- From: Wendy Seltzer <wseltzer@w3.org>
- Date: Mon, 10 Sep 2012 18:19:08 -0400
- To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Draft minutes from today's call at
<https://www.w3.org/2012/09/10-crypto-minutes.html> and in text below.
--Wendy
[1]W3C
[1] http://www.w3.org/
- DRAFT -
Web Cryptography Working Group Teleconference
10 Sep 2012
[2]Agenda
[2]
http://lists.w3.org/Archives/Public/public-webcrypto/2012Sep/0107.html
See also: [3]IRC log
[3] http://www.w3.org/2012/09/10-crypto-irc
Attendees
Present
asad, wseltzer, ddahl, virginie, Tony_Nadalin, cjkula,
JimD, karen, wtc, rsleevi, hhalpin, +1.707.799.aaaa,
emily, [Microsoft], markw, arunranga, Mike_Jones,
+1.303.543.aabb, +1.303.661.aacc, vgb, sdurbha?, zooko?
Regrets
Chair
virginie
Scribe
selfissued
Contents
* [4]Topics
1. [5]Draft API review
2. [6]Review Actions
3. [7]Issues
4. [8]Group Life
* [9]Summary of Action Items
__________________________________________________________
<trackbot> Date: 10 September 2012
<virginie> hi all :)
<ddahl> hello
<ddahl> virginie: we have yelp, you will fail;)
<virginie> who is here?
Mike Jones here
Mike scribing
<wseltzer> scribenick: selfissued
Virginie overviewing agenda
Agenda OK, per Virginie's e-mail
<virginie> [10]http://www.w3.org/2012/09/04-crypto-minutes.html
[10] http://www.w3.org/2012/09/04-crypto-minutes.html
The minutes of the previous call were approved without
objection
Draft API review
<zooko> No, I'm aabb
rsleevi: Only major change addition of examples for key
provisioning
<virginie>
[11]http://lists.w3.org/Archives/Public/public-webcrypto/2012Se
p/0102.html
[11]
http://lists.w3.org/Archives/Public/public-webcrypto/2012Sep/0102.html
<zooko> I always wonder who aacc is since they're in my area
code.
Karen: Questioned title "out of band key provisioning"
<zooko> sdurbha: awesome. Let's go get coffee together
sometime.
Karen: Title does not match use case
<sdurbha> then, I should be the other number that joined at the
same time
Karen: Out of band provisioning is out of scope
<sdurbha> sure
Ryan: Use case relies on out of band key provisioning
... Pointed out by NetFlix that keys may not be provisioned at
time of use
... Some degree of out of band still occurs within this use
case
... Asks if anyone else has concerns with the current text
Karen: Not a major problem, but could cause confusion
Virginie: Suggests we change this for the next version of the
next API
... Having a more accurate title helps
... Does not want to delay draft for this issue
... No other comments, after asking for them
... Proposal to go to First Public Working Draft
<virginie> "PROPOSAL: The current editors draft of the Web
Crypto API to go forward as FPWD:
[12]http://www.w3.org/2012/webcrypto/WebCryptoAPI/"
[12] http://www.w3.org/2012/webcrypto/WebCryptoAPI/
<sdurbha> +1
<ddahl> +1
<JimD> +1
<wtc> +1
<arunranga> +1
<markw> +1
<emily> +1
<karen_> +1
+1
<rsleevi> +1
<virginie> +1
<asad> +1
<vgb> +1
<cjkula> +1
Harry: We could poll people on the phone explicitly
<zooko> +1
<virginie> RESOLVED: The current editors draft of the Web
Crypto API to go forward as FPWD:
[13]http://www.w3.org/2012/webcrypto/WebCryptoAPI/"
[13] http://www.w3.org/2012/webcrypto/WebCryptoAPI/
<wseltzer> +1
Virginie: Because there is no objection, we can go to FPWD
<hhalpin> Note that the current editors draft of the Web Crypto
API to go forward as FPWD:
[14]http://www.w3.org/2012/webcrypto/WebCryptoAPI/ is 1.46
version
[14] http://www.w3.org/2012/webcrypto/WebCryptoAPI/
Virginie: Asks editors to produce FPWD
... I'm very happy!
