- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Fri, 8 Jun 2007 13:03:33 -0400
- To: XMLSec <public-xmlsec-maintwg@w3.org>
- Cc: Hirsch Frederick <frederick.hirsch@nokia.com>
Agenda: W3C XML Security Specifications Maintenance WG (XMLSec)
Teleconference 12 June 2007
Distributed Meeting #6
6 June, 9-10am Eastern Time
(6-7am Pacific, 1400-1500 Dublin, 1500-1600 CET, 1600-1700 Crete)
See <http://www.w3.org/2007/xmlsec/Group/Overview.html> for time in
other time zones.
Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
<http://cgi.w3.org/member-bin/irc/irc.cgi>
Please note that attendance of XMLSEC WG telecons is restricted to
registered WG participants and persons invited by the chair.
Chair:
Frederick Hirsch
Regrets:
none
1) Administrivia: scribe confirmation, next meeting
?? is scheduled to scribe. The current scribe list is at the end
of this message.
Scribe Instructions:
http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html
Next meeting: Tuesday 19 June. Scribe: ??
2) Review and approval of last meeting's minutes
http://www.w3.org/2007/06/05-xmlsec-minutes
3) Action item review
Open actions are listed in Tracker at http://www.w3.org/2007/
xmlsec/Group/track/actions/open
Note, action items should only be closed in Tracker during WG
meeting as they are agreed as closed. When completing an action, the
owner should send an email to the public xmlsec mailing list stating
the resolution of the action and that it should be closed, and should
refer to "ACTION-<number>" in the message so the message is linked to
the tracker notes for that action. The owner should NOT close the
issue in tracker at that time.
Action 26 : draft CG note draft for submission to XML CG, Thomas
Roessler
Action 35: Review Konrad's message re xml:base by next call, Rich Salz
Agenda item 6a.
Action 36 Review Konrad's message re xml:base by next call, Juan
Carlos Cruellas
Agenda item 6a.
Action 37 Review Konrad's message re xml:base by next call, Sean Mullan
Agenda item 6a.
Action 38 Review Konrad's message re xml:base by next call, Ed Simon
Agenda item 6a.
Action 41, Check his implementation wrt DNAME erratum, Sean Mullan
Agenda item 8a.
Action 42, Produce example for breakage due to current E01 language,
Juan Carlos Cruellas
Agenda item 8a.
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/
0001.html
Action 43, to produce example for breakage due to current E01
language, Konrad Lanz
Agenda item 8a.
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/
0041.html
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/
0004.html
ACTION-44 Update CFP draft as suggested in http://lists.w3.org/
Archives/Member/member-xmlsec-maintwg/2007Jun/0000.html ,Thomas Roessler
Done (Frederick)
Agenda 4a
ACTION-45 Give information on hosting to PHB, Thomas Roessler
Done
ACTION-46 Confirm hosting by end of the week, Phillip Hallam-Baker
ACTION-47 Thomas and Frederick to update Decryption Transform editors
draft for Last Call, for next meeting, Thomas Roessler
Agenda 5
ACTION-48 Make proposal to resolve issue on http://lists.w3.org/
Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html, Juan Carlos
Cruellas
ACTION-49, Illustrate proposed changes by example, Konrad Lanz
4) Workshop/CFP
Updated CFP, including timeline:
http://www.w3.org/2007/xmlsec/ws/cfp.html
4a) Comments on updated CFP?
4b) Confirm workshop logistics: 25 & 26 September, 9-5, Verisign,
Mountainview.
Action to create logistics web page.
4c) Other workshop issues.
Plan for W3C review this week (Wednesday) before publication.
5) Decryption Transform to Last Call
Current (updated) draft:
http://www.w3.org/2007/xmlsec/Drafts/xmlenc-decrypt.html
No review comments noted on mailing list.
Updated namespace URIs (member only):
http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007May/
0036.html
5a) WG agree to bring this draft to Last Call?
