# XML Security Working Group Teleconference ## 05 Mar 2013 [Agenda][3] See also: [IRC log][4] ## Attendees Present Frederick_Hirsch, Gerald_Edgar, Scott_Cantor, Jim_Dovey, Hal_Lockhart, Pratik_Datta Regrets Chair Frederick_Hirsch Scribe fjh ## Contents * [Topics][5] 1. [Administrative: Agenda review, Announcements][6] 2. [Minutes Approval][7] 3. [C14N 2.0 and 2.0 publications][8] 4. [1.1 Rec publications][9] 5. [Actions][10] 6. [Issue Review][11] 7. [Other Business][12] 8. [Adjourn][13] * [Summary of Action Items][14] * * * Date: 05 March 2013 ScribeNick: fjh ### Administrative: Agenda review, Announcements **RESOLUTION: Going forward, post draft minutes on public minutes page rather than group-only Admin page, also upcoming meetings** Also **RESOLUTION: Cancel 19 March and 30 April teleconferences** For three weeks, starting next week, Daylight savings time difference will mean call 1 hour earlier if in europe, please make a note of it : [https://lists.w3.org/Archives/Member/member-xmlsec/2013Mar/0000.html][15] ### Minutes Approval Approve minutes from 26 February 2013 [http://lists.w3.org/Archives/Public/public- xmlsec/2013Feb/att-0015/minutes-2013-02-26.html][16] **RESOLUTION: Minutes from 26 February 2013 are approved.** ### C14N 2.0 and 2.0 publications Discussion re plan to re-focus as 1.1 specific Recommendation track document. Process discussion. [http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0013.html][17] **RESOLUTION: Publish XML Security 2.0 documents as W3C WG Notes, including C14N20, XML Signature 2.0, Streaming Profile of XPath 1.0, XML Encryption 1.1 CipherReference processing using 2.0 Transforms, Test Cases for C14N20, XML Security 2.0 Requirements and Design Considerations as soon as editing and publication request allow.** fjh: suggest we create a new 1.1 document on canonicalization, not to replace C14N1.1 but to explain how to use it for streaming etc, sort of a 'profile' or implementation guideline ... assume rec track now but we need to see what we have and then decide how to progress it ... Jim would you be able to edit such a draft jdovey: yes fjh: can set up for CVS, also can send you ReSpec source pdatta: sounds like a good idea to create a draft and then review what we have and decide what to do with it jdovey: C14N2 is useful and would like to retain the useful information in this fjh: will create new draft as starting point from C14N2 pdatta: perhaps I should take an initial pass fjh: what shall we call it, you will will create new directory etc pdatta: let us call it 1.2 for now jdovey: sounds like you understand streaming in 1.1 and XPath so this sounds like a good start ... I will be happy to take the C14N2 to update to show my direction and then merge ... could be two separate documents and merge **ACTION:** pdatta to produce a C14N1.2 draft for next week [recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action01][18]] Created ACTION-932 - Produce a C14N1.2 draft for next week [on Pratik Datta - due 2013-03-12]. **ACTION:** fjh to help Jim get setup with C14N2 source and editing [recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action02][19]] Created ACTION-933 - Help Jim get setup with C14N2 source and editing [on Frederick Hirsch - due 2013-03-12]. action - jdovey to draft use cases and clarifying material for new canonicalization draft ACTION-935? ACTION-935 -- James Dovey to draft use cases and clarifying material for new canonicalization draft -- due 2013-03-12 -- OPEN [http://www.w3.org/2008/xmlsec/track/actions/935][20] pdatta: Jim looking at normalization not as part of signature jdovey: can use without signature, useful generally pdatta: would like to understand more about this normalization, can Jim share examples of use cases jdovey: yes ... can write this up in parallel, so it is clear and useful **RESOLUTION: Published corrected "XML Signature 1.1 Explanation of Changes" Note, removing OCSPResponse : [http://lists.w3.org/Archives/Public/public- xmlsec/2013Feb/0006.html][21]** ### 1.1 Rec publications fjh: Ready to go to Recommendation, PR complete ... please review the acknowledgements and drafts, references to spot any changes needed ... of editors drafts ... timing will depend on Team, whether we wait for the update for RFC 4051 to publish in conjunction **ACTION:** fjh to share link for updating phone numbers for group [recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action03][22]] Created ACTION-934 - Share link for updating phone numbers for group [on Frederick Hirsch - due 2013-03-12]. fjh: link to RFC 4051 update page: [http://datatracker.ietf.org/doc/draft- eastlake-additional-xmlsec-uris/][23] ### Actions close ACTION-931 Closed ACTION-931 Check with Jim D re use of C14N1 in streaming way. ### Issue Review ISSUE-234? ISSUE-234 -- Reference SP800-56A later in publication process if the latest version is no longer a draft -- open [http://www.w3.org/2008/xmlsec/track/issues/234][24] fjh: not sure when this will progress at NIST, no visibility into timeline ### Other Business None ### Adjourn ## Summary of Action Items **[NEW]** **ACTION:** fjh to help Jim get setup with C14N2 source and editing [recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action02][19]] **[NEW]** **ACTION:** fjh to share link for updating phone numbers for group [recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action03][22]] **[NEW]** **ACTION:** pdatta to produce a C14N1.2 draft for next week [recorded in [http://www.w3.org/2013/03/05-xmlsec-minutes.html#action01][18]] [End of minutes] * * * Minutes formatted by David Booth's [scribe.perl][25] version 1.135 ([CVS log][26]) $Date: 2009-03-02 03:52:20 $ [1]: http://www.w3.org/Icons/w3c_home [2]: http://www.w3.org/ [3]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Mar/0000.html [4]: http://www.w3.org/2013/03/05-xmlsec-irc [5]: #agenda [6]: #item01 [7]: #item02 [8]: #item03 [9]: #item04 [10]: #item05 [11]: #item06 [12]: #item07 [13]: #item08 [14]: #ActionSummary [15]: https://lists.w3.org/Archives/Member/member-xmlsec/2013Mar/0000.html [16]: http://lists.w3.org/Archives/Public/public- xmlsec/2013Feb/att-0015/minutes-2013-02-26.html [17]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0013.html [18]: http://www.w3.org/2013/03/05-xmlsec-minutes.html#action01 [19]: http://www.w3.org/2013/03/05-xmlsec-minutes.html#action02 [20]: http://www.w3.org/2008/xmlsec/track/actions/935 [21]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Feb/0006.html [22]: http://www.w3.org/2013/03/05-xmlsec-minutes.html#action03 [23]: http://datatracker.ietf.org/doc/draft-eastlake-additional-xmlsec- uris/ [24]: http://www.w3.org/2008/xmlsec/track/issues/234 [25]: http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm [26]: http://dev.w3.org/cvsweb/2002/scribe/