... Thanks to Ryan for your hard work
<hhalpin> ACTION: hhalpin and wseltzer to move the Editors
Draft to TR space and communicate to the chairs@w3.org, the
Director, and Comms Team over the FPWD publication [recorded in
[15]http://www.w3.org/2012/09/10-crypto-minutes.html#action01]
<trackbot> Created ACTION-45 - And wseltzer to move the Editors
Draft to TR space and communicate to the chairs@w3.org, the
Director, and Comms Team over the FPWD publication [on Harry
Halpin - due 2012-09-17].
<hhalpin> congrats everyone!
Review Actions
Virginie: Agenda item: Review of Action Status
... Want to close things that need to be close
... Proposed closing 13, 38, 44, 39, 43
<wseltzer> ACTION-13?
<trackbot> ACTION-13 -- Wan-Teh Chang to and Arun to add
missing use-cases -- due 2012-10-15 -- OPEN
<trackbot>
[16]http://www.w3.org/2012/webcrypto/track/actions/13
[16] http://www.w3.org/2012/webcrypto/track/actions/13
<arunranga> Regarding ACTION-13, I think we should poll MitchZ
and MarkW as well.
<hhalpin> +1 separate document
<hhalpin> I'm happy to set that up.
Wan-Teh: Action 13 can already be met by use cases section of
current draft
... OK to close
<wseltzer> trackbot, close ACTION-13
<trackbot> ACTION-13 And Arun to add missing use-cases closed
<wseltzer> ACTION-38
<wseltzer> ACTION-38?
<trackbot> ACTION-38 -- Mark Watson to write some non-normative
text about pre-shared keys -- due 2012-09-03 -- OPEN
<trackbot>
[17]http://www.w3.org/2012/webcrypto/track/actions/38
[17] http://www.w3.org/2012/webcrypto/track/actions/38
Wan-Teh: Can open another action to track use cases document
<wseltzer> trackbot, close ACTION-38
<trackbot> ACTION-38 Write some non-normative text about
pre-shared keys closed
Virginie: Closed 38
<wseltzer> ACTION-44?
<trackbot> ACTION-44 -- Ryan Sleevi to addition of 'netflix use
cases' in the draft API in section 2 -- due 2012-09-12 --
CLOSED
<trackbot>
[18]http://www.w3.org/2012/webcrypto/track/actions/44
[18] http://www.w3.org/2012/webcrypto/track/actions/44
<scribe> ... Closed 44
<wseltzer> ACTION-39?
<trackbot> ACTION-39 -- Asad Ali to sample code -- due
2012-09-03 -- OPEN
<trackbot>
[19]http://www.w3.org/2012/webcrypto/track/actions/39
[19] http://www.w3.org/2012/webcrypto/track/actions/39
UNKNOWN_SPEAKER: 39 was related to sample code - closed
<wseltzer> trackbot, close ACTION-39
<trackbot> ACTION-39 Sample code closed
<wseltzer> ACTION-43?
<trackbot> ACTION-43 -- David Dahl to write some sample code --
due 2012-09-13 -- CLOSED
<trackbot>
[20]http://www.w3.org/2012/webcrypto/track/actions/43
[20] http://www.w3.org/2012/webcrypto/track/actions/43
<scribe> ... Closed 43
UNKNOWN_SPEAKER: Want to spend more time on the issues today
<wseltzer> [open actions:
[21]http://www.w3.org/2012/webcrypto/track/actions/open ]
[21] http://www.w3.org/2012/webcrypto/track/actions/open
Vijay: Does the owner get to close an issue, or does the opener
have to concur?
<wseltzer> ACTION-40?
<trackbot> ACTION-40 -- Asad Ali to propose text for scope
section about smart card -- due 2012-09-04 -- OPEN
<trackbot>
[22]http://www.w3.org/2012/webcrypto/track/actions/40
[22] http://www.w3.org/2012/webcrypto/track/actions/40
Virginie: The owner can close
<wseltzer> trackbot, close ACTION-40
<trackbot> ACTION-40 Propose text for scope section about smart
card closed
<vgb> s//Vijay/Asad/
Harry: Wiki area - need clear editor for each document or
ideally two
... Does not have to be recommendation track
... Should have a separate document for use cases
... Asking for an editor
... Willing to create new document
<hhalpin> WTC and Channy - are you OK with being editors of the
use-case doc?
Virginie: Thought that Channy and Wan-Teh would manage that
<hhalpin> Or Arun?
