- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 8 Jun 2007 14:20:02 +0200
- To: public-xmlsec-maintwg@w3.org
Draft minutes are at: http://www.w3.org/2007/06/05-xmlsec-minutes Text below... ----- Forwarded message from Konrad Lanz <Konrad.Lanz@iaik.tugraz.at> ----- [1]W3C - DRAFT - XML Security Specifications Maintenance WG Teleconference 4 June 2007, Distributed Meeting #5 5 Jun 2007 [2]Agenda See also: [3]IRC log Attendees Present Frederick_Hirsch, Konrad Lanz, EdSimon, jcc, Thomas, Hal, sean, grw, RobMiller, PHB Regrets Chair Frederick Hirsch Scribe Konrad Lanz Contents * [4]Topics 1. [5]Administrivia: scribe confirmation, next meeting 2. [6]Review and approval of last meeting's minutes 3. [7]3) Action item review 4. [8]Action-26 5. [9]Action-28 6. [10]Action-34 7. [11]ACTION-35 8. [12]ACTION-36 9. [13]ACTION-37 10. [14]ACTION-38 11. [15]ACTION-39 12. [16]ACTION-40 13. [17]ACTION-41 14. [18]ACTION-42 15. [19]4) Workshop/CFP 16. [20]4a) Proposed changes to CFP, Frederick Hirsch 17. [21]4b) Confirm workshop logistics: 25 & 26 September, 9-5, BEA, San Jose. 18. [22]Dates 19. [23]4c) Other workshop issues. 20. [24]5) Decryption Transform to Last Call 21. [25]6) C14N11 Review 22. [26]7) Algorithm URIs; dsig-usage note 23. [27]8) Editorial review - XML Signature 24. [28]8a) Errata 01 (Distinguished Name) issue * [29]Summary of Action Items __________________________________________________________________ Administrivia: scribe confirmation, next meeting <tlr> Meeting: XML Sec WG weekly <tlr> Date: 5 June 2007 HAL: not in office next meeting <tlr> Agenda: [30]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 007.html <tlr> Chair: fjh Review and approval of last meeting's minutes <fjh> minutes from last meeting [31]http://www.w3.org/2007/05/29-xmlsec-minutes RESOLUTION: minutes approved 3) Action item review Action-26: draft CG note draft for submission to XML CG <tlr> ACTION-26 continues tlr: no progress ... couple of issues need resolution and interaction with the xml coordination group Action-28: Propose additional types of contributions for workshop CFP <scribe> Closed ACTION-28 [32]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0 047.html Action-34 Verify that CR version of C14N11 has no conformance-affecting changes against http://www.w3.org/TR/2006/WD-xml-c14n11-20061220/ klanz2: no conformance affecting changes [33]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 014.html ACTION-35 Review Konrad\\'s message re xml:base by next call [34]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/a tt-0044/Apendix.html that's the related mail [35]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0 044.html fjh: still open and on rsalz ACTION-36 Review KonraD\\'s message re xml:base by next call jcc: action should be closed <jcc> message from JC for action 36: [36]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 010.html ACTION-37 Review Konrad\\'s message re xml:base by next call sean: ongoing ACTION-38 Review Konrad\\'s message re xml:base by next call ??? Close ??? ACTION-38 @@@ No input on review: Did I miss some email / comment to close this Action ??? @@@ ACTION-39 Update editor\\'s draft according to http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0042.html CLOSE ACTION-39 Done, see [37]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 002.html ACTION-40 Contact CAO Yongsheng confirming treatment of E1 in Decryption Transform CLOSE ACTION-40 http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jun/0002. html ACTION-41 Check his implementation wrt DNAME erratum <Sean> ACTION: 41 to the Java SE implementation doesn't do any of the DNAME encoding rules; we just encode as RFC 2253 String [recorded in [38]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action01] Close ACTION-41 ACTION-42 Produce example for breakage due to current E01 language [39]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 009.html Close ACTION-42 4) Workshop/CFP fjh: submission for approval next wednesday 4a) Proposed changes to CFP, Frederick Hirsch <fjh> [40]http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jun/0 000.html <tlr> fjh, chair hat off: sent message to list with some tweaks fhj: add an item to capture other standards experience <tlr> +1 to the proposed changes <fjh> Experience and consequences of building other specifications or standards with the XML Signature and XML Encryption suites of specifications as a basis <fjh> Insight into the interaction of the XML Security specifications with the evolving XML environment fhj: other changes are editorial RESOLUTION: Changes by fjh are accepted <tlr> ACTION: thomas to update CFP draft as suggested in [41]http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jun/0 000.html [recorded in [42]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action02] <trackbot-ng> Created ACTION-44 - Update CFP draft as suggested in [43]http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jun/0 000.html [on Thomas Roessler - due 2007-06-12]. <ptrimint> hi, I am Panos Trimintzios from ENISA .. just logged in (apologies for delay) 4b) Confirm workshop logistics: 25 & 26 September, 9-5, BEA, San Jose. hal: largest room for people seated at tables for 30 people <tlr> phb: can contact VERISIGN and see if there's a venue there <tlr> ... have rooms that are large enough ... phb: makes a case at verisign to get room <tlr> [44]http://www.w3.org/2007/xmlsec/ws/cfp fjh: can we get this out before next tuesday tlr: give necessary information to phil phb: will be able to tell in a couple of days <fjh> ACTION: TLR to give information on hosting to PHB [recorded in [45]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action03] <trackbot-ng> Created ACTION-45 - Give information on hosting to PHB [on Thomas Roessler - due 2007-06-12]. <tlr> ACTION-45 due right away <fjh> ACTION: PHB to confirm hosting by end of the week [recorded in [46]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action04] <trackbot-ng> Created ACTION-46 - Confirm hosting by end of the week [on Phillip Hallam-Baker - due 2007-06-12]. fjh: is it likely that verisign will host tlr: there can't be NDAs Dates fjh: workshop nine to five ... considering changing the hosting from bea to verisign 4c) Other workshop issues. fjh: willing to chair tlr: there is critical mass to do program comittee work fjh: on regular call or extra calls tlr: if possible on regular calls ... split the burden among the group into sessions fjh: different workgroup members should participate in recording session's outcome to generate final reports NOTE: fjh offers to chair 5) Decryption Transform to Last Call fjh: do not neded to wairt for response to ACTION-40 tlr: plan is to publish current editor's draft <tlr> Pending changes: (1) namespaces; (2) change reference to C14N 1.1 to be more precise <tlr> Group can either trust editors to do this and just move ahead to do Last Call FPWD, or look at updated draft @ next meeting <tlr> I'm fine either way. <fjh> ACTION: tlr and fjh to update editors draft for next meeting [recorded in [47]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action05] <trackbot-ng> Created ACTION-47 - And fjh to update editors draft for next meeting [on Thomas Roessler - due 2007-06-12]. 