See also: IRC log
<trackbot> Date: 21 August 2012
<scribe> ScribeNick: fjh
fjh: no announcements
Approve minutes, 14 August 2012
http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/att-0014/minutes-2012-08-14.html
RESOLUTION: Minutes from 14 August 2012 are approved.
WG is awaiting completed PAG report and recommendation which was to be published in August.
CfC out to change RSA 1.5 from Required to Optional: http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/0019.html
fjh: Concludes 28 August, please respond on list. A number of +1's so far. Please indicate support on list.
fjh: Brought "XML Security Algorithm Cross-Reference" up to date, many changes. Please review.
http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/0022.html
scantor: noticed there is advice about beyond 2010, yet now we are in 2012
... suggest we re-word to talk about "legacy signatures"
fjh: it is in the spec as well, that is where it is from
... " XML Signature 1.1 implementations may but are not required to support DSA-based signature generation, and given the short key size and the SP800-57 guidelines, DSA with 1024-bit prime moduli should not be used for signatures that will be verified beyond 2010."
... in section 6.4.1 DSA
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.src.html#sec-DSA
pdatta: in NIST spec as well
fjh: need to fix this
ISSUE: fix in XML Signature and cross-reference advice about 2010
<trackbot> Created ISSUE-233 - Fix in XML Signature and cross-reference advice about 2010 ; please complete additional details at http://www.w3.org/2008/xmlsec/track/issues/233/edit .
<scribe> ACTION: fjh to review and propose changes related to 2010 wording [recorded in http://www.w3.org/2012/08/21-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-899 - Review and propose changes related to 2010 wording [on Frederick Hirsch - due 2012-08-28].
fjh: Plan to publish updated WD in conjunction with LC publications.
fjh: I updated the "XML Signature 1.1 Interop Test Report" to record completion of SHA-224 interop, HMAC Output Length; editorial cleanup.
http://lists.w3.org/Archives/Public/public-xmlsec/2012Aug/0017.html
fjh: Items planned to be removed from XML Signature 1.1 at end of August: OCSPResponse, X509Digest; DEREncodedKeyValue, KeyInfoReference
scantor: possibly second implementation on X509Digest; DEREncodedKeyValue, KeyInfoReference
... KeyInfoReference is more difficult
... but waiting until we know if two separate implementations from same author ok for these before doing the work
fjh: waiting on thomas for decision
... Items planned to be removed from XML Encryption 1.1 at end of August: AES-128/192/256-pad Symmetric Key Wrap, Key Agreement (ECDH, DH)
... Magnus may be able to provide test vectors and test for Key Agreement (ECDH, DH)
pdatta: Oracle has this for key agreement
<scribe> ACTION: pdatta to contact Magnus regarding key agreement test cases and interop [recorded in http://www.w3.org/2012/08/21-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-900 - Contact Magnus regarding key agreement test cases and interop [on Pratik Datta - due 2012-08-28].
fjh: looking at xmlsec open library to see if that is an alternative path
scantor: will look to see if I can have an alternative author for the Java code we work with
fjh: Formatting issue for schema/examples in XML Signature 1.1 introduced with ReSpec v3 change
... hesitant to make this update to ReSpec but needed to for bibliography maintenance
... I am following up with Robin Berjon regarding ReSpec schema formatting issue, think it might be sh_xml issue.
... but we seem to have time before next publication
ACTION-238?
<trackbot> ACTION-238 -- Thomas Roessler to draft proposal to add identifiers for ECDSA-RIPEMD, RSA-WHIRLPOOL, ECDSA-WHIRLPOOL to XML Security Algorithms Cross-Reference (follow up to ACTION-222) -- due 2012-09-30 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/238
ACTION-717?
<trackbot> ACTION-717 -- Pratik Datta to document the Performance improvements with 2.0 -- due 2010-11-09 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/717
ACTION-883?
<trackbot> ACTION-883 -- Frederick Hirsch to review C14N 20 test cases document -- due 2012-04-10 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/883
ACTION-892?
<trackbot> ACTION-892 -- Pratik Datta to check on adding KeyInfoReference -- due 2012-07-31 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/892
pdatta: might be able to do this
scantor: using SAML code for this
... could have a test for it, but it isn't specific for XML Signature
... hard to make stand-alone RetrievalMethod test
... if you have existing same document RetrievalMethod, you could generate and I could test it, possibly with Santorio code
... will check with Brent regarding current retrievalmethod code, whether we can do something
... will follow up with Pratik
pdatta: will also check this, see if we can add this, as we already have RetrievalMethod, should be able to do this
ACTION-897?
<trackbot> ACTION-897 -- Thomas Roessler to confirm whether two implementations from one author are ok for DEREncodedKeyValue and KeyInfoReference specifically -- due 2012-08-21 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/897
ACTION-890?
