xmlsec/track/actions/717][29]

ACTION-865?

<trackbot> ACTION-865 -- Frederick Hirsch to contact parties re participation
in interop for 2.0 -- due 2011-12-20 -- OPEN

<trackbot> [http://www.w3.org/2008/xmlsec/track/actions/865][30]

<scribe> pending actions

ACTION-877?

<trackbot> ACTION-877 -- Frederick Hirsch to review 1.1 interop test document
against explain summariy -- due 2012-03-13 -- PENDINGREVIEW

<trackbot> [http://www.w3.org/2008/xmlsec/track/actions/877][31]

ACTION-877 closed

<trackbot> ACTION-877 Review 1.1 interop test document against explain
summariy closed

ACTION-878?

<trackbot> ACTION-878 -- Frederick Hirsch to update developer explain
documents as on Note track -- due 2012-03-20 -- PENDINGREVIEW

<trackbot> [http://www.w3.org/2008/xmlsec/track/actions/878][32]

ACTION-878 closed

<trackbot> ACTION-878 Update developer explain documents as on Note track
closed

ACTION-879?

<trackbot> ACTION-879 -- Frederick Hirsch to create draft interop test report,
run assumptions by the team -- due 2012-03-20 -- PENDINGREVIEW

<trackbot> [http://www.w3.org/2008/xmlsec/track/actions/879][33]

ACTION-879 closed

<trackbot> ACTION-879 Create draft interop test report, run assumptions by the
team closed

### Other Business

**RESOLUTION: Cancel teleconference scheduled for 10 April 2012**

fjh: next teleconference 24 April

... I will send update of interop document to list - Please review and send
comments to the list

### Adjourn

## Summary of Action Items

**[NEW]** **ACTION:** fjh to ask bruce rich about xml encryption 1.1 interop
[recorded in [http://www.w3.org/2012/04/03-xmlsec-minutes.html#action03][26]]

**[NEW]** **ACTION:** fjh to ask magnus re xml encryption 1.1 test cases
document [recorded in [http://www.w3.org/2012/04/03-xmlsec-
minutes.html#action02][25]]

**[NEW]** **ACTION:** fjh to review C14N 20 test cases document [recorded in
[http://www.w3.org/2012/04/03-xmlsec-minutes.html#action04][27]]

**[NEW]** **ACTION:** pdatta to contact sean regarding signature 1.1 interop
and whether x509 enhancements were implemented [recorded in
[http://www.w3.org/2012/04/03-xmlsec-minutes.html#action01][23]]


[End of minutes]

* * *

Minutes formatted by David Booth's [scribe.perl][34] version 1.135 ([CVS
log][35])

$Date: 2009-03-02 03:52:20 $

   [1]: http://www.w3.org/Icons/w3c_home

   [2]: http://www.w3.org/

   [3]: http://lists.w3.org/Archives/Public/public-xmlsec/2012Apr/0001.html

   [4]: http://www.w3.org/2012/04/03-xmlsec-irc

   [5]: #agenda

   [6]: #item01

   [7]: #item02

   [8]: #item03

   [9]: #item04

   [10]: #item05

   [11]: #item06

   [12]: #item07

   [13]: #item08

   [14]: #item09

   [15]: #ActionSummary

   [16]: http://lists.w3.org/Archives/Public/public-xmlsec/2012Mar/0011.html

   [17]: http://lists.w3.org/Archives/Public/public-
xmlsec/2012Mar/att-0010/minutes-2012-03-13.html

   [18]: http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html

   [19]: http://www.w3.org/2008/xmlsec/Drafts/xmldsig-
core1-explain/Overview.html

   [20]: http://www.w3.org/2008/xmlsec/Drafts/xmlenc-
core1-explain/Overview.html

   [21]: http://www.w3.org/2008/xmlsec/Drafts/xmldsig-
core1-interop/Overview.src.html

   [22]: http://www.w3.org/2008/xmlsec/Drafts/xmlenc-
core1-interop/Overview.src.html

   [23]: http://www.w3.org/2012/04/03-xmlsec-minutes.html#action01

   [24]: http://www.w3.org/TR/2012/WD-xmlenc-core1-testcases-20120105/

   [25]: http://www.w3.org/2012/04/03-xmlsec-minutes.html#action02

   [26]: http://www.w3.org/2012/04/03-xmlsec-minutes.html#action03

   [27]: http://www.w3.org/2012/04/03-xmlsec-minutes.html#action04

   [28]: http://www.w3.org/2008/xmlsec/track/actions/238

   [29]: http://www.w3.org/2008/xmlsec/track/actions/717

   [30]: http://www.w3.org/2008/xmlsec/track/actions/865

   [31]: http://www.w3.org/2008/xmlsec/track/actions/877

   [32]: http://www.w3.org/2008/xmlsec/track/actions/878

   [33]: http://www.w3.org/2008/xmlsec/track/actions/879

   [34]: http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm

   [35]: http://dev.w3.org/cvsweb/2002/scribe/