- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Tue, 6 Jan 2009 09:39:00 -0500
- To: XMLSec WG Public List <public-xmlsec@w3.org>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
- Message-Id: <32015E33-FC7A-4E82-A60C-E9EDB1489A4E@nokia.com>
Agenda: W3C XML Security WG (XMLSec) v3 Teleconference 6 January 2009 Distributed Meeting #16 Happy New Year. v2: update regrets, updates re f2f, added item for transform simplification editors update, add local access risks for best practices, update pending actions, update new issues v3: add 1.1 DSAwithSHA1 material, update to Signature Properties draft, Expires requirement in discussion 10-12:00 am Eastern Time Information on meeting times in various time zones: http://www.w3.org/2008/xmlsec/Group/Overview.html#phone Zakim Bridge: +1.617.761.6200 conference code 965732# ('XMLSEC') IRC Chat: irc.w3.org (port 6665), #xmlsec Web-based IRC (member-only): <http://cgi.w3.org/member-bin/irc/irc.cgi> Please note that attendance of XMLSEC WG teleconferences is restricted to registered WG participants and persons invited by the chair. Chair: Frederick Hirsch Regrets: Konrad Lanz, Ed Simon, Magnus Nyström see http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings 1) Administrivia: scribe confirmation, next meeting, other 1a) Sean Mullan is scheduled to scribe The current scribe list is at the end of this message, will rotate through this list. Scribe Instructions: http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html 1b) Meeting planning: weekly meetings This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is cancelled. Upcoming meeting information is available on the WG Administrative page: http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings Next meeting is F2F, 13-14 January Logistics http://lists.w3.org/Archives/Member/member-xmlsec/2008Nov/0035.html (Pratik) Attendee review http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings Draft agenda http://lists.w3.org/Archives/Public/public-xmlsec/2009Jan/0004.html tentative 5-6 PM PT EXI joint discussion 1c) Liaisons and Coordination See status at members page http://www.w3.org/2008/xmlsec/Group/Overview.html#coordination No new updates. 1d) Announcements XAdES Plugfest 6 Feb http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0022.html (Konrad) 2) Minutes Approval 2a) Minutes from 16 December 2008 for approval: http://www.w3.org/2008/12/16-xmlsec-minutes.html 3) Issues ISSUE-78 http://lists.w3.org/Archives/Public/public-xmlsec/2009Jan/0000.html (Frederick) Broken fragments ref-RFC3279, ref-FIPS-186-2 ISSUE-79 http://lists.w3.org/Archives/Public/public-xmlsec/2009Jan/0005.html (Frederick) X509Data and KeyInfo text in XML Signature is silent regarding OCSP responses - add support for conveying these in standard manner? Also, is clarification needed regarding CRL inclusion, perhaps specific element for this purpose? Request for input regarding extensibility (Thomas) http://lists.w3.org/Archives/Public/public-xmlsec/2009Jan/0003.html 4) Editorial updates 4a) Updated Requirements draft with Long Term Signature material and update to section organization (Frederick) http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0032.html 4b) Home page "There was an EXI document discussing use of XML Signature and Encryption; that might have been a useful link" (Ed) 4c) Update to transform simplification http://lists.w3.org/Archives/Public/public-xmlsec/2009Jan/0002.html (Pratik) 4d) Update to Signature Properties http://lists.w3.org/Archives/Public/public-xmlsec/2009Jan/0008.html (Frederick) 5) XML Security 1.1 5a) New Key Value Proposal (Scott) http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0031.html 5b) Signature Properties Expiration Longer lifetime of signature than cert or shorter http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0024.html (Sean) data vs signature http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0027.html (Scott) comments related to XAdES http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0013.html http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0015.html Proposed changes Open Action (action added) http://www.w3.org/2008/xmlsec/track/actions/129 Widget Requirement for Expires property http://lists.w3.org/Archives/Public/public-webapps/2009JanMar/0018.html 5c) Generation and validation requirements DSAwithSHA1 http://lists.w3.org/Archives/Public/public-xmlsec/2009Jan/0007.html (Brian) 5d) Updates for versioning text and references. Open Action - f2f 5e) Algorithm update for XML Encryption for 1.1 Open Action - f2f 6) Transform Simplification 6a) Review and updates Open Action 7) Requirements 7a) Revising Canonicalization Requirements http://lists.w3.org/Archives/Public/public-xmlsec/2008Nov/0006.html (Juan Carlos) 8) Best Practices 8a) Proposed edits related to Timestamps http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0033.html (Frederick) 8b) local access risks http://lists.w3.org/Archives/Public/public-xmlsec/2009Jan/0001.html (Ken Graf) 8b) Comments from Juan Carlos http://www.w3.org/2008/xmlsec/Drafts/best-practices/comments-bhill-jcc.html (Edited document) http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0020.html (Frederick) http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0030.html (Juan Carlos) 8c) NVDL ordering constraints http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0010.html (Rob) 8d) XSLT additions to best practices http://www.w3.org/2008/12/16-xmlsec-minutes.html#item09 Need proposal for text to add to best practices - volunteer? 9) Action Item and Issue Review 9a) Close Pending actions [pending review] ACTION-107: Pratik Datta to Look at XSL streaming - due 2008-11-18 [on v.next (Design for XML Signature V Next)] http://www.w3.org/2008/xmlsec/track/actions/107 [pending review] ACTION-117: Scott Cantor to Propose a schema and language for bare key encoding in KeyInfo - due 2008-12-23 [on v11] http://www.w3.org/2008/xmlsec/track/actions/117 [pending review] ACTION-123: Frederick Hirsch to Add Juan Carlos material on long term sigs to Requirements Document - due 2008-12-16 [on Rqmts (XML Signature and Canonicalization V Next Requirements)] http://www.w3.org/2008/xmlsec/track/actions/123 [pending review] ACTION-124: Frederick Hirsch to Follow up with Juan Carlos on ISSUE-56 - due 2008-12-16 [on ] http://www.w3.org/2008/xmlsec/track/actions/124 [pending review] ACTION-126: Ken Graf to Call out local system access risks regarding XSLT - due 2008-12-23 [on v.next (Design for XML Signature V Next)] http://www.w3.org/2008/xmlsec/track/actions/126 9b) Open Action Review Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions Please review open action list and update your actions appropriately: http://www.w3.org/2008/xmlsec/actions-open.html 10) Other Business 11) Adjourn Scribing list ---------------- Konrad Lanz, IAIK (16 July F2F am) Sean Mullan, Sun (12 August 2008) Pratik Datta, Oracle (19 August 2008) Subramanian Chidambaram, Nokia (26 August) Brian LaMacchia, Microsoft (2 September 2008) Bradley Hill, Invited Expert (9 September 2008) Juan Carlos Cruellas, Universitat Politècnica de Catalunya (16 September 2008) Gerald Edgar, Boeing (7 October 2008) Chris Solc, Adobe (20 October 2008 F2F am) Robert Miller, MITRE (20 October 2008 F2F pm) Bruce Rich, IBM (17 July F2F am, 21 October 2008 F2F am) Kelvin Yiu, Microsoft (21 October 2008 F2F, pm) Shivaram Mysore, Invited Expert (4 November 2008) Magnus Nyström, EMC (11 November 2008) Ed Simon, Invited Expert (18 November 2008) Scott Cantor, invited expert (29 July 2008, 2 December 2008) Hal Lockhart, Oracle (9 December 2008) John Wray, IBM (16 December 2008) regards, Frederick Frederick Hirsch, Nokia Chair XML Security WG
Received on Tuesday, 6 January 2009 14:39:46 UTC