
# XML Security Working Group Teleconference

## 05 Mar 2013

[Agenda][3]

See also: [IRC log][4]

## Attendees

Present

    Frederick_Hirsch, Gerald_Edgar, Scott_Cantor, Jim_Dovey, Hal_Lockhart,
Pratik_Datta

Regrets


Chair

    Frederick_Hirsch

Scribe

    fjh

## Contents

  * [Topics][5]

    1. [Administrative: Agenda review, Announcements][6]

    2. [Minutes Approval][7]

    3. [C14N 2.0 and 2.0 publications][8]

    4. [1.1 Rec publications][9]

    5. [Actions][10]

    6. [Issue Review][11]

    7. [Other Business][12]

    8. [Adjourn][13]

  * [Summary of Action Items][14]

* * *

<trackbot> Date: 05 March 2013

<scribe> ScribeNick: fjh

### Administrative: Agenda review, Announcements

**RESOLUTION: Going forward, post draft minutes on public minutes page rather
than group-only Admin page, also upcoming meetings**

Also

**RESOLUTION: Cancel 19 March and 30 April teleconferences**

For three weeks, starting next week, Daylight savings time difference will
mean call 1 hour earlier if in europe, please make a note of it :
[https://lists.w3.org/Archives/Member/member-xmlsec/2013Mar/0000.html][15]

### Minutes Approval

Approve minutes from 26 February 2013

[http://lists.w3.org/Archives/Public/public-
xmlsec/2013Feb/att-0015/minutes-2013-02-26.html][16]

**RESOLUTION: Minutes from 26 February 2013 are approved.**

### C14N 2.0 and 2.0 publications

Discussion re plan to re-focus as 1.1 specific Recommendation track document.
Process discussion.

[http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0013.html][17]

**RESOLUTION: Publish XML Security 2.0 documents as W3C WG Notes, including
C14N20, XML Signature 2.0, Streaming Profile of XPath 1.0, XML Encryption 1.1
CipherReference processing using 2.0 Transforms, Test Cases for C14N20, XML
Security 2.0 Requirements and Design Considerations as soon as editing and
publication request allow.**

fjh: suggest we create a new 1.1 document on canonicalization, not to replace
C14N1.1 but to explain how to use it for streaming etc, sort of a 'profile' or
implementation guideline

... assume rec track now but we need to see what we have and then decide how
to progress it

... Jim would you be able to edit such a draft

jdovey: yes

fjh: can set up for CVS, also can send you ReSpec source

pdatta: sounds like a good idea to create a draft and then review what we have
and decide what to do with it

jdovey: C14N2 is useful and would like to retain the useful information in
this

fjh: will create new draft as starting point from C14N2

pdatta: perhaps I should take an initial pass

fjh: what shall we call it, you will will create new directory etc

pdatta: let us call it 1.2 for now

jdovey: sounds like you understand streaming in 1.1 and XPath so this sounds
like a good start

... I will be happy to take the C14N2 to update to show my direction and then
merge

... could be two separate documents and merge

<scribe> **ACTION:** pdatta to produce a C14N1.2 draft for next week [recorded
in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action01][18]]

<trackbot> Created ACTION-932 - Produce a C14N1.2 draft for next week [on
Pratik Datta - due 2013-03-12].

<scribe> **ACTION:** fjh to help Jim get setup with C14N2 source and editing
[recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action02][19]]

<trackbot> Created ACTION-933 - Help Jim get setup with C14N2 source and
editing [on Frederick Hirsch - due 2013-03-12].

action - jdovey to draft use cases and clarifying material for new
canonicalization draft

ACTION-935?

<trackbot> ACTION-935 -- James Dovey to draft use cases and clarifying
material for new canonicalization draft -- due 2013-03-12 -- OPEN

<trackbot> [http://www.w3.org/2008/xmlsec/track/actions/935][20]

pdatta: Jim looking at normalization not as part of signature

jdovey: can use without signature, useful generally

pdatta: would like to understand more about this normalization, can Jim share
examples of use cases

jdovey: yes

... can write this up in parallel, so it is clear and useful

**RESOLUTION: Published corrected "XML Signature 1.1 Explanation of Changes"
Note, removing OCSPResponse : [http://lists.w3.org/Archives/Public/public-
xmlsec/2013Feb/0006.html][21]**

### 1.1 Rec publications

fjh: Ready to go to Recommendation, PR complete

... please review the acknowledgements and drafts, references to spot any
changes needed

... of editors drafts

... timing will depend on Team, whether we wait for the update for RFC 4051 to
publish in conjunction

<scribe> **ACTION:** fjh to share link for updating phone numbers for group
[recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action03][22]]

<trackbot> Created ACTION-934 - Share link for updating phone numbers for
group [on Frederick Hirsch - due 2013-03-12].

fjh: link to RFC 4051 update page: [http://datatracker.ietf.org/doc/draft-
eastlake-additional-xmlsec-uris/][23]

### Actions

close ACTION-931

<trackbot> Closed ACTION-931 Check with Jim D re use of C14N1 in streaming
way.

### Issue Review

ISSUE-234?

<trackbot> ISSUE-234 -- Reference SP800-56A later in publication process if
the latest version is no longer a draft -- open

<trackbot> [http://www.w3.org/2008/xmlsec/track/issues/234][24]

fjh: not sure when this will progress at NIST, no visibility into timeline

### Other Business

None

### Adjourn

## Summary of Action Items

**[NEW]** **ACTION:** fjh to help Jim get setup with C14N2 source and editing
[recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action02][19]]

**[NEW]** **ACTION:** fjh to share link for updating phone numbers for group
[recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action03][22]]

**[NEW]** **ACTION:** pdatta to produce a C14N1.2 draft for next week
[recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action01][18]]


[End of minutes]

* * *

Minutes formatted by David Booth's [scribe.perl][25] version 1.135 ([CVS
log][26])

$Date: 2009-03-02 03:52:20 $

   [1]: http://www.w3.org/Icons/w3c_home

   [2]: http://www.w3.org/

   [3]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Mar/0000.html

   [4]: http://www.w3.org/2013/03/05-xmlsec-irc

   [5]: #agenda

   [6]: #item01

   [7]: #item02

   [8]: #item03

   [9]: #item04

   [10]: #item05

   [11]: #item06

   [12]: #item07

   [13]: #item08

   [14]: #ActionSummary

   [15]: https://lists.w3.org/Archives/Member/member-xmlsec/2013Mar/0000.html

   [16]: http://lists.w3.org/Archives/Public/public-
xmlsec/2013Feb/att-0015/minutes-2013-02-26.html

   [17]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0013.html

   [18]: http://www.w3.org/2013/03/05-xmlsec-minutes.html#action01

   [19]: http://www.w3.org/2013/03/05-xmlsec-minutes.html#action02

   [20]: http://www.w3.org/2008/xmlsec/track/actions/935

   [21]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0006.html

   [22]: http://www.w3.org/2013/03/05-xmlsec-minutes.html#action03

   [23]: http://datatracker.ietf.org/doc/draft-eastlake-additional-xmlsec-
uris/

   [24]: http://www.w3.org/2008/xmlsec/track/issues/234

   [25]: http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm

   [26]: http://dev.w3.org/cvsweb/2002/scribe/