- From: Thomas Roessler <tlr@w3.org>
- Date: Sun, 1 Jul 2007 22:54:41 +0200
- To: public-xmlsec-maintwg@w3.org
Seems like these minutes got stuck in an interaction between Ed
waiting for a response and Frederick being away.
http://www.w3.org/2007/06/26-xmlsec-minutes
Cheers,
--
Thomas Roessler, W3C <tlr@w3.org>
[1]W3C
XML Security Specifications Maintenance WG
26 Jun 2007
[2]Agenda
See also: [3]IRC log
Attendees
Present
Frederick Hirsch (fjh), Ed Simon (EdS), Thomas Roessler (tlr),
Juan Carlos Cruellas (jcc), Sean Mullan (sean), Rob Miller,
Konrad Lanz (klanz2), Donald Eastlake (deastl), Phill
Hallam-Baker (PHB)
Regrets
None
Chair
Frederick Hirsch
Scribe
Ed Simon
Contents
* [4]Topics
1. [5]Administrivia: scribe confirmation, next meeting, other
2. [6]Interop planning
3. [7]action garbage collection
4. [8]XML Signature Draft
* [9]Summary of Action Items
__________________________________________________________________
<fjh2> Meeting: XML Security Specifications Maintenance WG Conference
Call
<fjh2> ScribeNick: EdS
<fjh2> Agenda:
[10]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0
078.html
Administrivia: scribe confirmation, next meeting, other
No meeting on July 3, Hal Scribing July 10
Please solicit position papers for meeting at VeriSign headquarters and
indicate availability.
XML Core OK with us updating XML Signature note.
Resolution: Minutes of last week are approved.
Action-26: Open
<tlr> I have just updated the interop participation questionnaire to
close on 30 June.
Action-25 on Rich Salz is still open;
fjh will contact Rich on action-25
action-37: closed
action-38: Closed
jcc: Action-48 should be closed re minutes of last meeting, no change
to doc was necessary
Action-48: Closed
<fjh2> action-50 open
<tlr> ACTION-50 open, ACTION-54 closed, ACTION-55 closed
Actions 54 and 55 are closed.
Interop planning
fjh: should interop be open or closed?
<klanz2> +1 to open
fjh: is additional interop from outside wanted?
<sean> +1
EdS: +1
<deastlak> I think it should be open...
Rob Miller says +1
Rob Miller attempting to get others involved.
tlr +1
tlr: we should invite XML Core as co-sponsors for interop
<tlr> RESOLUTION: interop to be open, invite XML Core to co-sponsor
Resolution: Interop will be open and we will attemp to co-sponsor with
XML Core
fjh: Phb2 confirms VeriSign will host
tlr: 10-15 people expected.
<klanz2> ;-)
phb2: room confirmed for 20 people
fjh: we need test cases for interop
... please respond to questionaire
tlr: we need to collect old test cases, create new test cases
... need action item for test cases
we need a point person for test cases for the WG
<tlr> fine with me as well
fjh: use wiki for test cases?
<tlr> +1 to using wiki; hadn't thought of it
klanz2: +1 to wiki, also CVS a good idea, will contribute test cases
fjh: we should use CVS for test cases and wiki
<tlr> ACTION: thomas to give Juan Carlos, Sean, Konrad access to
interop web space in CVS [recorded in
[11]http://www.w3.org/2007/06/26-xmlsec-minutes.html#action02]
<trackbot-ng> Created ACTION-56 - Give Juan Carlos, Sean, Konrad access
to interop web space in CVS [on Thomas Roessler - due 2007-07-03].
<tlr> ACTION: cruellas to get us started on test cases [recorded in
[12]http://www.w3.org/2007/06/26-xmlsec-minutes.html#action04]
<trackbot-ng> Created ACTION-57 - Get us started on test cases [on Juan
Carlos Cruellas - due 2007-07-03].
fjh: juan create outline of test cases and indicate links to previous
test cases
klanz2: will supply unit cases
... will post cases to list
fjh, klanz2, EdS: put "[InterOp-Testcase]" in subject line for posts
related to test cases
action garbage collection
<tlr> ACTION-52 done
Action-52: Closed
<fjh2>
[13]http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-X509Data
XML Signature Draft
<fjh2> should" to "MAY" at end of 4.4.4
<fjh2> reference to RFC2253 updated to RFC4515
<fjh2> conversion of last bullet to additional text, since not
augmentation of encoding rules
<fjh2>
[14]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0
071.html
<fjh2> s/the string encoding rules in section 2.4/the character
escaping rules in section 2.4/
konrad: dname encoding is clarified as optional
... should say "Character-escaping" rules
jcc: rfc4514 not restricted just to ASCII, talks of Unicode
<jcc> one of the characters '"', '+', ',', ';', '<', '>', or '\'
<jcc> (U+0022, U+002B, U+002C, U+003B, U+003C, U+003E, or U+005C,
<jcc> respectively);
jcc: 2.4 of rfc 4514
<Zakim> tlr, you wanted to note that 2253 isn't limited to ASCII either
rfc 2253 talks about UTF-8
rfc 4514 deals with Unicode
<fjh2> [15]http://www.rfc-editor.org/rfc/rfc4514.txt
tlr: need to be compatible with various XML encodings, Konrad's
additions make that work
<fjh2> tlr: if receiver can process according to RFC then sender has
some encoding flexibility
<tlr> tlr: RFC 4514, section 2.4 gives you two ways to encode things.
hex (which you pick if you don't know how to deal with charset) or
utf-8 + escaping rules. Receiving party needs to be able to deal with
both. Therefore, propose that we just stick to the current text, plus
Konrad's proposed change.
jcc: to send email explaining his thoughts on RFC 2253 and 4514 diffs
tlr: string generated must comply with sec 3 of rfc 4514
klanz2: an rfc 2253 implemenation should be happy with what we have now
<tlr> we are talking of not even a conformance point.
<fjh2> Consider the string as consisting of Unicode characters.
jcc: most recent red-line is OK with him with Konrad's edit but first
bullet (Unicode one) is of concern
<Zakim> tlr, you wanted to suggest striking that bullet point
tlr: agree with JCC re string "consisting of Unicode characters"
<tlr> tlr: suggest to strike it
<fjh2> klanz2: if talking character escaping then clearer that not hex
encoding
jcc and konrad agree with tlr
<fjh2> re removing first bullet
sean: wary of going with 4514 in addition to 2253
back to getting rid of Unicode bullet
<klanz2> +1 to skip first bullet
agreed to get rid of that bullet
back to sean's comment
<fjh2> RESOLUTION: Remove first bullet in second bullet list in XML Sig
4.4.4
tlr: grammar in 2253 is broken, 4514 is fixed
sean: what of implemenations already out there
EdS: are we worried about legacy implementations?
tlr: are implementations of 2253 going to be broken by 4514
sean: hard to answer that
EdS: if it can be broken, it will ;)
tlr: going with 4514 and let interop flush out problems
klanz2: asks tlr to summarize his comments on the mailing list to
record his detailed thinking about 4514
<scribe> ACTION: Sean to create test re rfc 2253 vs rfc 4514
implementations [recorded in
[16]http://www.w3.org/2007/06/26-xmlsec-minutes.html#action06]
<trackbot-ng> Created ACTION-58 - Create test re rfc 2253 vs rfc 4514
implementations [on Sean Mullan - due 2007-07-03].
<fjh2> 2253 implementation able to receive
<tlr> I think if Sean finds a "trouble" test case, that needs to go
into the interop testing.
<klanz2> May I propose to add 15 minutes to the call ?
<tlr> +1 to adding 15 min
<fjh2> eds: uniform referencing of RFC 2253 and 4514 in draft? Earlier
section?
<sean> +1 to adding 15 min
<fjh2> +1 to 15 min
<scribe> ACTION: thomas to summarize his comments on the mailing list
to record his detailed thinking about 4514 [recorded in
[17]http://www.w3.org/2007/06/26-xmlsec-minutes.html#action07]
<trackbot-ng> Created ACTION-59 - Summarize his comments on the mailing
list to record his detailed thinking about 4514 [on Thomas Roessler -
due 2007-07-03].