<trackbot> ACTION-890 -- Thomas Roessler to check with team whether CR draft can have features marked as at risk during CR without an additional LC cycle -- due 2012-07-31 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/890
ACTION-890 closed
<trackbot> ACTION-890 Check with team whether CR draft can have features marked as at risk during CR without an additional LC cycle closed
ACTION-891?
<trackbot> ACTION-891 -- Pratik Datta to put SHA-224 test cases and results for interop into CVS -- due 2012-07-31 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/891
ACTION-891 closed
<trackbot> ACTION-891 Put SHA-224 test cases and results for interop into CVS closed
ACTION-893?
<trackbot> ACTION-893 -- Magnus Nystrom to check on AES-128-GCM interop test -- due 2012-07-31 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/893
ACTION-893 closed
<trackbot> ACTION-893 Check on AES-128-GCM interop test closed
ACTION-894?
<trackbot> ACTION-894 -- Thomas Roessler to discuss with team and director process issues about Signature 1.1/Encryption 1.1 to rec with some optional URIs for algorithms that do not have 2 implementations -- due 2012-08-31 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/894
ACTION-894 closed
<trackbot> ACTION-894 Discuss with team and director process issues about Signature 1.1/Encryption 1.1 to rec with some optional URIs for algorithms that do not have 2 implementations closed
ACTION-895?
<trackbot> ACTION-895 -- Frederick Hirsch to send CfC to list to close out interop on RSA-OAEP key transport as we have it for one MGF function, question is that enough -- due 2012-07-31 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/895
ACTION-895 closed
<trackbot> ACTION-895 Send CfC to list to close out interop on RSA-OAEP key transport as we have it for one MGF function, question is that enough closed
ACTION-896?
<trackbot> ACTION-896 -- Frederick Hirsch to share AES-128-GCM on list and add to the test cases document -- due 2012-08-21 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/896
ACTION-896 closed
<trackbot> ACTION-896 Share AES-128-GCM on list and add to the test cases document closed
ACTION-898?
<trackbot> ACTION-898 -- Frederick Hirsch to draft proposal and CfC on list to change algorithm requirement for RSA v1.5 -- due 2012-08-21 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/898
ACTION-898 closed
<trackbot> ACTION-898 Draft proposal and CfC on list to change algorithm requirement for RSA v1.5 closed
fjh: Scott will check whether he can resource an additional implementer (Brent) to complete implementation and interop of XML Signature 1.1 X509Digest; DEREncodedKeyValue, KeyInfoReference, to eliminate issue of same author and to obtain two implementations for these
... Pratik will look into KeyInfoReference implementation and interop with Scott of this
... Pratik will contact Magnus regarding XML Encryption 1.1 Key Agreement test cases and interop, he already has the test cases but needs to complete interop
... Frederick to make proposal on list to fix wording regarding 2010 for XML Signature 1.1 section 6.4.1 DSA and algorithms cross reference
... Frederick to follow up to fix formatting of schema/code due to ReSpec update
<scribe> ACTION: fjh to send message to list regarding OCSPResponse and AES-128/192/256-pad Symmetric Key Wrap [recorded in http://www.w3.org/2012/08/21-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-901 - Send message to list regarding OCSPResponse and AES-128/192/256-pad Symmetric Key Wrap [on Frederick Hirsch - due 2012-08-28].
<scribe> ACTION: scantor to check whether he can resource an additional implementer (Brent) to complete implementation and interop of XML Signature 1.1 X509Digest; DEREncodedKeyValue, KeyInfoReference, to eliminate issue of same author and to obtain two implementations for these [recorded in http://www.w3.org/2012/08/21-xmlsec-minutes.html#action04]
<trackbot> Created ACTION-902 - Check whether he can resource an additional implementer (Brent) to complete implementation and interop of XML Signature 1.1 X509Digest; DEREncodedKeyValue, KeyInfoReference, to eliminate issue of same author and to obtain two implementations for these [on Scott Cantor - due 2012-08-28].
<scribe> ACTION: pdatta look into creating KeyInfoReference implementation and interop with Scott [recorded in http://www.w3.org/2012/08/21-xmlsec-minutes.html#action05]
<trackbot> Created ACTION-903 - Look into creating KeyInfoReference implementation and interop with Scott [on Pratik Datta - due 2012-08-28].
<scribe> ACTION: fjh to follow up to fix formatting of schema/code due to ReSpec update [recorded in http://www.w3.org/2012/08/21-xmlsec-minutes.html#action06]
<trackbot> Created ACTION-904 - Follow up to fix formatting of schema/code due to ReSpec update [on Frederick Hirsch - due 2012-08-28].
pdatta: Are the AES128-GCM test cases from Magnus checked in?
fjh: I checked them in and updated the "Test Cases for XML Encryption 1.1" document, adding to the end of section 2.1
... see http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/test-cases/Overview.src.html#sec-KeyWrapping