See also: IRC log
<trackbot> Date: 14 August 2012
<scribe> ScribeNick: fjh
XML-Security for C++, V1.7.0 has been released (AES-GCM, RSA_OAEP, bug fixes) : http://lists.w3.org/Archives/Public/public-xmlsec/2012Jul/0033.html
scantor: this is basically done, cannot add the pad key wrap with too much work.
Approve minutes, 24 July 2012
http://lists.w3.org/Archives/Public/public-xmlsec/2012Jul/att-0032/minutes-2012-07-24.html
RESOLUTION: Minutes from 24 July 2012 are approved.
Anticipate conclusion of PAG work in August, however have not seen any announcement.
fjh: I updated all editors drafts to ReSpec v3, added comment to xenc-schema.xsd for xenc:MGF
schema note: http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/0006.html
styling change, http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/0004.html
proposed RESOLUTION: Updated styling of editors drafts is acceptable to WG, e.g. XML Signature 1.1
proposed RESOLUTION: WG approves addition of xenc:MGF comment to xenc-schema.xsd
RESOLUTION: Updated styling of editors drafts is acceptable to WG, e.g. XML Signature 1.1
fjh: and the second one:
RESOLUTION: WG approves addition of xenc:MGF comment to xenc-schema.xsd
Added SHA-224 digest method to XML Signature 1.1 and 2.0.
http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/0009.html
RESOLUTION: WG agrees to addition of SHA-224 to XML Signature 1.1 and XML Signature 2.0
thanks to Pratik for catching the omission of SHA-224
fjh: I updated XML Encryption 1.1 Test Report document - review comments?
http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/0000.html
proposed RESOLUTION: WG agrees to update "XML Encryption 1.1 Test Report" to mark SHA-384, AES-128-GCM, and RSA-OAEP Key Transport as completed.
RESOLUTION: WG agrees to update "XML Encryption 1.1 Test Report" to mark SHA-384, AES-128-GCM, and RSA-OAEP Key Transport as completed.
scantor: no concern about this algorithm, but not sure why there was a problem in the case I tried with original algorithm
<scribe> ACTION: fjh to share AES-128-GCM on list and add to the test cases document [recorded in http://www.w3.org/2012/08/14-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-896 - Share AES-128-GCM on list and add to the test cases document [on Frederick Hirsch - due 2012-08-21].
ACTION-888?
<trackbot> ACTION-888 -- Pratik Datta to distribute test case and result for testing XML Signature 1.1 HMACOutputLength minimum length -- due 2012-06-19 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/888
ACTION-888 closed
<trackbot> ACTION-888 Distribute test case and result for testing XML Signature 1.1 HMACOutputLength minimum length closed
see http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/0007.html
scantor: will test this, also SHA-224
http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/0007.html
scantor: will test this
Items planned to be removed from XML Signature 1.1 at end of August: ECDSA-SHA224, HMAC-SHA224, RSAwithSHA224, X509Data OCSPResponse, X509Digest; KeyInfo DEREncodedKeyValue, KeyInfoReference, HMACOutputLength
Items planned to be removed from XML Encryption 1.1 at end of August: AES-128/192/256-pad Symmetric Key Wrap, Key Agreement (ECDH, DH)
<scribe> ACTION: tlr to confirm whether two implementations from one author are ok for DEREncodedKeyValue and KeyInfoReference specifically [recorded in http://www.w3.org/2012/08/14-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-897 - Confirm whether two implementations from one author are ok for DEREncodedKeyValue and KeyInfoReference specifically [on Thomas Roessler - due 2012-08-21].
fjh: we need an answer to this question before scott does any work on a second implemention
ACTION-897: we need an answer to this question before scott does any work on a second implemention
<trackbot> ACTION-897 Confirm whether two implementations from one author are ok for DEREncodedKeyValue and KeyInfoReference specifically notes added
Thomas confirmed that WG should plan to return to Last Call to remove features or update at-risk sections, http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/0005.html
scantor: disabling older algorithms can reduce risks
... impact on compatibility if disabled, however
fjh: does this mean changing from MUST to SHOULD, to allow implementation to make choice
hal: SSL prevents attacker from obtaining cipher text
scantor: JOSE approach seems right now; cannot leave older algorithms enabled
fjh: seems like disabling algorithms is the right approach
scantor: people using it are just not paying attention
fjh: we should move from REQUIRED to OPTIONAL
scantor: agree
<scribe> ACTION: fjh to draft proposal and CfC on list to change algorithm requirement for RSA v1.5 [recorded in http://www.w3.org/2012/08/14-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-898 - Draft proposal and CfC on list to change algorithm requirement for RSA v1.5 [on Frederick Hirsch - due 2012-08-21].
hal: agree
RESOLUTION: Cancel teleconference 9 October, 30 October, 20 November, 18, 25 December , 1 January
upcoming meeting schedule is here https://www.w3.org/2008/xmlsec/Group/Overview.html#meetings: