- From: ext Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Mon, 30 Jul 2007 18:10:07 -0400
- To: XMLSec <public-xmlsec-maintwg@w3.org>
- Cc: Hirsch Frederick <frederick.hirsch@nokia.com>
Agenda: W3C XML Security Specifications Maintenance WG (XMLSec) v3
Teleconference 31 July 2007
Distributed Meeting #11
v2 add Rob Miller regrets, remove cancel reminder, fix next meeting
(1b), add link to submission archive (1c), add ACTION-26, update
ACTION-53 note, add ACTION-67 done note, update XML Sig material to
reflect latest editorial draft (4a), defer last call on Decrypt
Transform (4b, 5)
v3 ACTION-69 done, add new agenda item 7 for Best Practices, new
version of interop test cases (6a) , issues regarding revised XML
Signature (4a-i) and (4a-ii).
9-10am Eastern Time
(6-7am Pacific, 1400-1500 Dublin, 1500-1600 CET, 1600-1700 Crete)
See <http://www.w3.org/2007/xmlsec/Group/Overview.html> for time in
other time zones.
Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
<http://cgi.w3.org/member-bin/irc/irc.cgi>
Please note that attendance of XMLSEC WG telecons is restricted to
registered WG participants and persons invited by the chair.
Chair:
Frederick Hirsch
Regrets:
Rob Miller
1) Administrivia: scribe confirmation, next meeting, other
1a) Tony Nadalin is scheduled to scribe.
The current scribe list is at the end of this message.
Scribe Instructions:
http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html
1b) Meeting planning
Next meeting: Tuesday 7 August. Scribe: Rob Miller
November plenary, 8-9 November (and possibly 10th) scheduled
http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jul/
0005.html
1c) Workshop, please solicit position papers
Announcement: http://www.w3.org/2007/xmlsec/ws/
CFP: http://www.w3.org/2007/xmlsec/ws/cfp.html
Submission mailing list archive: http://lists.w3.org/Archives/Member/
member-xmlsec-submit/
1d) Interop Questionnaire
8 Attendees, 2 implementations as of 30 June questionnaire.
Questionnaire closed 30 July - http://www.w3.org/2002/09/wbs/40279/
interop-sched/
2) Review and approval of last meeting's minutes
http://www.w3.org/2007/07/17-xmlsec-minutes
3) Action item review
Open actions are listed in Tracker at http://www.w3.org/2007/
xmlsec/Group/track/actions/open
Text list: http://www.w3.org/2007/xmlsec/actions-open.html
Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/
Overview.html#closing-actions
[OPEN] ACTION-26: draft CG note draft for submission to XML CG - due
2007-07-31
[OPEN] ACTION-50: Thomas Roessler to Create workshop logistics page -
due 2007-06-19
[OPEN] ACTION-53: Thomas Roessler to Work toward publication of
xmlenc-decrypt11 as Last Call WD - due 2007-06-26
New changes needed for XPointer issues, defer Last Call WD.
[OPEN] ACTION-64: Thomas Roessler to Merge into main editor's draft -
due 2007-07-24
Done see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/
2007Jul/0031.html
[OPEN] ACTION-65: Juan Carlos Cruellas to Carlos to develop/retrieve
test cases for C14N with comments, scheme-based xpointers - due
2007-07-24
[OPEN] ACTION-66: Thomas Roessler to Inform xml cg of intent to squat
on xpointer(/) and xpointer(id(ID)) - due 2007-07-24
Done see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/
2007Jul/0028.html
[OPEN] ACTION-67: Ed Simon to Update wiki to list XPath 2.0 and XSLT
2.0 identifiers - due 2007-07-24
Done, see http://www.w3.org/2007/xmlsec/wiki/
CharterDevelopmentForSignatureEncryption at end
[OPEN] ACTION-68: Sean Mullan to Develop RFC 4514 / RFC 2253 test
cases - due 2007-07-24
[OPEN] ACTION-69: Ed Simon to Draft warning similar to that of
section 7.2 of RFC 2253 as possible best practice item - due 2007-07-24
Done see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/
2007Jul/0039.html
See agenda item
4) Issues
4a) XML Signature and XPointer resolution
Issue: Reference to draft of XPointer draft and content that is not
in XPointer Framework or XPointer Element () Schema RECs. ( http://
lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0018.html )
Updated editors draft including changes based on review from Paul Grosso
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/
Two issues:
Thread:
Sean: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/
2007Jul/0042.html
Thomas reply: http://lists.w3.org/Archives/Public/public-xmlsec-
maintwg/2007Jul/0043.html
Sean reply: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/
2007Jul/0044.html
4a-i) I think the C14N 1.1 algs also should be listed in Section 6.1.