Wan-Teh: Just the API draft needs a lot of time
... I don't mind editing the document
... But I questino whether taking it out of the main document
is a good idea
Harry: Happy with the current document and believe the use
cases should stay there
... We'll now fall into the world of secondary features
... A non-normative use case document would be useful
... Could allow a lot of use cases to put it
... Only need a few in the spec
... Separate document could enable more, with more details
<arunranga> OK, I volunteer
Arun: Volunteered to edit use case document
<hhalpin> thinking further down the line :)
<hhalpin> ACTION: hhalpin to create use-case document space for
Arun [recorded in
[23]http://www.w3.org/2012/09/10-crypto-minutes.html#action02]
<trackbot> Created ACTION-46 - Create use-case document space
for Arun [on Harry Halpin - due 2012-09-17].
Issues
Virginie: Agenda item: Issue status and priorities
... Clarify way issues are managed
... We need to finalize description of crypto operations
... Such has how to describe parameters, cloning, access
control, origins, user involvement
... Asked editors to work on a specific set of issues
... Choosing one domain that you feel is the most pressing and
make progress on it and drive consensus
<Zakim> rsleevi, you wanted to respond
Ryan: A great idea
... Most important to make sure we're happy with the crypto
operations (creation, algorithms, parameters, use)
... David and Arun found interesting corner cases when writing
examples
... Could block implementers
... Changing this would be much harder later
... Most important issues to work out now
Virginie: Do cloning and transfer fall into this?
Ryan: Cloning, transfer, neutering small parts of this with
least impact
... Algorithms, modes, instantiation, most important questions
<arunranga> +1 rsleevi
Ryan: We need to be sure we're happy with this before looking
at lesser issues like key management, etc.
<emily> +1
<wtc> +1
Virginie: Who supports focusing in next week on Ryan's topics?
+1
<ddahl> +1
David: Completely agree with Ryan
<JimD> +1
David: Getting word out about FPWD important
... Getting eyes on it from the JavaScript world
<cjkula> +1
David: Getting as much feedback as possible important
Wan-Teh: 2 questions
... In track tool, is there a way to assign priority to issues?
<hhalpin> unforunately WTC is right, no priority features for
tracker :(
Wan-Teh: All the issues currently look equally important
... Second, current published editor's draft taken directly
from CVS repository
... Is there a way to publish a stable version while we keep
making changes to CVS?
Harry: No prioritizion available in tracker
... We could mark them in red/yellow/green or give them 1/2/3
markings
... Actualy process to take an HTML copy and give it a stable
URI
<hhalpin> is this URI OK: www.w3.org/TR/webcrypto
Harry: All candidate specs have "TR" in them
... Editor's drafts perpetually change
... There will be a clear differentiation
... W3C will probably do a blog post about the FPWD
... Solicits quotes for blog post
... People could blog and e-mail to their friends
... There will be a little delay in publishing the FPWD
... Expect publication on Thursday or maybe next Tuesday at the
latest
... Will be displayed on front page of W3C homepage
<hhalpin> any URI suggestions?
Harry: Asked if people want a different URI to propose them
<hhalpin> www.w3.org/TR/WebCryptoAPI
Virginie: We can continue this topic on the mailing list
<hhalpin> www.w3.org/TR/WebCryptographyAPI
<hhalpin> Any preferences?
Virginie: Need clear priorities for the working group
... Editor's will need to process incoming comments
<hhalpin> If not, lets go for
[24]http://www.w3.org/TR/WebCryptoAPI/
[24] http://www.w3.org/TR/WebCryptoAPI/
<karen_> +1
Virginie: We will not be able to work on discovery, origin
definitions, etc. and still process the incoming comments
<rsleevi> hhalpin: I'm less concerned about the /TR/ URL, but I
suspect we'll want to figure out the "WIP" URL and
"semi-stable" publishing (eg:
dvcs.w3.org/WebCrypto/WebCryptoAPI-20120904 )
Virginie: Focusing on the crypto opertions the first priority
<rsleevi> but we can have that discussion on the mailing list
<rsleevi> +1
<ddahl> +1
<JimD> +1
<hhalpin> +1
<asad> +1
<mitchz> +1
<virginie> +1
<emily> +1
<wtc> +1
<arunranga> +1 for the new technology to be dubbed "WebCrypto
API"
Name [25]http://www.w3.org/TR/WebCryptoAPI/ chosen
[25] http://www.w3.org/TR/WebCryptoAPI/
<cjkula> +1
<Anthony> +1
<zooko> \o/
<hhalpin> for semi-stable, we can keep
[26]http://www.w3.org/2012/WebCryptoAPI/ and have that redirect
to Mercurial, as it seems folks are sick of CVS :)
[26] http://www.w3.org/2012/WebCryptoAPI/
<hhalpin> Technically, its ECMAScript :)
Seetharam: Isn't it actually more like a JavaScript crypto API?
