Agenda: Distributed Meeting 2009-06-02 v2

Agenda: W3C XML Security WG (XMLSec) v2
Teleconference 2 June 2009
Distributed Meeting #31

v2 update with announcements, liaison information, new proposals and  
discussion on list, updated minutes for approval

10-12:00 am Eastern Time
Information on meeting times in various time zones:

Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat: (port 6665), #xmlsec
Web-based IRC (member-only):

Please note that attendance of XMLSEC WG teleconferences is   
restricted  to registered WG participants and persons invited by the   

Publication Status available at

Chair: Frederick Hirsch



1) Administrivia: scribe confirmation, next meeting, other

1a)  Magnus Nyström  is scheduled to scribe

The current scribe list is at the end of this message, will rotate  
through this list.

Scribe Instructions:

1b)   Meeting planning: upcoming meetings

This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is   

Upcoming meeting information is available on the WG Administrative page:

Next meeting:  9 June, scribe TBD

TPAC confirmation

Joint meeting planning.

1c) Liaisons and Coordination

See status at members page

Last Call of Widget Signature end 1 June - pls send comments before 1  

XACML 3.0 public review, ending 20 July

1d) Announcements

OASIS DSS-X TC profile for visible signatures committee draft,   
request for comment

Call for Exclusions (Update): XML Signature 1.1, XML Encryption 1.1,  
XML Security Derived Keys

2) Minutes Approval

Please review and indicate corrections in attendance list.

Minutes from F2F, for approval:

day 1 f2f

day 2 F2F

3) New issues and Editorial update status (Completed and pending)

Please remember to send note to public list when completing editing,  
indicating what has changed and associated action. Please mark action  
as pending as well.

3a) Best Practice update (BP 1 refers to 2)

3b) Best Practice sample file update  
(follow-up, Sean)

3c) DTD removal  

4) Resolution of Elliptic Curve

new discussion on list  
(member list, Bruce)  

Alternative proposals:
i. Remove notes in XML Signature section 6.1 and   XML Encryption 5.1  
regarding elliptic curve algorithms and key value,  retain elliptic  
curve as mandatory to implement as currently specified  in those  
documents. Retain current text regarding KeyValue for  elliptic curve.

iii. When we publish new WD retain notes, while continuing review of  

iii. Change to SHOULD

iv other?

5) Key Encapsulation proposal / Key Transport (XML Encryption)  
Can't we do ECC encryption that is analogous to the plain RSA v1.5  
which doesn't do any KeyEncapsulation:  

6) Signature 1.1 Serialization proposal   

7) r and s in ECDSA in XML Signature 1.1  

8) Aligning Signature 1.1 and Encryption 1.1  

9) X.962 vs SEC 1 version 2.0 reference in XML Signature 1.1  

10) XML Encryption 5.6 revision proposal  

11) XML Enc and Derived Keys  

12) Roadmap Review

Please review update  

13) Working Draft readiness

Review and readiness of 1.1 WD for publication

XML Signature 1.1, XML Encryption 1.1,  Derived Keys, Algorithm
(Signature Properties has no changes since last publication but should
it be included)

14) Publication decision for 1.1

Decide to publish WD of 1.1 documents, or to wait for additional changes

XML Signature 1.1, XML Encryption 1.1,  Derived Keys, Algorithm   
Reference, Signature Properties

Also publish XML Signature Best Practices

15) Interop Status

Updated wiki  

16) Use cases and requirements

16a) Missing byte range use case and requirements?

17) RetrievalMethod and Reference in v2

18) Action Item and Issue Review

18a) Close Pending actions

[pending review] ACTION-286: Scott Cantor to Remove references to DTDs  
from the specification - due 2009-05-19 [on Sig11 (XML Signature 1.1)]

[pending review] ACTION-289: Frederick Hirsch to Propose text on
serialization issue for xml signature 1.1 - due 2009-05-20 [on ]

[pending review] ACTION-293: Frederick Hirsch to Update Associate
product list in Open Actions tracker to include all docs - due
2009-05-20 [on ]

[pending review] ACTION-295: Frederick Hirsch to Update best practices
to update best practice 1 to refer to best practice 2 - due 2009-05-20
[on ]

[pending review] ACTION-296: Frederick Hirsch to Send email about
roadmap - due 2009-05-20 [on ]

18b) Open Action Review

Open actions are listed in Tracker at

Procedure for closing actions:

Please review open action list and update your actions appropriately:

19) Issues review

20) Other Business

21) Adjourn

Scribing  list
Cynthia Martin, MITRE ()
Bruce Rich, IBM (17 July F2F am, 21 October 2008 F2F am)
Hal Lockhart, Oracle (9 December 2008)
Shivaram Mysore, Invited Expert ( F2F 14 January 2009, pm)\
Bradley Hill, Invited Expert (27 January 2009)
Konrad Lanz, IAIK (24 February 2009, 16 July F2F am)
Juan Carlos Cruellas, Universitat Politècnica de Catalunya (17
February 2009, 16 September 2008)
Chris Solc, Adobe (3 March 2009, 20 October 2008 F2F am)
Robert Miller, MITRE (10 March 2009, 20 October 2008 F2F pm)
Magnus Nyström, EMC (17 March 2009, 11 November 2008)
Scott Cantor, invited expert (24 March 2009, 29 July 2008, 2 December
Ed Simon, Invited Expert (31 March 2009, 18 November 2008)
John Wray, IBM (21 April 2009, 16 December 2008)
Kelvin Yiu, Microsoft (28 April 2009, 21 October 2008 F2F, pm)
Sean Mullan, Sun (12 May 2009 F2F am, 3 February 2009)
Gerald Edgar, Boeing (12 May 2009 F2F pm, 7 April 2009, F2F 13 January
2009, pm)
Brian LaMacchia, Microsoft (13 May 2009 F2F am, F2F 14 January 2009, pm)
Pratik Datta, Oracle (14 May 2009 F2F pm, F2F 14 January 2009, pm, 10
February 2009)

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG

Received on Friday, 29 May 2009 15:57:39 UTC