tlr: all decisions are subject to interop testing results
resolution: wg agrees to change to rfc 4514 from rfc 2253 subject to
interop testing
<klanz2>
[18]http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-X509Data
<tlr>
[19]http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-X509Data
<klanz2> [20]http://www.w3.org/TR/xmldsig-core/#ref-LDAP-DN
<klanz2> Update the Reference Section as well
tlr: review wording changes to XML Sig
sean: in section 11, need to update ref to 2253 to 4514
tlr: that was done
<tlr>
[21]http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-References
<klanz2> It's there, there is a limit due to the speed of Light ;-)
<klanz2> we have two more minutes
everyone to review new version of specification -- make sure you have
the latest version! -- and add your comments to the list and be
prepared to approve, or debate, XML Sig at next meeting
fjh: reversibility warning can be in best practices,
<fjh2>
[22]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0
000.html
to make sure you have latest draft, go to top and look for "Editor's
Draft $Date: 2007/07/01 20:53:25 $" or later time stamp
<tlr> sorry, no
<tlr> XML-Signature Syntax and Processing Editor's Draft $Date:
2007/07/01 20:53:25 $
<tlr> ,-)
jcc: mime types not an open issue
<klanz2> do you have a link to the errata document
<tlr> +1 to fjh's proposal
<tlr> ACTION: cruellas to investigate mime types vs uri for next
meeting -due 2007-07-10 [recorded in
[23]http://www.w3.org/2007/06/26-xmlsec-minutes.html#action09]
<trackbot-ng> Created ACTION-60 - Investigate mime types vs uri for
next meeting -due 2007-07-10 [on Juan Carlos Cruellas - due
2007-07-03].
<klanz2>
[24]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0
078.html
fjh: prefer to leave stuff on agenda to next time if we do not get it
to it this time
... will need to review canonicalization revision from Konrad
klanz2: there are some issues; more feedback potentially when interop
starts, c14n wants to be informed of xmlsec wg status
<tlr> juan-carlos, I think the Type vs MIMEType issue isn't one.
fjh: will we need more time on these calls? as we move to interop, may
not, or maybe we will
<klanz2> 7a) changes to appendix, considered changes by JCC, did not
consider changes by sean as I sticked as close as possible to RFC 3986
...
next call on July 10
<klanz2> ... maybe rewording may enhance readability
<klanz2> ... unsure about the implications and impacts wehn rewording
appendix moving away from rfc 3986
<klanz2> ... as original mission in xml core was to stick as close as
posssible to the rfc 3986 ...
<klanz2> .. discussion useful .
Summary of Action Items
ACTION-56 - Give Juan Carlos, Sean, Konrad access to interop web space
in CVS [on Thomas Roessler - due 2007-07-03].
ACTION-57 - Get us started on test cases [on Juan Carlos Cruellas - due
2007-07-03].
ACTION-58 - Create test re rfc 2253 vs rfc 4514 implementations [on
Sean Mullan - due 2007-07-03].
ACTION-59 - Summarize his comments on the mailing list to record his
detailed thinking about 4514 [on Thomas Roessler - due 2007-07-03].
ACTION-60 - Investigate mime types vs uri for next meeting -due
2007-07-10 [on Juan Carlos Cruellas - due 2007-07-03].
[End of minutes]
__________________________________________________________________
Minutes formatted by David Booth's [25]scribe.perl version 1.128
([26]CVS log)
$Date: 2007/07/01 20:53:25 $
References
1. http://www.w3.org/
2. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0072.html
3. http://www.w3.org/2007/06/26-xmlsec-irc
4. http://www.w3.org/2007/06/26-xmlsec-minutes#agenda
5. http://www.w3.org/2007/06/26-xmlsec-minutes#item01
6. http://www.w3.org/2007/06/26-xmlsec-minutes#item02
7. http://www.w3.org/2007/06/26-xmlsec-minutes#item03
8. http://www.w3.org/2007/06/26-xmlsec-minutes#item04
9. http://www.w3.org/2007/06/26-xmlsec-minutes#ActionSummary
10. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0078.html
11. http://www.w3.org/2007/06/26-xmlsec-minutes.html#action02
12. http://www.w3.org/2007/06/26-xmlsec-minutes.html#action04
13. http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-X509Data
14. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0071.html
15. http://www.rfc-editor.org/rfc/rfc4514.txt
16. http://www.w3.org/2007/06/26-xmlsec-minutes.html#action06
17. http://www.w3.org/2007/06/26-xmlsec-minutes.html#action07
18. http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-X509Data
19. http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-X509Data
20. http://www.w3.org/TR/xmldsig-core/#ref-LDAP-DN
21. http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-References
22. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0000.html
23. http://www.w3.org/2007/06/26-xmlsec-minutes.html#action09
24. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0078.html
25. http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
26. http://dev.w3.org/cvsweb/2002/scribe/
Received on Sunday, 1 July 2007 20:54:57 UTC