W3C

XML Security Working Group Teleconference

30 Nov 2010

Agenda

See also: IRC log

Attendees

Present
Frederick_Hirsch, Cynthia_Martin, Scott_Cantor, ThomasRoessler, Pratik_Datta, Bruce_Rich, Chris_Solc, Hal_Lockhart, Brian_LaMacchia
Regrets
Gerald_Edgar, Meiko_Jensen, Sean_Mullan, Shivaram_Mysore, Ed_Simon
Chair
Frederick_Hirsch
Scribe
Cynthia

Contents


<trackbot> Date: 30 November 2010

<scribe> ScribeNick: Cynthia

Administrivia: Scribe confirmation, Agenda review, Meeting Planning, Liaisons, Announcements

<fjh> no announcements

fjh: Any issues with the agenda items? No announcements

Minutes Approval

<fjh> Approve minutes, 16 November 2010

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Nov/att-0020/minutes-2010-11-16.html

Proposed RESOLUTION: Minutes from 16 November are approved

RESOLUTION: Minutes from 16 November are approved

XML Signature 1.1 and XML Encryption Last Call Status

<fjh> Additional changes, http://lists.w3.org/Archives/Public/public-xmlsec/2010Nov/0021.html

fjh: Reference on EC, use the IETF ID, made those changes
... Updated explaination document also

<fjh> http://lists.w3.org/Archives/Member/member-xmlsec/2010Nov/0026.html

fjh: Request for publication, waiting for announcement

<fjh> last call for 1.1 starts today, ends 22 December

<fjh> http://lists.w3.org/Archives/Member/member-xmlsec/2010Nov/0028.html

fjh: Moratorium on publications, from Dec 15 through Jan

<fjh> Thus given that we are publishing Last Call 1.1 drafts today, and that they exit Last Call on 22 December, we should expect to bring them to CR in January. I suggest we plan this decision on 11 January, assuming we receive no substantive comments.

fjh: Should hear about CR in Jan 2011

2.0 Publishing

<fjh> Our Roadmap has us publishing Last Call drafts "fall 2010"

<fjh> if we wish to publish last call of 2.0 this year we would have to agree by next week

fjh: Not sure it is feasible to publish even if we finish next week, keeping track of actions on v2.0, many actions still open
... May go to last call in Jan 2011, need to handle the actions
... Make a decision by Jan 2011, need to complete the actions before then

<tlr> regrets for 21st and 4th

<tlr> not even bothering with regrets for 28th :)

fjh: WG meeting next week and following week, not sure about Dec 22 and 28, may cancel 28

I will be available all those dates

RESOLUTION: Dec 28 WG call is cancelled

fjh: Can the actions be done by Jan 4?

pdatta: Yes, hope that most of the xpath actions will be done by next week

<csolc> regrets for the 21st

fjh: Plan Jan 4 assume that v2.0 is done, agree to publish on Jan 11

<fjh> All changes complete for publication of 2.0 drafts by 21 December, ready to publish by 4 Jan, agree to publish on 11 jan

tlr: Should be no worries

Signature v2.0

<fjh> Updates, http://lists.w3.org/Archives/Public/public-xmlsec/2010Nov/0025.html

fjh: Pratik did many updates, only pending item is the example, need to carefully create the example and provide explaination

<pdatta> ACTION-711?

<trackbot> ACTION-711 -- Meiko Jensen to add QnameAware elements and IDAttributes element to the examples (or check whether they're in and correct) -- due 2010-11-09 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/711

fjh: List of actions in the agenda, need to go over them

<fjh> ACTION: fjh to add example to signature 2.0 once Meiko shares text on list, see ACTION-711 [recorded in http://www.w3.org/2010/11/30-xmlsec-minutes.html#action01]

<trackbot> Created ACTION-732 - Add example to signature 2.0 once Meiko shares text on list, see ACTION-711 [on Frederick Hirsch - due 2010-12-07].

fjh: Suggestions from Scott, any comments?

<fjh> ACTION-638?

<trackbot> ACTION-638 -- Scott Cantor to make proposal for ISSUE-210, see also http://lists.w3.org/Archives/Public/public-xmlsec/2010Aug/0043.html (uncomplicate section) -- due 2010-08-31 -- PENDINGREVIEW

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/638

<fjh> ACTION-706?

<trackbot> ACTION-706 -- Scott Cantor to propose definition section text for Included/ExcludedXPath elements for XML Signature 2.0 -- due 2010-11-09 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/706

scantor: Action on xpath elements, know where the material needs to be placed, move text

fjh: Any problems with the suggested changes? Moving the detailed information into another section, seems reasonable

<fjh> pratik asks if this reorg is enough or whether there is still interleaving

<fjh> scott notes that this addresses the major change

<fjh> http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/

fjh: Bulk of issues are under the references

scantor: reference section is still very complicated, discusses legacy information

fjh: Should we go ahead and make those changes?

scantor: Post the draft on the mailing list

fjh: Check the document in for WG review

pdatta: Not working on Signature v2.0 this week

RESOLUTION: Accept changes proposed by Scott Cantor in response to ACTION-638

<fjh> ACTION: scantor to implement change for ACTION-638 [recorded in http://www.w3.org/2010/11/30-xmlsec-minutes.html#action02]

<trackbot> Created ACTION-733 - Implement change for [on Scott Cantor - due 2010-12-07].

<fjh> ACTION-709?

