XML Security Working Group Teleconference

26 Feb 2013


See also: IRC log


Frederick_Hirsch, Thomas_Roessler, Scott_Cantor, Pratik_Datta


<trackbot> Date: 26 February 2013

<scribe> ScribeNick: fjh

Administrative: Agenda review, Announcements

no announcements

Minutes Approval

Approve minutes from 19 February 2013


RESOLUTION: Minutes from 19 February 2013 are approved.

XML Encryption 1.1, XML Signature 1.1, XML Signature Properties

PR results - https://www.w3.org/2002/09/wbs/33280/XMLsecPR/results

<tlr> tlr: PR review completed; next steps within the team; suggest aiming at synchronized publication of Rec with IETF RFC.

fjh: have checked with IETF, should have number for RFC publication next week, but concerned if we delay REC too long
... need publication date soon in order to prepare drafts
... will check this offline

Correction to "XML Signature 1.1 Explanation of Changes", remove OCSPResponse : http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0006.html

fjh: Please review the XML Security 1.1 references and acknowledgements and indicate on the list of you notice any editorial changes needed before Recommendation publication.

RFC 4051 update, 'Additional XML Security Uniform Resource Identifiers (URIs)'

<scribe> New draft aligned with XML Security 1.1



fjh: please review

proposed XML Security Algorithm Cross-Reference updates, http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0001.html

fjh: please check these
... will make updates

Canonical XML 2.0

fjh: we have another implementation of C14N2 from Jim Dovey, as he mentioned last week

scantor: can C14N2 work with Signature 1.1?

tlr: if so we can move C14N2 to Recommendation otherwise we cannot
... cannot work with arbitrary document subsets
... does C14N2 generate same subtree as C14N1

scantor: depends on the options used
... default behaviour is exclusive

fjh: it depends

tlr: can plug it in

fjh: given we have implementations suggest we can move forward to Recommendation

tlr: concerned that it will be confusing without corresponding Signature draft, suggest moving to Note
... do not want to send signal that this supersedes Exclusive Canonicalization

fjh: what about licensing obligations, potential further work
... do not want to stop work unnecessarily

scantor: is he implementing Signature 2.0

fjh: I think he is working on it

pdatta: I think Jim was looking for implementers guide to 1.1

fjh: he specifically needed streaming

pdatta: one can implement a subset of 1.1 in a streaming way, what most people do

fjh: suggest we follow up with Jim on whether use of C14N11 and Signature 1.1 would solve his needs, if he has guidance on streaming for these
... if so we are done and can publish C14N2 as a Note, otherwise we need to discuss plans for his implementation of Signature 2.0 and go from there

<scribe> ACTION: pdatta to check with Jim D re use of C14N1 in streaming way [recorded in http://www.w3.org/2013/02/26-xmlsec-minutes.html#action01]

<trackbot> Created ACTION-931 - Check with Jim D re use of C14N1 in streaming way [on Pratik Datta - due 2013-03-05].

fjh: when do we need to draft new charter

tlr: suggest I send formal heads up to AC, plan to send draft of charter to WG, assume only maintenance charter unless we have new info from Jim

<jdovey> (Editors Note: Please note new information sent by Jim after call: http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0012.html and http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0014.html

Next steps for 2.0

Call for Consensus to publish 2.0 drafts as WG Notes: http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0000.html

fjh: CfC has completed, no objection, some support to move 2.0 documents to Notes
... need to resolve with Jim if there is any concern, and whether 1.1 C14N will work for him, otherwise will go forward with this plan

Action Review

fjh: no open or pending actions apart from those assigned today

Issue Review


<trackbot> ISSUE-234 -- Reference SP800-56A later in publication process if the latest version is no longer a draft -- open

<trackbot> http://www.w3.org/2008/xmlsec/track/issues/234

fjh: Still a draft, http://csrc.nist.gov/publications/PubsSPs.html
... will not update unless it is published before our publication date


<trackbot> ISSUE-122 -- Explain peformance improvements and rationale, relationship to earlier work, document, benchmarks -- open

<trackbot> http://www.w3.org/2008/xmlsec/track/issues/122

fjh: this is moot if not moving 2.0 forward

pdatta: not working on this

close ISSUE-122

<trackbot> Closed ISSUE-122 Explain peformance improvements and rationale, relationship to earlier work, document, benchmarks.

Other Business



Summary of Action Items

[NEW] ACTION: pdatta to check with Jim D re use of C14N1 in streaming way [recorded in http://www.w3.org/2013/02/26-xmlsec-minutes.html#action01]
[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.135 (CVS log)
$Date: 2009-03-02 03:52:20 $