6) C14N11 Review
Draft : http://www.w3.org/XML/Group/2007/05/CR-xml-c14n11-20070509.htm
CR transition request: http://lists.w3.org/Archives/Public/public-xml-
core-wg/2007May/0040
6a) merge path, C14N11 Appendix issue
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/
0044.html , Konrad Lanz
Action 35: Review Konrad's message re xml:base by next call, Rich Salz
Action 36 Review Konrad's message re xml:base by next call, Juan
Carlos Cruellas
Action 37 Review Konrad's message re xml:base by next call, Sean Mullan
Action 38 Review Konrad's message re xml:base by next call, Ed Simon
Next steps?
7) Changes to DSig-Usage note
See http://www.w3.org/TR/DSig-usage/
Update to reference CR version of C14N11 in note
http://www.w3.org/TR/2006/WD-xml-c14n11-20061220/
See 8b
8) Editorial review - XML Signature
Current draft:
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/changes.html
8a) Errata 01 (Distinguished Name) issue
http://www.w3.org/2001/10/xmldsig-errata#E01
Current edit to section 4.4.4
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-X509Data
Current proposal to section
Action 41, Check his implementation wrt DNAME erratum, Sean Mullan
Action 42, Produce example for breakage due to current E01 language,
Juan Carlos Cruellas
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/
0001.html
Action 43, to produce example for breakage due to current E01
language, Konrad Lanz
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/
0041.html
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/
0004.html, Konrad summary on escaping
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/
0005.html , Sean
8b) Algorithm identifiers
Incorporate algorithm identifiers defined in note (section 3) into
XML Signature revision, as follows:
Identifiers
Canonical XML 1.1 (omits comments)
http://www.w3.org/2006/12/xml-c14n11
Canonical XML 1.1 with comments
http://www.w3.org/2006/12/xml-c14n11#WithComments
8c) ds:Reference type as URI versus ds:Object Mime Type
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/
0000.html , Juan-Carlos
9) Interop testing, participation expectations
Some material in this agenda item might be member confidential.
Review interop testing expectations:
http://www.w3.org/2002/09/wbs/40279/interop-interest/results
10) Test cases
i) Regression tests - original XML Signature and Decryption
Transform cases Action to review and summarize?
ii) test defined in new C14N11 example (as updated)
<http://www.w3.org/XML/Group/2007/05/CR-xml-c14n11-20070509>
iii) E01 - see ACTION-19 Agreed at F2F that no tests needed for
E02-E05
iv) Action to review and summarize test for E06, test for base64
URI? Test exists but not well-defined?
v) Action to summarize dditional tests?
greg: test case for 1.0 as default see if 1.1 by mistake
<hal> test case which checks for correct sig when xml:base is
present
<hal> test case which checks for correct sig when xml:id is present
<fjh> thomas: generate sig over doc subset, must include c14n11
as final transform
<fjh> greg: new generators not rely on default c14n
<klanz2> Test case for conversion NodeSetData to OctetStreamData:
<klanz2> Use case: Generate a signature having a reference with
some xpath transform selecting NodeSetData
<klanz2> then we add a XSLT transform that clearly needs
OctetStreamData
<klanz2> Check on verification: if the resulting signature
actually made the use of c14n 1.1 explicit in the chain of
transforms
11) Any other business
12) Adjourn
Scribe list
-----------
Elisabetta Carrara
Donald Eastlake
Peter Lipp
Hal Lockhart
Ram Mohan
Anthony Nadalin
Chris Nautiyal
Rich Salz
Daniel Schutzer
Ed Simon
Andrew Sullivan
Panagiotis Trimintzios
Tarun Tyagi
Thomas Roessler (17 Apr 07)
Greg Whitehead (F2F 2 May 07 am)
Rob Miller (F2F 2 May 07 pm)
Gregory Berezowsky (F2F 3 May 07 am)
Sean Mullan (F2F 3 May 07 pm)
Juan Carlos Cruellas (15 May 2007)
Phillip Hallam-Baker (22 May 2007)
Giles Hogben (29 May 2007)
Konrad Lanz (6 June 2007)
regards, Frederick
Frederick Hirsch
Nokia
Received on Friday, 8 June 2007 17:03:50 UTC