# XML Security Working Group Teleconference ## 17 Jan 2012 [Agenda][3] See also: [IRC log][4] ## Attendees Present Frederick_Hirsch, Scott_Cantor, Chris_Solc, Hal_Lockhart Regrets Pratik_Datta, Gerald_Edgar, Bruce_Rich, Shivaram_Mysore, Magnus_Nystrom Chair Frederick_Hirsch Scribe fjh ## Contents * [Topics][5] 1. [Administrative][6] 2. [Minutes Approval][7] 3. [Recent Publications][8] 4. [Schema clarification for XML Encryption 1.1][9] 5. [Editorial update for XML Signature 1.1 and 2.0][10] 6. [PAG status and possible next steps][11] 7. [2.0 CR publication][12] 8. [RELAX NG Schemas][13] 9. [Open Action and Issue review][14] 10. [Other Business][15] 11. [Adjourn][16] * [Summary of Action Items][17] * * * Date: 17 January 2012 ScribeNick: fjh ### Administrative fjh: Happy New Years all. Next call next week, 24 January. No call 7 February. ### Minutes Approval Approve minutes, 20 December 2011 [http://lists.w3.org/Archives/Public/public- xmlsec/2011Dec/att-0037/minutes-2011-12-20.html][18] **RESOLUTION: Minutes from 20 December 2011 are approved.** ### Recent Publications [http://www.w3.org/2008/xmlsec/#news][19] Last Call of "XML Encryption 1.1", "XML Encryption 1.1 CipherReference Processing using 2.0 Transforms". published 5 January 2012 FPWD of "Test Cases for XML Encryption 1.1" and "Test Cases for Canonical XML 2.0" published 5 January 2012 Update of "XML Security Algorithm Cross-Reference" published 5 January 2012 ### Schema clarification for XML Encryption 1.1 [http://lists.w3.org/Archives/Public/public-xmlsec/2012Jan/0011.html][20] scantor: change looks ok ... however need someone to review XML Encryption 1.1 during Last Call for consistency ... describe which child elements that are permitted for each case in document **ACTION:** scantor to review XML Encryption 1.1 for schema and text description consistency and clarity [recorded in [http://www.w3.org/2012/01/17 -xmlsec-minutes.html#action01][21]] Created ACTION-866 - Review XML Encryption 1.1 for schema and text description consistency and clarity [on Scott Cantor - due 2012-01-24]. **ACTION:** fjh to review XML Encryption 1.1 for schema and text description consistency and clarity [recorded in [http://www.w3.org/2012/01/17 -xmlsec-minutes.html#action02][22]] Created ACTION-867 - Review XML Encryption 1.1 for schema and text description consistency and clarity [on Frederick Hirsch - due 2012-01-24]. ### Editorial update for XML Signature 1.1 and 2.0 [http://lists.w3.org/Archives/Public/public-xmlsec/2012Jan/0012.html][23] ### PAG status and possible next steps [https://lists.w3.org/Archives/Member/member-xmlsec- pag/2012JanMar/0000.html][24] (Member only) note that if we do not have IPR coverage for the elliptic curve, the path forward would be to make it informative hal: for clarity, make it non-normative, optional is not enough scantor: would probably have to remove from document hal: could have informative section fjh: informative appendix could work. We still do not know the outcome of the PAG but we probably should think about this ahead. ### 2.0 CR publication Transition call is scheduled for tomorrow, publication date will follow successful transition approval. ### RELAX NG Schemas Plan to also publish update to RELAX NG Schemas document in conjunction with 2.0 CR publication Makoto Fixed typos in namespace names in xmlsec-ghc-schema.