XML Security Working Group Teleconference

19 Jun 2012


See also: IRC log


Frederick_Hirsch, Hal_Lockhart, Scott_Cantor, Ed_Simon, Gerald_Edgar, Brian_LaMacchia


<trackbot> Date: 19 June 2012

<scribe> ScribeNick: fjh


added to agenda Publication planning

Minutes Approval


RESOLUTION: Revised minutes from 12 June 2012 are approved

XML Signature 1.1 and 2.0 Editors Draft Updates


fjh: updated the XML Signature 1.1 and 2.0 drafts to clarify language around algorithms


fjh: PAG work is progressing, members only draft at https://www.w3.org/2011/xmlsec-pag/pagreport.html

Test cases and Interop


<trackbot> ACTION-888 -- Pratik Datta to distribute test case and result for testing XML Signature 1.1 HMACOutputLength minimum length -- due 2012-06-19 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/888

scantor: will have to go with the approach pratik noted, unfortunately more work
... asks if anyone else has had problems with the first test

<scantor> http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/test-cases/

bal: not sure, would need to check

<scantor> the one I haven't managed to decrypt the key for is http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/test-cases/files/cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p.xml

Best Practices Update


<trackbot> ACTION-887 -- Hal Lockhart to draft text on HMAC truncation for XML Signature best practices -- due 2012-05-22 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/887

hal: is there ambiguity of what truncation means?
... doesn't seem to be defined in spec

fjh: thought this was defined as part of algorithm

hal: will work on action in next few days

fjh: thought it is standard practice to truncate off the end

bal: thought so as well
... new NIST spec out on truncating SHA-512
... part of SHA-2 update
... could reference this if we do not have normative reference, truncate off the end
... we have not implemented truncation option, did not need it

hal: important security reasons to truncate

bal: why?

hal: can reference paper, other attacks can be made more difficult with truncation
... best practice

<Ed_Simon> http://csrc.nist.gov/groups/ST/hash/documents/Kelsey_Truncation.pdf

<Hal> link to HMAC paper:http://www.jucs.org/jucs_14_3/new_results_on_nmac

fjh: do we want to make a change to the spec to clarify truncation?

hal: will look at original interop spec

fjh: so you will confirm on list that truncation from end, then we may need to add language to spec and update to NIST

hal: need to be clear on high order, low order, avoid bit ordering ambiguity

ISSUE: clarify meaning of HMAC truncation

<trackbot> Created ISSUE-232 - Clarify meaning of HMAC truncation ; please complete additional details at http://www.w3.org/2008/xmlsec/track/issues/232/edit .

Publication Plans

fjh: we have made a number of changes to XML Signature 1.1 since the last CR publication, including a clarification of serialization, clarifications related to KeyInfoReference, changing SHOULD for KeyInfoReference and adding REQUIRED for Exclusive C14N omits comments, among other changes.
... this suggests we should have an updated publication soon, need to determine whether we need another LC.
... probably want to address truncation clarification first, ISSUE-232
... Likewise, we added optional AES192-GCM to XML Encryption 1.1, need to confirm whether this requires another LC or just a CR update.
... Seems like we should be able to update the CR of XML Signature 2.0 without LC for recent editorial updates related to ECC
... finally, we need to update Security Algorithms Cross-Reference, and RELAX NG Note, also publish updated Best Practices once newest addition is in place
... I am discussing with tlr offline

Other Business

fjh: once we complete interop and publication of our documents, we will need to think about maintenance and how that is handled.
... but this is probably early for discussion as we have to complete interop and other work to bring the 1.1 specs to REC (and possibly 2.0)


Summary of Action Items

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.135 (CVS log)
$Date: 2009-03-02 03:52:20 $