6) C14N11 Review <fjh> [48]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0 044.html <fjh> klanz2: had action to determine if conformance changes between Dec and later version, none found <fjh> ... wrote implementation to test, found a separate issue with algorithm in appendix <fjh> ... proposed changed version , also added set of test cases <fjh> ... primary issue .. processing fjh: rsalz not on the call <jcc> [49]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 010.html <fjh> klanz2: xpath filters not defined for canonicalization as such jcc: example in section 3.8 does not relate XPATH-Filter fjh: put proposal on the list Create ACTION on jcc example in section 3.8 does not relate XPATH-Filter <fjh> ACTION:: jcc to make proposal to resolve issue on [50]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 010.html [recorded in [51]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action06] <tlr> ACTION: jcc to make proposal to resolve issue on [52]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 010.html [recorded in [53]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action07] <trackbot-ng> Sorry, couldn't find user - jcc <tlr> ACTION: cruellas to make proposal to resolve issue on [54]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 010.html [recorded in [55]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action08] <trackbot-ng> Created ACTION-48 - Make proposal to resolve issue on [56]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 010.html [on Juan Carlos Cruellas - due 2007-06-12]. <fjh> jcc: asks for link to examples related to appendix a [57]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/a tt-0044/Apendix.html that's the related mail [58]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0 044.html <fjh> sean: would help if konrad has examples showing output before changes he has made, and how different or change needed chat is okay <tlr> ACTION: konrad to illustrate proposed changes by example [recorded in [59]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action09] <trackbot-ng> Created ACTION-49 - Illustrate proposed changes by example [on Konrad Lanz - due 2007-06-12]. <fjh> esimon2: +1 to sean ed: +1 to sean "no/.." -> "/" before "no/.." -> "" now 7) Algorithm URIs; dsig-usage note <fjh> [60]http://www.w3.org/TR/DSig-usage/ tlr: we will have to use a different uri in the future ... given the input the uri will change ... how will the xml core wg react? <fjh> klanz2: some changes to c14n11 needed, conformance changing, during C14N11 CR 8) Editorial review - XML Signature <fjh> [61]http://www.w3.org/2001/10/xmldsig-errata#E01 8a) Errata 01 (Distinguished Name) issue sean: sun only does RFC 2253 and none of the special rules in XMLDSIG <fjh> sean: key issue is whether rules are optional ed: doesn't think the DNAME encoding rules are optional <fjh> klanz2: was optional in text, lowercase should, test cases indicated this <fjh> sean: need to know what implementations are doing <fjh> klanz2: give warning regarding unusual DNames in certs, not common ed: proposed some changes <esimon2> [62]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0 050.html sean: everything we do should be consistent with rfc 2253 <fjh> ack <fjh> klanz: +1 to sean <jcc> rfc 4514 obsoletes 2253 <fjh> klanz: see if whitespace etc matter <esimon2> +q <fjh> ... ok with warning <fjh> klanz: changing RFC is conformance changing ? <esimon2> Need to evaluate whether our changes to the DN description, etc. affect XKMS. jcc: security considerations with DNAMES <fjh> tlr: what was mean originally, if what was meat, is there is case for change <fjh> ... capture in clear language what was meant originally <fjh> ... clarify whether normative language <jcc> section 7.2 of rf2253 (Use of distinguished names in security applications) warns about using the strings for identifying certificates. See [63]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 001.html <PHB2> I think we need to get folk like Alex Deacon involved here <PHB2> There are two sets of issues: what the specs say and what the applications do Summary of Action Items [NEW] ACTION: 41 to the Java SE implementation doesn't do any of the DNAME encoding rules; we just encode as RFC 2253 String [recorded in [64]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action01] [NEW] ACTION: : jcc to make proposal to resolve issue on [65]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 010.html [recorded in [66]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action06] [NEW] ACTION: cruellas to make proposal to resolve issue on [67]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 010.html [recorded in [68]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action08] [NEW] ACTION: jcc to make proposal to resolve issue on [69]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 010.html [recorded in [70]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action07] [NEW] ACTION: konrad to illustrate proposed changes by example [recorded in [71]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action09] [NEW] ACTION: PHB to confirm hosting by end of the week [recorded in [72]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action04] [NEW] ACTION: thomas to update CFP draft as suggested in [73]http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jun/0 000.html [recorded in [74]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action02] [NEW] ACTION: tlr and fjh to update editors draft for next meeting [recorded in [75]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action05] [NEW] ACTION: TLR to give information on hosting to PHB [recorded in [76]http://www.w3.org/2007/06/05-xmlsec-minutes.html#action03] [End of minutes] __________________________________________________________________ Minutes formatted by David Booth's [77]scribe.perl version 1.128 ([78]CVS log) $Date: 2007/06/05 14:08:39 $ __________________________________________________________________ Scribe.perl diagnostic output [Delete this section before finalizing the minutes.] This is scribe.perl Revision: 1.128 of Date: 2007/02/23 21:38:13 Check for newer version at [79]http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/clodsed// FAILED: s/clodsed/closed/ Succeeded: s/Action 40/Action 41/ FAILED: s/Action 40/Action 41/ Succeeded: s/fhj/fjh/ Succeeded: s/fhj/fjh/ Succeeded: s/fhj/fjh/ Succeeded: s/langue/language/ Found Scribe: Konrad Lanz Found ScribeNick: klanz2 Default Present: Frederick_Hirsch, klanz2, EdSimon, jcc, Thomas, Hal, sean, grw , RobMiller, PHB Present: Frederick_Hirsch klanz2 EdSimon jcc Thomas Hal sean grw RobMiller PHB Agenda: [80]http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0 007.html Found Date: 5 Jun 2007 Guessing minutes URL: [81]http://www.w3.org/2007/06/05-xmlsec-minutes.html WARNING: No person found for ACTION item: : jcc to make proposal to resolve iss ue on [82]http://lists.w3.org/archives/public/public-xmlsec-maintwg/2007jun/00 10.html [recorded in [83]http://www.w3.org/2007/06/05-xmlsec-minutes.html#actio n06] People with action items: 41 cruellas fjh jcc konrad phb thomas tlr [End of [84]scribe.perl diagnostic output] References 1. http://www.w3.org/ 2. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0007.html 3. http://www.w3.org/2007/06/05-xmlsec-irc 4. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#agenda 5. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item01 6. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item02 7. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item03 8. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item04 9. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item05 10. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item06 11. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item07 12. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item08 13. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item09 14. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item10 15. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item10a 16. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item10b 17. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item10c 18. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item10d 19. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item11 20. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item11a 21. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item12 22. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item13 23. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item14 24. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item15 25. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item16 26. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item17 27. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item18 28. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#item19 29. file://localhost/home/roessler/.tmp/05-xmlsec-minutes_cleaned.html#ActionSummary 30. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0007.html 31. http://www.w3.org/2007/05/29-xmlsec-minutes 32. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0047.html 33. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0014.html 34. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/att-0044/Apendix.html 35. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0044.html 36. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html 37. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0002.html 38. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action01 39. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0009.html 40. http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jun/0000.html 41. http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jun/0000.html 42. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action02 43. http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jun/0000.html 44. http://www.w3.org/2007/xmlsec/ws/cfp 45. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action03 46. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action04 47. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action05 48. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0044.html 49. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html 50. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html 51. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action06 52. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html 53. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action07 54. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html 55. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action08 56. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html 57. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/att-0044/Apendix.html 58. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0044.html 59. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action09 60. http://www.w3.org/TR/DSig-usage/ 61. http://www.w3.org/2001/10/xmldsig-errata#E01 62. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/0050.html 63. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0001.html 64. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action01 65. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html 66. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action06 67. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html 68. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action08 69. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html 70. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action07 71. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action09 72. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action04 73. http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007Jun/0000.html 74. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action02 75. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action05 76. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action03 77. http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm 78. http://dev.w3.org/cvsweb/2002/scribe/ 79. http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ 80. http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/0007.html 81. http://www.w3.org/2007/06/05-xmlsec-minutes.html 82. http://lists.w3.org/archives/public/public-xmlsec-maintwg/2007jun/0010.html 83. http://www.w3.org/2007/06/05-xmlsec-minutes.html#action06 84. http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm ----- End forwarded message ----- -- Thomas Roessler, W3C <tlr@w3.org>
Received on Friday, 8 June 2007 12:20:09 UTC