{rnc, rng}, introduced an algorithm identifier "[http://www.w3.org/2009/xmlenc11#rsa- oaep][25]", and introduced the MGF element. [https://lists.w3.org/Archives/Member/member-xmlsec- commits/2012Jan/0034.html][26] (Makoto, member only) ### Open Action and Issue review ACTION-238? ACTION-238 -- Thomas Roessler to update the proposal associated with ACTION-222 and send to list. -- due 2012-01-31 -- OPEN [http://www.w3.org/2008/xmlsec/track/actions/238][27] ACTION-717? ACTION-717 -- Pratik Datta to document the Performance improvements with 2.0 -- due 2010-11-09 -- OPEN [http://www.w3.org/2008/xmlsec/track/actions/717][28] ACTION-862? ACTION-862 -- Hal Lockhart to review FIPS and RSA-OAEP question in [http://lists.w3.org/Archives/Public/public-xmlsec/2011Dec/0001.html][29] -- due 2011-12-20 -- OPEN [http://www.w3.org/2008/xmlsec/track/actions/862][30] in progress ACTION-865? ACTION-865 -- Frederick Hirsch to contact parties re participation in interop for 2.0 -- due 2011-12-20 -- OPEN [http://www.w3.org/2008/xmlsec/track/actions/865][31] fjh: Close pending actions close ACTION-850 ACTION-850 Review XML Encryption 1.1 security considerations and propose changes in light of today's discussion closed close ACTION-864 ACTION-864 Implement CR transition closed fjh: issue review ISSUE-227? ISSUE-227 -- CR of XML Encryption 1.1 requires update to namespace refs, [http://lists.w3.org/Archives/Public/public- xmlsec/2011Jun/0017.html][32] -- open [http://www.w3.org/2008/xmlsec/track/issues/227][33] close ISSUE-227 ISSUE-227 CR of XML Encryption 1.1 requires update to namespace refs, [http://lists.w3.org/Archives/Public/public- xmlsec/2011Jun/0017.html][32] closed ISSUE-122? ISSUE-122 -- Explain peformance improvements and rationale, relationship to earlier work, document, benchmarks -- open [http://www.w3.org/2008/xmlsec/track/issues/122][34] ISSUE-91? ISSUE-91 -- ECC can't be REQUIRED -- open [http://www.w3.org/2008/xmlsec/track/issues/91][35] ### Other Business none. Note that we will cancel calls as appropriate. Focus needs to be on interop and test cases, let's see what we can do on the list. ### Adjourn ## Summary of Action Items **[NEW]** **ACTION:** fjh to review XML Encryption 1.1 for schema and text description consistency and clarity [recorded in [http://www.w3.org/2012/01/17 -xmlsec-minutes.html#action02][22]] **[NEW]** **ACTION:** scantor to review XML Encryption 1.1 for schema and text description consistency and clarity [recorded in [http://www.w3.org/2012/01/17 -xmlsec-minutes.html#action01][21]] [End of minutes] * * * Minutes formatted by David Booth's [scribe.perl][36] version 1.135 ([CVS log][37]) $Date: 2009-03-02 03:52:20 $ [1]: http://www.w3.org/Icons/w3c_home [2]: http://www.w3.org/ [3]: http://lists.w3.org/Archives/Public/public-xmlsec/2012Jan/0013.html [4]: http://www.w3.org/2012/01/17-xmlsec-irc [5]: #agenda [6]: #item01 [7]: #item02 [8]: #item03 [9]: #item04 [10]: #item05 [11]: #item06 [12]: #item07 [13]: #item08 [14]: #item09 [15]: #item10 [16]: #item11 [17]: #ActionSummary [18]: http://lists.w3.org/Archives/Public/public- xmlsec/2011Dec/att-0037/minutes-2011-12-20.html [19]: http://www.w3.org/2008/xmlsec/#news [20]: http://lists.w3.org/Archives/Public/public-xmlsec/2012Jan/0011.html [21]: http://www.w3.org/2012/01/17-xmlsec-minutes.html#action01 [22]: http://www.w3.org/2012/01/17-xmlsec-minutes.html#action02 [23]: http://lists.w3.org/Archives/Public/public-xmlsec/2012Jan/0012.html [24]: https://lists.w3.org/Archives/Member/member-xmlsec- pag/2012JanMar/0000.html [25]: http://www.w3.org/2009/xmlenc11#rsa-oaep [26]: https://lists.w3.org/Archives/Member/member-xmlsec- commits/2012Jan/0034.html [27]: http://www.w3.org/2008/xmlsec/track/actions/238 [28]: http://www.w3.org/2008/xmlsec/track/actions/717 [29]: http://lists.w3.org/Archives/Public/public-xmlsec/2011Dec/0001.html [30]: http://www.w3.org/2008/xmlsec/track/actions/862 [31]: http://www.w3.org/2008/xmlsec/track/actions/865 [32]: http://lists.w3.org/Archives/Public/public-xmlsec/2011Jun/0017.html [33]: http://www.w3.org/2008/xmlsec/track/issues/227 [34]: http://www.w3.org/2008/xmlsec/track/issues/122 [35]: http://www.w3.org/2008/xmlsec/track/issues/91 [36]: http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm [37]: http://dev.w3.org/cvsweb/2002/scribe/