- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Fri, 8 Jan 2010 12:02:10 -0500
- To: XMLSec WG Public List <public-xmlsec@w3.org>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
Agenda: W3C XML Security WG (XMLSec) Teleconference 12 January 2010 Distributed Meeting #53 10-12:00 am Eastern Time Information on meeting times in various time zones: http://www.w3.org/2008/xmlsec/Group/Overview.html#phone Zakim Bridge: +1.617.761.6200 conference code 965732# ('XMLSEC') IRC Chat: irc.w3.org (port 6665), #xmlsec Web-based IRC (member-only): <http://cgi.w3.org/member-bin/irc/irc.cgi> Please note that attendance of XMLSEC WG teleconferences is restricted to registered WG participants and persons invited by the chair. Publication Status available at http://www.w3.org/2008/xmlsec/wiki/PublicationStatus Chair: Frederick Hirsch Regrets: see http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings 1) Administrivia: Scribe confirmation, Agenda review, Meeting Planning, Liaisons, Announcements 1a) Scribe selection The current scribe list is at the end of this message, will rotate through this list. Scribe Instructions: http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html 1b) Agenda review Review agenda. 1c) Meeting planning Next call 19 January 1d) Liaisons and Coordination See status at members page http://www.w3.org/2008/xmlsec/Group/Overview.html#coordination 1e) Announcements new RSA factoring record (768-bit) http://eprint.iacr.org/2010/006.pdf (Thomas) 2) Minutes Approval 2a) Approve 5 January minutes http://www.w3.org/2010/01/05-xmlsec-minutes.html 3) Editorial Updates 3a) Signature Properties http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0018.html (Frederick) 3b) Best Practices http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0022.html (Frederick) 4) Open XML Signature 1.1 Issues ISSUE-82: Should 1.1 spec mandate support for range of RSA key sizes (and DSA)? ISSUE-91: ECC can't be REQUIRED ISSUE-149: Link requirements to features Completed with restructuring of Requirements to 1.1 and 2.0 requirements? ISSUE-158: Add SHA-1 warnings http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0004.html (Cynthia) ISSUE-166 -- RNG schema needed for Signature Properties http://www.w3.org/2008/xmlsec/track/issues/166 ISSUE-165 -- Add note that standalone XSD file takes precedence when there is XSD schema file, XSD snippets in document and RNG schema - to XML Signature 1.1, Signature Properties, XML Encryption 1.1 and Generic Hybrid Ciphers -- OPEN Proposal: http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0017.html (Frederick) 5) Open Actions related to Last Call of XML Signature 1.1 and SIgnature Properties If these are completed please change status to Pending. ACTION-421: Ed Simon to Look at the 1.1 schema ACTION-350: Ed Simon to Propose text to align node set result treatment for XSLT and XPath in 1.1 spec ACTION-431: Thomas Roessler to Fix "they" in RFC2119 section throughout all documents ACTION-438: Shivaram Mysore to check 1.1 requirements against enc, sig EDs ACTION-449: Cynthia Martin to Review 1.1 bibliographies (depends on ACTION-448) 6) XML Signature 1.1 Readiness to Enter Last Call 7) XML Signature Properties Readiness to Enter Last Call 8) Best Practices - ready for Publication Update Review comments http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0019.html (Frederick) ISSUE-156: Threat for signature from use of namespace prefixes with corresponding unsigned namespace declarations leading to wrapping like attacks 9) XML Security 1.1 Requirements - ready for Publication Update ACTION-391: Gerald Edgar to See if ISSUE-131 is covered in requirements doc ISSUE-131 is closed. 10) XML Security 2.0 Requirements - ready for Publication Update 11) Open Issues for XML Encryption 1.1 ISSUE-165 -- Add note that standalone XSD file takes precedence when there is XSD schema file, XSD snippets in document and RNG schema - to XML Signature 1.1, Signature Properties, XML Encryption 1.1 and Generic Hybrid Ciphers -- OPEN discussed above. ISSUE-150: Use of XML encryption type encoding in EXI ISSUE-154: Links to references need to be updated from 2000 XML Rec to XML 1.0 5th Edition General review of references 12) Open issues for Generic Hybrid Ciphers ISSUE-164 -- RNG schema needed for Generic Hybrid Ciphers -- OPEN http://www.w3.org/2008/xmlsec/track/issues/164 ISSUE-165 -- Add note that standalone XSD file takes precedence when there is XSD schema file, XSD snippets in document and RNG schema - to XML Signature 1.1, Signature Properties, XML Encryption 1.1 and Generic Hybrid Ciphers -- OPEN discussed above. 13) Action review 13a) Close Pending actions These will be closed after the meeting unless concern raised before or during meeting. Please review in advance of meeting. ACTION-468: Thomas Roessler to Confirm whether optional features require 2+ implementations or only one. ACTION-480: Frederick Hirsch to Create issues for 2.0 from 1.1 review ACTION-482: Thomas Roessler to Update approved minutes from 15 december, permissions and style - http://www.w3.org/2009/12/15-xmlsec-minutes.html ACTION-483: Frederick Hirsch to Update HMAC output warning with text from Brian: "Signatures must be deemed invalid if the truncation length is below the larger of (a) half the underlying hash algorithm's output length, and (b) 80 bits" ACTION-484: Frederick Hirsch to Review Cynthia comments on best practices, update best practices ACTION-486: Frederick Hirsch to Update XML Signature Properties to correct schema, add stand-alone schema file 13b) Open Action Review Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions Please review open action list and update your actions appropriately: http://www.w3.org/2008/xmlsec/actions-open.html ACTION-412: Ed Simon to Review ISSUE-115 ISSUE-115 is closed. ACTION-485 Thomas Roessler to Review actions assigned to Konrad and summarize which can be closed and which need further action 14) Issue review http://www.w3.org/2008/xmlsec/track/issues/open 15) Other Business 16) Adjourn Scribing list ---------------- Konrad Lanz, IAIK (24 February 2009, 16 July F2F am) Juan Carlos Cruellas, Universitat Politècnica de Catalunya (17 February 2009, 16 September 2008) Magnus Nyström, EMC (2 June, 2009) Bradley Hill, Invited Expert (14 July 2009) Thomas Roessler/Ed Simon, Invited Expert (11 August 2009) Sean Mullan, Sun (6 October 2009, 12 May 2009 F2F am) Bruce Rich, IBM (13 October 2009, 5 May 2009) Pratik Datta, Oracle (20 October 2009, 13 May 2009 F2F pm) Hal Lockhart, Oracle (27 October 2009, 16 June 2009) Shivaram Mysore, Invited Expert (6 November 2009 F2F, 23 June 2009) Brian LaMacchia, Microsoft (6 November 2009 F2F, 13 May 2009 F2F am) Cynthia Martin, MITRE (17 November 2009, 7 July 2009) Scott Cantor, invited expert (24 Nov 2009, 8 Sept 2009) Chris Solc, Adobe (8 December 2009) John Wray, IBM (15 Dec 2009, 1 Sept 2009) Gerald Edgar, Boeing (5 January 2010, 5 November 2009 F2F) regards, Frederick Frederick Hirsch, Nokia Chair XML Security WG
Received on Friday, 8 January 2010 17:02:51 UTC