See also: IRC log
<trackbot> Date: 24 July 2012
<scribe> ScribeNick: fjh
"XML Signature Best Practices" is now published as W3C Note, see http://www.w3.org/TR/2012/NOTE-xmldsig-bestpractices-20120710/
expect PAG to complete during August
Approve minutes, 3 July 2012
http://lists.w3.org/Archives/Public/public-xmlsec/2012Jul/att-0009/minutes-2012-07-03.html
RESOLUTION: Minutes from 3 July 2012 are approved.
Updated XML Signature 1.1 and 2.0 editors drafts for HMAC-SHA224 and ECDSAwithSHA224, http://lists.w3.org/Archives/Public/public-xmlsec/2012Jul/0016.html (Frederick)
Updated XML Signature 1.1 and 2.0 editors drafts to add RSAwithSHA224, http://lists.w3.org/Archives/Public/public-xmlsec/2012Jul/0020.html (Frederick)
Updated XML Signature 1.1 and 2.0 to remove notes regarding ECC. (Frederick)
ACTION-888?
<trackbot> ACTION-888 -- Pratik Datta to distribute test case and result for testing XML Signature 1.1 HMACOutputLength minimum length -- due 2012-06-19 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/888
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core1-interop/Overview.src.html#sec-AlgorithmOther
scantor: consider using the previous truncation test, but now have an error result with that test
fjh: in merlin tests?
hal: think so
scantor: will have some time next month but do we have examples of KeyInfo type of test
fjh: old tests used elements implicitly to verify signature, some of these are different, might need some test harness
scantor: that is the problem
Signature 1.1 http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core1-interop/Overview.src.html
fjh: Additional tests needed for XML Signature 1.1: SHA224 items: ECDSA-SHA224, HMAC-SHA224, RSAwithSHA224
... X509Data OCSPResponse, X509Digest; KeyInfo - DEREncodedKeyValue, KeyInfoReference
... HMACOutputLength
<tlr> oh
scantor: Apache Sanuario has X509Digest, DEREncodedKeyValue and KeyInfoReference
fjh: need more than one implementation to demonstrate interop
scantor: I have two implementations, they are separate code bases
fjh: that would count technically, though it might be an issue if you wrote both and had similar errors
tlr: share that concern
fjh: however it would help us conclude
hal: would prefer another implementation
tlr: do we have anyone else implementing?
fjh: these are relatively small items and would prefer to have them
... have been asking offline about implementations for some time, have not heard from other than Scott
http://www.w3.org/2008/xmlsec/wiki/Roadmap
<scribe> ACTION: tlr to check with team whether CR draft can have features marked as at risk during CR without an additional LC cycle [recorded in http://www.w3.org/2012/07/24-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-890 - Check with team whether CR draft can have features marked as at risk during CR without an additional LC cycle [on Thomas Roessler - due 2012-07-31].
fjh: I do not want to see Scott do additional work if it will not have a concrete result, thus would like to determine if we have any additional implementation plans now
pdatta: SHA-224 we have implementation
<scribe> ACTION: pdatta to put SHA-224 test cases and results for interop into CVS [recorded in http://www.w3.org/2012/07/24-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-891 - Put SHA-224 test cases and results for interop into CVS [on Pratik Datta - due 2012-07-31].
X509Data OCSPResponse, X509Digest; KeyInfo - DEREncodedKeyValue, KeyInfoReference
<scribe> ACTION: pdatta to check on adding KeyInfoReference [recorded in http://www.w3.org/2012/07/24-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-892 - Check on adding KeyInfoReference [on Pratik Datta - due 2012-07-31].
encryption interop - http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core1-interop/Overview.src.html
fjh: need one more implementation of Key Agreement algorithms, ECDH, DH
... can IBM help here?
... also need AES-128-GCM, scott had problem preventing this from completing
<scantor> I wasn't able to decrypt the key in the GCM-128 vector
scantor: problem was not with GCM but with the key
<scribe> ACTION: magnus to check on AES-128-GCM interop test [recorded in http://www.w3.org/2012/07/24-xmlsec-minutes.html#action04]
<trackbot> Created ACTION-893 - Check on AES-128-GCM interop test [on Magnus Nystrom - due 2012-07-31].
fjh: Symmetric Key Wrap algorithm
... anyone working AES-128-pad, 192/256?
scantor: do not need these
fjh: what is the status of SHA-384?
tlr: rules for optional features are more lax
... if we remove algorithms, put URIs in non-normative appendix, "WG considered, these URIs are reserved, but no interop has been done"
scantor: all the keyinfo stuff is optional
tlr: show each feature of the technical report has been implemented, should demonstration 2 implementations of each feature, can accept if critical without interop
... can negotiate for optional features, might keep have 1 implementation
fjh: for CR we said two
tlr: URI reservation for optional algorithms might make sense to not require 2 algorithms
... lots of grey areas
<scribe> ACTION: tlr to discuss with team and director process issues about Signature 1.1/Encryption 1.1 to rec with some optional URIs for algorithms that do not have 2 implementations [recorded in http://www.w3.org/2012/07/24-xmlsec-minutes.html#action05]
<trackbot> Created ACTION-894 - Discuss with team and director process issues about Signature 1.1/Encryption 1.1 to rec with some optional URIs for algorithms that do not have 2 implementations [on Thomas Roessler - due 2012-07-31].
tlr: summary - interest in relaxing some of the CR exit criteria over what we had, need decisions from WG and director.
fjh: we need to give an early heads up to the W3C team regarding our plans and options, need to complete interop in August and then end of August make a decision as to what is kept in with 1 implementation and what is removed
... this is necessary to bring the work to completion by year end
pdatta: SHA-384 is in encyrption but is also in signature
fjh: yes, so we can mark it as done in encryption
<scribe> ACTION: fjh to send CfC to list to close out interop on RSA-OAEP key transport as we have it for one MGF function, question is that enough [recorded in http://www.w3.org/2012/07/24-xmlsec-minutes.html#action06]
<trackbot> Created ACTION-895 - Send CfC to list to close out interop on RSA-OAEP key transport as we have it for one MGF function, question is that enough [on Frederick Hirsch - due 2012-07-31].
fjh walked WG through planned roadmap, see http://lists.w3.org/Archives/Public/public-xmlsec/2012Jul/0005.html
tlr: 1 week wait from transition request and transition call; publication can be very fast
... assuming no surprises in PR review can publish REC without directors call - these steps do not involve WG, only team
fjh: need to update references in publication of REC after PR
discussion of how to deal with possible additional attacks, WG agreed to add additional security consideration to XML Encryption 1.1
ACTION-889 closed
<trackbot> ACTION-889 Arrange publication of XML Signature Best Practices closed
Please review roadmap, interop and actions to complete interop in August. At end of August we will update the documents to progress toward REC. Thanks everyone.