Agenda: Distributed meeting 2007-07-31 v3

Agenda: W3C XML Security Specifications Maintenance WG (XMLSec) v3
Teleconference 31 July 2007
Distributed Meeting #11

v2 add Rob Miller regrets, remove cancel reminder, fix next meeting  
(1b), add link to submission archive (1c), add ACTION-26, update  
ACTION-53 note, add ACTION-67 done note, update XML Sig material to  
reflect latest editorial draft (4a), defer last call on Decrypt  
Transform (4b, 5)

v3 ACTION-69 done, add new agenda item 7 for Best Practices, new  
version of interop test cases (6a) , issues regarding revised XML  
Signature (4a-i) and (4a-ii).

9-10am Eastern Time
(6-7am Pacific, 1400-1500 Dublin, 1500-1600 CET, 1600-1700 Crete)

See <http://www.w3.org/2007/xmlsec/Group/Overview.html> for time in  
other time zones.

Zakim Bridge:
       +1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
     irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
     <http://cgi.w3.org/member-bin/irc/irc.cgi>

Please note that attendance of XMLSEC WG telecons is restricted to  
registered WG participants and persons invited by the chair.

Chair:
    Frederick Hirsch

Regrets:
    Rob Miller

1) Administrivia: scribe confirmation, next meeting, other

1a)  Tony Nadalin is scheduled to scribe.

The current scribe list is at the end of this message.

    Scribe Instructions:
    http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html

1b)   Meeting planning

Next meeting: Tuesday 7 August. Scribe: Rob Miller

November plenary, 8-9 November (and possibly 10th) scheduled
http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jul/ 
0005.html

1c) Workshop, please solicit position papers

Announcement: http://www.w3.org/2007/xmlsec/ws/
CFP: http://www.w3.org/2007/xmlsec/ws/cfp.html

Submission mailing list archive: http://lists.w3.org/Archives/Member/ 
member-xmlsec-submit/

1d) Interop Questionnaire

8 Attendees, 2 implementations as of 30 June questionnaire.

Questionnaire closed 30 July - http://www.w3.org/2002/09/wbs/40279/ 
interop-sched/

2) Review and approval of last meeting's minutes
    http://www.w3.org/2007/07/17-xmlsec-minutes

3) Action item review

    Open actions are listed in Tracker at http://www.w3.org/2007/ 
xmlsec/Group/track/actions/open
    Text list: http://www.w3.org/2007/xmlsec/actions-open.html

Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/ 
Overview.html#closing-actions

[OPEN] ACTION-26: draft CG note draft for submission to XML CG - due  
2007-07-31

[OPEN] ACTION-50: Thomas Roessler to Create workshop logistics page -  
due 2007-06-19

[OPEN] ACTION-53: Thomas Roessler to Work toward publication of  
xmlenc-decrypt11 as Last Call WD - due 2007-06-26
New changes needed for XPointer issues, defer Last Call WD.

[OPEN] ACTION-64: Thomas Roessler to Merge into main editor's draft -  
due 2007-07-24
Done see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Jul/0031.html

[OPEN] ACTION-65: Juan Carlos Cruellas to Carlos to develop/retrieve  
test cases for C14N with comments, scheme-based xpointers - due  
2007-07-24

[OPEN] ACTION-66: Thomas Roessler to Inform xml cg of intent to squat  
on xpointer(/) and xpointer(id(ID)) - due 2007-07-24
Done see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Jul/0028.html

[OPEN] ACTION-67: Ed Simon to Update wiki to list XPath 2.0 and XSLT  
2.0 identifiers - due 2007-07-24
Done, see http://www.w3.org/2007/xmlsec/wiki/ 
CharterDevelopmentForSignatureEncryption at end

[OPEN] ACTION-68: Sean Mullan to Develop RFC 4514 / RFC 2253 test  
cases - due 2007-07-24

[OPEN] ACTION-69: Ed Simon to Draft warning similar to that of  
section 7.2 of RFC 2253 as possible best practice item - due 2007-07-24
Done see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Jul/0039.html