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0047.html
Revised editors draft:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0051.html
4a-ii) I forgot if we discussed this in a past meeting, but weren't
we also going to add the Exclusive C14N algorithms to section 6.1/6.5
(Canonicalization Algorithms)?
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0046.html
---
Message from Thomas:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0037.html
(Note: xpointer working draft reference is in the editors draft)
WG Agreement to accept XML Signature red-line changes for this topic?
* 4.3.3.2 http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-
ReferenceProcessingModel
* 4.3.3.3 http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-Same-
Document
* 11 (References) http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/
#sec-References
4b) normative reference to URI spec (RFC obsoleted) same doc RFC
reference
see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0030.html
5) Agree to bring Decrypt Transform to Last Call
Defer until XPointer red-line produced.
6) Interop Test Cases
6a) Updated test cases draft and comments/discussion on public email
list:
Updated draft:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0040.html
Need for style sheet update:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0041.html
6b) Review process outline on wiki
see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0025.html
6c) test defined in new C14N11 example (as updated)
http://www.w3.org/XML/Group/2007/05/CR-xml-c14n11-20070509
6d) Tests for Errata
Agreed at F2F that no tests needed for E02-E05
Test for E01?
6e) Additional tests discussed at F2F
- test case for 1.0 as default see if 1.1 by mistake
- test case which checks for correct sig when xml:base is present
- test case which checks for correct sig when xml:id is present
- generate sig over doc subset, must include c14n11 as final transform
- new generators not rely on default c14n
- conversion NodeSetData to OctetStreamData:
- Generate a signature having a reference with some xpath transform
selecting NodeSetData
then we add a XSLT transform that clearly needs OctetStreamData.
Check on verification: if the resulting signature actually made the
use of c14n 1.1 explicit in the chain of transforms
7) Best Practices
RFC 4514 warning
Ed Simon: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/
2007Jul/0039.html
Frederick follow up:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0045.html
Sean: PrintableString or UTF8String, OID form of attribute keywords
if they are not one of the 9
standard short names
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0049.html
Ed: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/
0050.html
8) C14N11 - Appendix A
Konrad had pointed out some issues with Appendix A at
http://lists.w3.org/Archives/Public/public-xml-core-wg/2007May/0046
Appendix update: Konrad
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/
0073.html
includes changes from Juan Carlos.
8) Any other business
9) Adjourn
Scribe list
-----------
Elisabetta Carrara
Ram Mohan
Anthony Nadalin
Chris Nautiyal
Rich Salz
Daniel Schutzer
Andrew Sullivan
Panagiotis Trimintzios
Tarun Tyagi
Greg Whitehead (F2F 2 May 07 am)
Rob Miller (F2F 2 May 07 pm)
Gregory Berezowsky (F2F 3 May 07 am)
Sean Mullan (F2F 3 May 07 pm)
Juan Carlos Cruellas (15 May 2007)
Phillip Hallam-Baker (22 May 2007)
Giles Hogben (29 May 2007)
Konrad Lanz (6 June 2007)
Donald Eastlake (12 June 2007)
Peter Lipp (Konrad, 19 June 2007)
Ed Simon (26 June 2007)
Hal Lockhart (10 July 2007)
Thomas Roessler (17 July 2007, 17 Apr 07)
Received on Monday, 30 July 2007 22:10:38 UTC