<trackbot> ACTION-709 -- Pratik Datta to incorporate Meiko's examples in the document - ISSUE-217 -- due 2010-11-09 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/709

<fjh> ACTION-709: duplicate of action

<trackbot> ACTION-709 Incorporate Meiko's examples in the document - ISSUE-217 notes added

<fjh> will fix action 709 since it is duplicate of action to myself

<fjh> ACTION-711?

<trackbot> ACTION-711 -- Meiko Jensen to add QnameAware elements and IDAttributes element to the examples (or check whether they're in and correct) -- due 2010-11-09 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/711

<fjh> ACTION-713?

<trackbot> ACTION-713 -- Bruce Rich to review XML Signature 2.0 requirements, http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs2/Overview.html -- due 2010-11-09 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/713

fjh: Can this be complete before Dec 21?

brich: Yes, plan on finishing by next week

fjh: Anything else on signature v2.0

C14Nv2.0

fjh: What is the status?

<fjh> actions before F2F are outstanding, summary from Pratik

pdatta: Send a summary of things to do, no responses, we will just do them

xpath Profile

<fjh> ACTION-686?

<trackbot> ACTION-686 -- Pratik Datta to add sections on top-level expressions and predicate to XPath profile -- due 2010-11-08 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/686

<fjh> ACTION-691?

<trackbot> ACTION-691 -- Pratik Datta to add security considerations section to xpath profile -- due 2010-11-08 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/691

<fjh> ACTION-687?

<trackbot> ACTION-687 -- Meiko Jensen to produce top level grammar for XPath profile -- due 2010-11-08 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/687

<fjh> ACTION-688?

<trackbot> ACTION-688 -- Meiko Jensen to add id function at XPath top level -- due 2010-11-08 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/688

<fjh> ACTION-690?

<trackbot> ACTION-690 -- Meiko Jensen to make explicit in grammar difference of included and excluded xpath, - ExcludedXpath can select attributes and element, whereas IncludedXPath can only select elements -- due 2010-11-08 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/690

<fjh> ACTION-689?

<trackbot> ACTION-689 -- Pratik Datta to limit to xpath profile during xml signature 2.0 generation in 2.0 mode -- due 2010-11-08 -- PENDINGREVIEW

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/689

<fjh> ACTION-723?

<trackbot> ACTION-723 -- Pratik Datta to incorporate changes to XPath profile based on joint xslt/xquery F2F meeting, http://lists.w3.org/Archives/Member/member-xmlsec/2010Nov/att-0000/minutes-2010-11-01.html#item07 -- due 2010-11-19 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/723

fjh: Pratik actions are dependent on Meiko ACTION-686

<fjh> ACTION: fjh to contact Meiko re actions and schedule [recorded in http://www.w3.org/2010/11/30-xmlsec-minutes.html#action03]

<trackbot> Created ACTION-734 - Contact Meiko re actions and schedule [on Frederick Hirsch - due 2010-12-07].

Best Practises

<fjh> ACTION-716?

<trackbot> ACTION-716 -- Meiko Jensen to propose text for xpath and best practices -- due 2010-11-09 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/716

fjh: additional actions on Meiko

Performance

<fjh> ACTION-717?

<trackbot> ACTION-717 -- Pratik Datta to document the Performance improvements with 2.0 -- due 2010-11-09 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/717

<fjh> ACTION-718?

<trackbot> ACTION-718 -- Frederick Hirsch to create performance data draft -- due 2010-11-09 -- CLOSED

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/718

I need to mention something on Suite B

Exclusive C14N

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Nov/0030.html

fjh: Any suggestions on this response?

scantor: Not the first vendor to make this implementation mistake, could update the errata

fjh: Draft something for the members list
... Need clarification and proceed

pdatta: Is there something on the interop example?

sbal: Could not find them this time around, old C14N, not the exclusive C14N work

pdatta: I have it, will send it out to the WG

<fjh> ACTION: pdatta to share original interop test for exclusive c14n that relates to issue [recorded in http://www.w3.org/2010/11/30-xmlsec-minutes.html#action04]

<trackbot> Created ACTION-735 - Share original interop test for exclusive c14n that relates to issue [on Pratik Datta - due 2010-12-07].

Suite B/ECC

fjh: Status, work is continuing in the background

tlr: Not much to say, trying to figure out if we can do something else before starting a PAG

<tlr> q

<fjh> cynthia asks how to deal with optional algs in conformance interoperability tests

<fjh> thomas notes that focus is on interoperability, not conformance testing

<tlr> "passes the test suite"

bal: Will send Cynthia information discussed

<fjh> tlr: possible issue that mcgrew draft has expired

tlr: No update to the IETF ID, need to check on this

<fjh> does anyone know what is happening with the ietf draft

cynthia, I will check also

fjh: Anything else?
... Call next week, send out minutes shortly

Summary of Action Items

[NEW] ACTION: fjh to add example to signature 2.0 once Meiko shares text on list, see ACTION-711 [recorded in http://www.w3.org/2010/11/30-xmlsec-minutes.html#action01]
[NEW] ACTION: fjh to contact Meiko re actions and schedule [recorded in http://www.w3.org/2010/11/30-xmlsec-minutes.html#action03]
[NEW] ACTION: pdatta to share original interop test for exclusive c14n that relates to issue [recorded in http://www.w3.org/2010/11/30-xmlsec-minutes.html#action04]
[NEW] ACTION: scantor to implement change for ACTION-638 [recorded in http://www.w3.org/2010/11/30-xmlsec-minutes.html#action02]
 
[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.135 (CVS log)
$Date: 2009-03-02 03:52:20 $