See agenda item

4) Issues

4a) XML Signature and XPointer resolution

Issue: Reference to draft of XPointer draft and content that is not  
in XPointer Framework or XPointer Element () Schema  RECs. ( http:// 
lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0018.html )

Updated editors draft including changes based on review from Paul Grosso
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/

Two issues:
Thread:
Sean: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Jul/0042.html
Thomas reply: http://lists.w3.org/Archives/Public/public-xmlsec- 
maintwg/2007Jul/0043.html
Sean reply: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Jul/0044.html

4a-i) I think the C14N 1.1 algs also should be listed in Section 6.1.

http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0047.html

Revised editors draft:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0051.html

4a-ii) I forgot if we discussed this in a past meeting, but weren't  
we also going to add the Exclusive C14N algorithms to section 6.1/6.5  
(Canonicalization Algorithms)?

http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0046.html

---
Message from Thomas:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0037.html
(Note: xpointer working draft reference is in the editors draft)

WG Agreement to accept XML Signature red-line changes for this topic?

* 4.3.3.2 http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec- 
ReferenceProcessingModel

* 4.3.3.3 http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-Same- 
Document

* 11 (References) http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/ 
#sec-References

4b)  normative reference to URI spec (RFC obsoleted) same doc RFC  
reference

see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0030.html

5) Agree to bring Decrypt Transform to Last Call

Defer until XPointer red-line produced.

6)  Interop Test Cases

6a) Updated test cases draft and comments/discussion on public email  
list:

Updated draft:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0040.html

Need for style sheet update:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0041.html

6b) Review process outline on wiki

see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0025.html

6c) test defined in new C14N11 example (as updated)
http://www.w3.org/XML/Group/2007/05/CR-xml-c14n11-20070509

6d) Tests for Errata
Agreed at F2F that no tests needed for E02-E05
Test for E01?

6e)  Additional tests discussed at F2F
-  test case for 1.0 as default see if 1.1 by mistake
- test case which checks for correct sig when xml:base is present
- test case which checks for correct sig when xml:id is present
- generate sig over doc subset, must include c14n11 as  final transform
- new generators not rely on default c14n
- conversion NodeSetData to OctetStreamData:
- Generate a signature having a reference with some xpath transform  
selecting NodeSetData
then we add a XSLT transform that clearly needs OctetStreamData.  
Check on verification: if the resulting signature actually made the  
use of c14n 1.1 explicit in the chain of transforms

7) Best Practices

RFC 4514 warning

Ed Simon: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/ 
2007Jul/0039.html

Frederick follow up:
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0045.html

Sean: PrintableString or UTF8String, OID form of attribute keywords  
if they are not one of the 9
standard short names
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0049.html

Ed: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/ 
0050.html

8) C14N11 - Appendix A

Konrad had pointed out some issues with Appendix A at
http://lists.w3.org/Archives/Public/public-xml-core-wg/2007May/0046

Appendix update: Konrad
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/ 
0073.html

includes changes from Juan Carlos.

8) Any other business

9) Adjourn

Scribe list
-----------

Elisabetta Carrara
Ram Mohan
Anthony Nadalin
Chris Nautiyal
Rich Salz
Daniel Schutzer
Andrew Sullivan
Panagiotis Trimintzios
Tarun Tyagi
Greg Whitehead (F2F 2 May 07 am)
Rob Miller  (F2F 2 May 07 pm)
Gregory Berezowsky (F2F 3 May 07 am)
Sean Mullan (F2F 3 May 07 pm)
Juan Carlos Cruellas (15 May 2007)
Phillip Hallam-Baker (22 May 2007)
Giles Hogben  (29 May 2007)
Konrad Lanz (6 June 2007)
Donald Eastlake (12 June 2007)
Peter Lipp (Konrad, 19 June 2007)
Ed Simon (26 June 2007)
Hal Lockhart (10 July 2007)
Thomas Roessler (17 July 2007, 17 Apr 07)

Received on Monday, 30 July 2007 22:10:38 UTC