Re: NEW ISSUE: Framework/primer - correct text related to xml:id and canonicalization, update references from Frederick Hirsch on 2008-11-06 (public-ws-policy@w3.org from November 2008)

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Thu, 6 Nov 2008 09:28:17 -0500
To: public-ws-policy@w3.org
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, Asir Vedamuthu <asirveda@microsoft.com>, Paul Cotton <pcotton@microsoft.com>, Christopher Ferris <chrisfer@us.ibm.com>
Message-Id: <2A87BC53-E538-4EFF-96EE-8C9BFACC536F@nokia.com>
I would like to request that the WS-Policy WG formally agree to the  
following decisions:

1) That we update the WS-Policy Primer Note [1] with the changes noted  
in the Issue noted below and which I raised on the public mailing list  
5 September.

I propose that we simply update the Working Group Note. Does the WG  
agree?

2) That we issue an errata against the WS-Policy Framework  
Recommendation with the changes noted below and raised 5 September.

I propose adding this material to the errata document for the  
Framework Recommendation. Note that the Recommendation already  
contains a link to the errata document [3], so this material should be  
visible to readers of the Recommendation once that errata document is  
updated.
Does the WG agree?

3) We could also update the Recommendation to reflect the change but I  
do not recommend this.

Given that the document already includes a link to the errata, it  
would not add much and would require additional review process.

Please note that since I raised this issue on 5 September [4] and the  
chairs noted that this is editorial (I agree) and can be dealt with by  
email on 16 September [5]. Since there has been no email discussion, I  
take it that proposals #1 and #2 are approved by the WG?

Please indicate any objection on the WG list by the 17 November so the  
editorial team can make the changes in a timely manner and the  
publication can be completed before the moratorium in December.

Thanks

regards, Frederick

Frederick Hirsch
Nokia

Publishing deadline information
18 December, 12pm ET: Deadline for publication requests before  
moratorium
22 December: Last publications before moratorium
23 December - 1 January: No publications 2 January 2009:
Publications resume

[1] http://www.w3.org/TR/2007/NOTE-ws-policy-primer-20071112/

[2] http://www.w3.org/TR/2007/REC-ws-policy-20070904/

[3] http://www.w3.org/2002/ws/policy/7/framework-errata.html

[4] http://lists.w3.org/Archives/Public/public-ws-policy/2008Sep/0000.html

[5] http://lists.w3.org/Archives/Public/public-ws-policy/2008Sep/0001.html

On Sep 5, 2008, at 11:48 AM, Frederick Hirsch wrote:

> I have recorded two new issues in Bugzilla against the Framework and  
> Primer Recommendations - proposed errata.
> In both cases this includes correction of a note related to C14N11,  
> addition of a reference for XML Signature (Second Edition),  
> correction of the C14N11 reference and removal of [SecSpecMaintWG]  
> reference.
>
>
> http://www.w3.org/Bugs/Public/show_bug.cgi?id=6029
>
>          Summary: Note on using xml:id should reference Canonical  
> XML 1.1
>                   and XML Signature, Second Edition
>          Product: WS-Policy
>          Version: PR
>         Platform: Macintosh
>              URL: http://www.w3.org/TR/2007/REC-ws-policy-
>                   20070904/#Policy_Identification
>       OS/Version: MacOS X
>           Status: NEW
>         Severity: normal
>         Priority: P1
>        Component: Framework
>       AssignedTo: fsasaki@w3.org
>       ReportedBy: frederick.hirsch@nokia.com
>        QAContact: public-ws-policy-qa@w3.org
>
>
> Title - Note on using xml:id should reference Canonical XML 1.1 and  
> XML
> Signature, Second Edition
>
> Description/Justification
>
> Currently section 4.2, Policy Identification contains a note that  
> use of
> Canonical XML 1.0 with xml:id is not appropriate. This is correct.
>
> It has an additional Note that Canonical XML 1.1 is intended to  
> address this
> and that the XML Security Specifications Maintenance WG has been  
> chartered to
> investigate. This is no longer accurate since Canonical XML 11 has  
> been
> released as a Recommendation as has XML Signature (Second Edition).
>
> Target - framework
>
> Proposal
>
> Create Proposed Errata against Framework document.
>
> (Part 1) Replace the following text in section 4.2, Policy  
> Identification:
> ---
> Note:
> Canonical XML 1.1 [C14N11] is intended to address the issues that  
> occur with
> Canonical XML 1.0 with regards to xml:id. The W3C XML Security  
> Specifications
> Maintenance WG has been chartered to address how to integrate  
> Canonical XML 1.1
> with XML Security, including XML Signature [SecSpecMaintWG] (See
> http://www.w3.org/2007/xmlsec/.)
> ---
> With the following text:
> ---
> Note that is is acceptable to sign a policy expression identified  
> using xml:id
> with XML SIgnature (Second Edition) [XML-Signature-2ndEdition] and  
> Canonical
> XML 1.1 [C14N11], as these recommendations  address issues related  
> to the use
> of xml:id and xml:base.
> ---
> (Part 2)
> Update the reference to C14N11 in Appendix B.2.
>
> Replace the following:
> ---
> Canonical XML 1.1, J. Boyer and G. Marcy Authors. W3C Candidate
> Recommendation, 21 June 2007. This is a work in progress. This  
> version is
> available at http://www.w3.org/TR/2007/CR-xml-c14n11-20070621. The  
> latest
> version of Canonical XML 1.1 is available at http://www.w3.org/TR//xml-c14n11/ 
> .
> ---
> with
>
> Canonical XML 1.1, J. Boyer and G. Marcy Authors. W3C  
> Recommendation, 2 May
> 2008.  This version is available at
> http://www.w3.org/TR/2008/REC-xml-c14n11-20080502. The latest  
> version of
> Canonical XML 1.1 is available at http://www.w3.org/TR//xml-c14n11/.
>
> ---
>
> (Part 3)
> Add a reference to Appendix B.2 for XML Signature (Second Edition)  
> after the
> reference to [XMLSignature]:
> ----
> [XML-Signature-2ndEdition] XML Signature Syntax and Processing, D.  
> Eastlake, J.
> Reagle, D. Solo, F. Hirsch, and  T. Roessler Editors.  W3C  
> Recommendation, 10
> June 2008. This version of the XML Signature Syntax and Processing
> Recommendation is http://www.w3.org/TR/2008/REC-xmldsig- 
> core-20080610/. The
> latest version of XML-Signature Syntax and Processing is available at
> http://www.w3.org/TR/xmldsig-core/.
> ----
> (note removal of hyphen in title in Second Edition)
>
> ---
> (Part 4) Remove [SecSpecMaintWG] reference.
> ---
>
> http://www.w3.org/Bugs/Public/show_bug.cgi?id=6030
>
>          Summary: Note on using xml:id should reference Canonical  
> XML 1.1
>                   and XML Signature, Second Edition
>          Product: WS-Policy
>          Version: PR
>         Platform: Macintosh
>              URL: http://www.w3.org/TR/2007/NOTE-ws-policy-primer-
>                   20071112/#Referencing_Policy_Expressions
>       OS/Version: MacOS X
>           Status: NEW
>         Severity: normal
>         Priority: P2
>        Component: Primer
>       AssignedTo: fsasaki@w3.org
>       ReportedBy: frederick.hirsch@nokia.com
>        QAContact: public-ws-policy-qa@w3.org
>
>
> Section 2.10 Referencing Policy Expressions after example 2.16 has  
> same issue
> as framework, note needs to be replaced.
>
> Description/Justification
>
> Currently Section 2.10 Referencing Policy Expressions after example  
> 2.16
> contains a note that use of
> Canonical XML 1.0 with xml:id is not appropriate. This is correct.
>
> It has an additional Note that Canonical XML 1.1 is intended to  
> address this
> and that the XML Security Specifications Maintenance WG has been  
> chartered to
> investigate. This is no longer accurate since Canonical XML 11 has  
> been
> released as a Recommendation as has XML Signature (Second Edition).
>
> Target - primer
>
> Proposal
>
> Create Proposed Errata against Primer document.
>
> (Part 1) Replace the following text in Section 2.10 Referencing Policy
> Expressions after example 2.16:
> ---
> Note:
> Canonical XML 1.1 [C14N11] is intended to address the issues that  
> occur with
> Canonical XML 1.0 with regards to xml:id. The W3C XML Security  
> Specifications
> Maintenance WG has been chartered to address how to integrate  
> Canonical XML 1.1
> with XML Security, including XML Signature [SecSpecMaintWG] (See
> http://www.w3.org/2007/xmlsec/.)
> ---
> With the following text:
> ---
> Note that is is acceptable to sign a policy expression identified  
> using xml:id
> with XML SIgnature (Second Edition) [XML-Signature-2ndEdition] and  
> Canonical
> XML 1.1 [C14N11], as these recommendations  address issues related  
> to the use
> of xml:id and xml:base.
> ---
> (Part 2)
> Update the reference to C14N11 in Appendix C.
>
> Replace the following:
> ---
> Canonical XML 1.1, J. Boyer and G. Marcy Authors. W3C Candidate
> Recommendation, 21 June 2007. This is a work in progress. This  
> version is
> available at http://www.w3.org/TR/2007/CR-xml-c14n11-20070621. The  
> latest
> version of Canonical XML 1.1 is available at http://www.w3.org/TR//xml-c14n11/ 
> .
> ---
> with
>
> Canonical XML 1.1, J. Boyer and G. Marcy Authors. W3C  
> Recommendation, 2 May
> 2008.  This version is available at
> http://www.w3.org/TR/2008/REC-xml-c14n11-20080502. The latest  
> version of
> Canonical XML 1.1 is available at http://www.w3.org/TR//xml-c14n11/.
>
> ---
>
> (Part 3)
> Add a reference to Appendix C for XML Signature (Second Edition) :
> ----
> [XML-Signature-2ndEdition] XML Signature Syntax and Processing, D.  
> Eastlake, J.
> Reagle, D. Solo, F. Hirsch, and  T. Roessler Editors.  W3C  
> Recommendation, 10
> June 2008. This version of the XML Signature Syntax and Processing
> Recommendation is http://www.w3.org/TR/2008/REC-xmldsig- 
> core-20080610/. The
> latest version of XML-Signature Syntax and Processing is available at
> http://www.w3.org/TR/xmldsig-core/.
> ----
> (note removal of hyphen in title in Second Edition)
>
> ---
> (Part 4) Remove [SecSpecMaintWG] reference.
> ----
>
>
> regards, Frederick
>
> Frederick Hirsch
> Nokia
>
>
>
Received on Thursday, 6 November 2008 14:29:22 UTC