Agenda: Distributed Meeting 2009-07-14

Agenda: W3C XML Security WG (XMLSec)
Teleconference 14 July 2009
Distributed Meeting #36

10-12:00 am Eastern Time
Information on meeting times in various time zones:
http://www.w3.org/2008/xmlsec/Group/Overview.html#phone

Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
<http://cgi.w3.org/member-bin/irc/irc.cgi>

Please note that attendance of XMLSEC WG teleconferences is   
restricted  to registered WG participants and persons invited by the  
chair.

Publication Status available at
http://www.w3.org/2008/xmlsec/wiki/PublicationStatus

Chair: Frederick Hirsch

Regrets: Brian LaMacchia, Ed Simon

see http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

1) Administrivia: scribe confirmation, next meeting, other

1a)  Brad Hill is scheduled to scribe

The current scribe list is at the end of this message, will rotate   
through this list.

Scribe Instructions:
http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html

1b)   Meeting planning: upcoming meetings

This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is   
cancelled.

Upcoming meeting information is available on the WG Administrative page:
http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

Next meeting:  21 July, scribe TBD

TPAC registration open
TPAC Overview: http://www.w3.org/2009/11/TPAC/overview.html

Please register: http://www.w3.org/2002/09/wbs/35125/TPAC09/
Note registration fee increases after 21 September 2009.

XML Security Thursday and Friday 5-6 November as originally planned.

1c) Liaisons and Coordination

See status at members page
http://www.w3.org/2008/xmlsec/Group/Overview.html#coordination

1d) Announcements

None

2) Minutes Approval

Please review minutes, also please indicate corrections in attendance.

7 July 2009 teleconference
http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0022.html

3) Editorial update status

Please remember to send note to public list when completing editing,  
indicating what has changed and associated action. Please mark action  
as pending as well and update the explain.html document for XML   
Signature 1.1 or XML Encryption 1.1.

3a) Updated XML Signature 1.1 DSS security considerations, ACTION-327

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0016.html  
(Frederick)

3b) Updated XML Encryption 1.1 references, ACTION-328

Incorporated update to references provided by Peter, as well as  
additional changes from Cynthia (Frederick)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0019.html

Please review the section references to RFC 3447
http://lists.w3.org/Archives/Public/public-xmlsec/2009Jun/0047.html
status of ietf draft, ISSUE-137
http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0024.html  
(peter)
3c) Update XML Encryption 1.1 with explicit URIs for DH choices
http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0025.html  
(Brian)
added a new URI for DH ephemeral-static with new KDFs, moved the  
identifiers for both legacy and new into their respective subsections,  
and removed the language that I had in earlier that did the  
distinguishing based on absence or presence of <KA-Nonce>
3d) Superseding Derived Keys document
http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0028.html  
(Thomas)
Resolution to accept for publication replacement?

4) KDF vs KDF3

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0012.html  
(Kelvin)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0027.html  
(Magnus)

5) Proposed XML Signature 1.1 References update

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0029.html  
(Cynthia)

6) Conclusion of ACTION-320

Action completed, accept?

7) Generic Hybrid Ciphers First Public Working Draft publication?

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0021.html  
(Frederick)\

Separate document or incorporate into XML Encryption 1.1

http://www.w3.org/2008/xmlsec/Drafts/key-encapsulation/key-encapsulation.html

8) Updated 1.1 Working Draft Publication

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0021.html  
(Frederick)

8a) XML Signature 1.1
- reference updates
- explain update still needed.

8b) XML Encryption 1.1
- explain update still  needed.

8c) XML Security Algorithms Note
- algorithm update still needed (Thomas action)

8d) Best Practices XML Signature
ready?

8e) Transform Simplification: Requirements and Design
ready?

8f) Derived Keys
- Draft with status noting superseded


9) 2.0 Draft Discussion

Additional comment on C14N 2.0 draft?
http://www.w3.org/2008/xmlsec/Drafts/c14n-20/Overview.html (Pratik)

10) Exclusive C14N errata

review completed, ready to publish (discussed generally on last  
teleconference)

10a) Proposed revision to E02, DTD/Schema issue

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jun/0075.html
(Scott)

10b) Proposed New E07 for ISSUE110, "visibly utilizes"

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jun/0076.html
(Scott)

11) Action Item and Issue Review

11a) Close Pending actions

These will be closed after the meeting unless concern raised before   
or  during meeting. Please review in advance of meeting.

[pending review] ACTION-158: Frederick Hirsch to Take pass through  
references in Dsig Core - update, split into normative/informative -  
due 2009-03-30 [on ] http://www.w3.org/2008/xmlsec/track/actions/158
[pending review] ACTION-326: Brian LaMacchia to Update ACTION 319 for  
explicit URI - due 2009-07-14 [on ]http://www.w3.org/2008/xmlsec/track/actions/326

[pending review] ACTION-327: Frederick Hirsch to Update DSS security  
warning - due 2009-07-14 [on ]
http://www.w3.org/2008/xmlsec/track/actions/327

[pending review] ACTION-333: Thomas Roessler to Draft one-pager that  
says "derived key stuff has been folded into encryption - due  
2009-07-16 [on ] http://www.w3.org/2008/xmlsec/track/actions/333



11b) Open Action Review

Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open

Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions

Please review open action list and update your actions appropriately:

http://www.w3.org/2008/xmlsec/actions-open.html

12) Issues review

http://www.w3.org/2008/xmlsec/track/issues/open

13) Other Business

14) Adjourn

Scribing  list
----------------

Bradley Hill, Invited Expert (27 January 2009)
Konrad Lanz, IAIK (24 February 2009, 16 July F2F am)
Chris Solc, Adobe (3 March 2009, 20 October 2008 F2F am)
Scott Cantor, invited expert (24 March 2009)
Ed Simon, Invited Expert (31 March 2009)
John Wray, IBM (21 April 2009)
Kelvin Yiu, Microsoft (28 April 2009)
Bruce Rich, IBM (5 May 2009)
Sean Mullan, Sun (12 May 2009 F2F am)
Gerald Edgar, Boeing (12 May 2009 F2F pm, 7 April 2009)
Brian LaMacchia, Microsoft (13 May 2009 F2F am)
Pratik Datta, Oracle (13 May 2009 F2F pm)
Magnus Nyström, EMC (2 June, 2009, 24 March 2009)
Hal Lockhart, Oracle (16 June 2009, 9 December 2008)
Shivaram Mysore, Invited Expert (23 June 2009,  F2F 14 January 2009, pm)
Cynthia Martin, MITRE (7 July 2009, 9 June 2009)

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG

Received on Monday, 13 July 2009 18:48:00 UTC