See also: IRC log
<tlr> Date: 10 July 2007
<tlr> previous: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0000.html
<fjh> Meeting: XML Security Specifications Maintenance WG Conference Call
<fjh> ScribeNick: hal
<fjh> Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0006.html
<fjh> Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0006.html
<tlr> next meeting 17 July, Thomas to scribe
Resolution: call on July 24 canceled
fjh: wiki technology to change
... should not affect this WG
... will inform ok unless hear otherwise
... workshop CFP is out, please publicise
<tlr> http://www.w3.org/2007/06/26-xmlsec-minutes
resolution: approved unanimously
<tlr> ACTION-35 closed
ACTION-35 Close no activity
ACTION-50 Open
ACTION-53 Open
ACTION-56 Open Need PK from Juan Carlos
ACTION-57 Close
ACTION-58 Open
ACTION-59 Close
ACTION-60 Close
fjh: please fill out questionaire
<tlr> questionnaire: http://www.w3.org/2002/09/wbs/40279/interop-sched/
fjh: is there risk to only three impls?
jcc: we have an impl
sean: just started on C14N
<tlr> ACTION: fjh to contact Aleksey Sanin about interop and attendance [recorded in http://www.w3.org/2007/07/10-xmlsec-minutes.html#action01]
<trackbot-ng> Created ACTION-61 - Contact Aleksey Sanin about interop and attendance [on Frederick Hirsch - due 2007-07-17].
jcc: developed categories of tests
... legacy tests
... c14N 1.1 tests
... covering changes
... application of implicit and explicit C14N
<fjh> c14n11 test for each xml namespace attribute
jcc: for example with xml:id
... last group for checking rules for coding Dnames
... some tests are missing right now
... use Konrad's examples as basis of tests
... fjh: C14N 1.1 has both input and output
klanz2: only some tests have input and output
fjh: will need input and output for every test
jcc: can link from doc to test cases
sean: will we wait for working impl to
create output?
... or will we do it by hand
<fjh> klanz2: review process in parallel with test case development
<fjh> ... put test cases in, then review before workshop what is needed
jcc: certain examples in C14N document
... use as way of checking
<fjh> hal: reiterating sean's question - what is strategy for testing correctness?
<fjh> ... need time for hand crafting
jcc: proposing using examples from docs
as test cases where possible
... Dname encoding more difficulet
... might need many certificates
<fjh> ACTION: jcc to send email describing examples to clarify testing issues [recorded in http://www.w3.org/2007/07/10-xmlsec-minutes.html#action02]
<trackbot-ng> Created ACTION-62 - Send email describing examples to clarify testing issues [on Juan Carlos Cruellas - due 2007-07-17].
klanz: not too formal, just put test
cases in CVS
... if we get different results we can examine
... for implicit or explicit just create document to sign
... run against old and new versions of XML Canonicalization
sean: agree C14N test cases can be generated by hand
<fjh> sean: c14n test cases can be generated by hand, then generate sigs against those
jcc: agree, everybody should look at test case document
<tlr> http://www.w3.org/2007/xmlsec/interop/testcases.html
<sean> +1 to fjh
<klanz2> webcvs ?
<fjh> ACTION: fjh to write up process outline for interop [recorded in http://www.w3.org/2007/07/10-xmlsec-minutes.html#action03]
<trackbot-ng> Created ACTION-63 - Write up process outline for interop [on Frederick Hirsch - due 2007-07-17].
tlr: clarified CVS machinery
jcc: suggest action to those creating test cases to avoid duplicate effort
fjh: need to review jcc document
in summary, will be a doc on the process
another doc with all categories of test containing links to actual tests
<fjh> klanz: need to determine naming of test cases, first case defines it, subsequent use that name
tests to be in CVS, use CVS to manage conflicts, duplicate work
<fjh> ... keep it easy
<klanz2> RecommendationRef.SpecificIssue[.SpecificSub-Issue]#TestNumber-(positive | negative | caveat)
<fjh> Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0006.html
<klanz2> ok for me
fjh: need to take this to the list
<fjh> http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-X509Data
fjh: are we happy with this document?
... ed made comment
EdS: draft is condridictory
... propose 2 changes to clarify Dname encoding
tlr: current text is more leniant than
RFC 4514
... need seperate section, editorial change
<fjh> thomas: not contradictory since RFC defines grammar, more lenient than augmentation
EdS: could be less confusing
<tlr> http://www.w3.org/mid/000001c7c290$863f19f0$6800a8c0@XMLSEC004
tlr: see what Ed is suggesting, disagree
... two sections reference different things
<klanz2> +1 to tlr
tlr: constraint on string and how to generate string
<fjh> seems like we need to clarify that we speak of grammar and generation rules
<fjh> agreed proposal: "DN should be represented as in sec 3, generated as in sec ..
<tlr> http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-X509Data
<klanz2> not there yet
tlr: propose changes to section 4.4.4
<fjh> . The distinguished name SHOULD be represented as a string that complies with section 3 of
<tlr> http://nelson.w3.org/2007/xmlsec/Drafts/xmldsig-core/Overview.html
<sean> looks ok to me
<fjh> http://nelson.w3.org/2007/xmlsec/Drafts/xmldsig-core/Overview.html#sec-X509Data
<fjh> looks ok to me
<EdS> looks good to me
<klanz2> The distinguished name SHOULD be represented as a string that complies with section 3 of that SHOULD be compliant with RFC22534514 [LDAP-DN],
resolution: agree to change
<tlr> RESOLUTION: WG agrees to E01 resolution in Editor's Draft $Date: 2007/07/10 14:07:04 $
<tlr> woo-hoo!
<EdS> I just want to make a note for the minutes that TLR was highlighting that we want to distinguish between compliance and generation and so we will keep the original text while also adding my suggested additions (http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0008.html).
<tlr> hal, still on IRC?