<ddahl> sdurbha: i would leave JS out of it
<rsleevi> Technically, it's WebIDL :)
<rsleevi> which Ecmascript bindings exist
Seetharam: Rather than a Web crypto API?
<rsleevi> (and other user agents have other bindings) :)
Seetharam: Web has specific connotations
<hhalpin> The W3C tradition is to stick "Web" in front of
things :)
Virginie: Have always seen this name
<hhalpin> We could call it CryptoAPI but that might cause
confusion with other folks
Jim: My understanding is that other acccess means other than
JavaScript can also be used
<Zakim> rsleevi, you wanted to respond to jimd
Ryan: Jim is correct
... We are specifying WebIDL bindings
... Bindings can be specified for other languages other than
ECMAScript, such as Java
... Number of ways to take WebIDL and translate into lanaguage
specifications
... Numerous concepts borrowed from HTML5
... Not programming-language specific
... Can be adopted for other use cases, such as node.js
Virginie: We will keep the Web Crypto API title
Mike LOL at Arun's comment!
Virginie: Several issues currently open about key management
... Wondering if other participants wouldn't like to work on
another domain other than core crypto operations
markw: A number of issues not settled called out in draft
... Considering issues in draft, asking whether Virginia is
proposing a different parallel process?
Virginie: We can work on the mailing list, rather than
allocating specific time during the conference call
... Wants proposals to be written down
... Wants written comments on proposals
... Then we can consider them during the conference call
... Trying to address different problem areas with different
teams
Mark: Are you really just looking for volunteers to take
responsibility for open areas?
Ryan: Understand proposal - concern that may end up fragmenting
if we have parallel discussions
... Are you proposing sub working group?
Virginie: Trying to make the group realize that we have a set
of problems that are dependent
... Want people to take lead on collecting proposals on the
mailing list
<hhalpin> its better in general to keep everything just on the
WG mailing list
<hhalpin> not to do sub-WGs
Virginie: 400 mails in August
... 100 so far in September
... Not everyone can follow all of that
Ryan: About 3-5 broad issue categories
<hhalpin> it would be better to "order" the categories of
ISSUES I think
<vgb> +1 to Harry - the small set of implementers will want to
watch all categories in any case
Ryan: Helpful to have clear ownership
... Agree on taking ownership of comments coming in from FPWD
Asad: Not sure how formalized the process is for forming
subgroups
... Could tag e-mail thread with a topic
... Will help people follow the topics that are of interest to
them
<Zakim> rsleevi, you wanted to respond to Virginie's proposal
Asad: Effectively implicitly forms subgroups based upon
interest
<zooko> That sounds great.
<zooko> I have read about 10% of the mailing list traffic
recently.
Harry: In general, better to just tag messages than set up
separate mailing lists and cause fracturing
... Better to order broad categories
... Although people will of course operate somewhat in parallel
Virginie: There is no final conclusion
... We are out of time to describe the different domains, etc.
... We can do this over the mailing list
Group Life
Virginie: Agenda Item: Group Life
... Do not forget to book your travel and accomidation for the
meeting in Lyon
... Can also attend plenary session
<wseltzer> TPAC info: [27]http://www.w3.org/2012/10/TPAC/ ]
[27] http://www.w3.org/2012/10/TPAC/
Virginie: Thu & Fri will have our 2-day meeting with Web
Security WG
Will be ideal if you can be there last day of October through
November 2
scribe: Very interesting and fun also
... Will discuss objectives for F2F in next few calls
... We make a lot of progress in F2F meetings
<hhalpin> trackbot, end meeting
scribe: Can close call - thanks to editors and Mike for
scribing
Summary of Action Items
[NEW] ACTION: hhalpin and wseltzer to move the Editors Draft to
TR space and communicate to the chairs@w3.org, the Director,
and Comms Team over the FPWD publication [recorded in
[28]http://www.w3.org/2012/09/10-crypto-minutes.html#action01]
[NEW] ACTION: hhalpin to create use-case document space for
Arun [recorded in
[29]http://www.w3.org/2012/09/10-crypto-minutes.html#action02]
/~checkout~/2002/scribe/
Received on Monday, 10 September 2012 22:19:11 UTC