W3C

XML Security Working Group Teleconference

05 Apr 2011

Agenda

See also: IRC log

Attendees

Present
Frederick_Hirsch, Bruce_Rich, Chris_Solc, Pratik_Datta, Hal_Lockhart, Gerald_Edgar
Regrets
Scott_Cantor, Brian_LaMacchia, Cynthia_Martin, Magnus_Nystrom, Meiko_Jensen, Thomas_Roessler, Shivaram_Mysore, Ed_Simon
Chair
Frederick_Hirsch
Scribe
fjh

Contents

<trackbot> Date: 05 April 2011

<scribe> ScribeNick: fjh

Administrative

26 April 2011, 3 May, 10 May Teleconferences cancelled. Please make a note of these dates.

Minutes Approval

Approve minutes, 29 March 2011

http://lists.w3.org/Archives/Public/public-xmlsec/2011Mar/att-0028/minutes-2011-03-29.html

RESOLUTION: Minutes from 29 March 2011 are approved.

PAG status

no new status, PAG has not started yet

http://www.w3.org/2011/xmlsec-pag/Member/

PAG signups, http://lists.w3.org/Archives/Member/member-xmlsec/2011Mar/0003.html

XML Security 2.0

Editorial updates

Updated Signature 2.0 with examples: http://lists.w3.org/Archives/Public/public-xmlsec/2011Mar/0032.html (Frederick)

Additional updates, http://lists.w3.org/Archives/Public/public-xmlsec/2011Apr/0007.html (Frederick)

added XML-PARSER-STAX reference, fix example in 2.5.3.2 id should be i2, various editorial cleanup

fjh: no concerns with publishing at this point expressed by those on call or list

2.0 Last Call

CfC, http://lists.w3.org/Archives/Public/public-xmlsec/2011Mar/0033.html

fjh: No comment, so planning to complete Last Call publication next week

Interop and test cases

http://www.w3.org/2008/xmlsec/wiki/Interop

ACTION-779, http://lists.w3.org/Archives/Public/public-xmlsec/2011Mar/0030.html

gerald: should testing be separate for selection vs canonicalization etc

fjh: has benefits of modularity, but would like to hear from implementers

gerald: will expand into a table for the test cases
...: for verification and changes for 1.1

gerald: focus of my email was on 2.0

pdatta: also need to separate tests into mandatory vs non-mandatory

fjh: need to consider both dimensions

pdatta: concern about lack of implementation for non-mandatory features

fjh: will leave action open as Gerald works on table

ACTION-779: will update with table, mandatory/non-mandatory and separate functionality

<trackbot> ACTION-779 Review test cases for 1.1 and summarize which are missing notes added

Action review

ACTION-238 Update the proposal associated with ACTION-222 and send to list.Thomas Roessler2011-03-15XML Security Algorithm Cross-Reference

ACTION-411 Perform measurement related to transform octet conversionPratik Datta2010-06-30Performance

ACTION-426 Run performance tests on non-optimized Signature implementationPratik Datta

ACTION-699 Update interop wiki with suite B organizationCynthia Martin

ACTION-705 Confirm suitability of exclusiveJuan Carlos Cruellas

http://lists.w3.org/Archives/Public/public-xmlsec/2011Apr/0008.html

ACTION-716 Propose text for xpath and best practicesMeiko Jensen

ACTION-717 Document the Performance improvements with 2.0Pratik Datta

ACTION-778 Propose changes to the XPath profile related to using XPath 2.0Pratik Datta

propose to close due to lack of resources

ACTION-779 Review test cases for 1.1 and summarize which are missingGerald Edgar

ACTION-781 Check on commit message mechanism for xmlsecThomas Roessler

ACTION-778?

<trackbot> ACTION-778 -- Pratik Datta to propose changes to the XPath profile related to using XPath 2.0 -- due 2011-03-08 -- OPEN

<trackbot> http://www.w3.org/2008/xmlsec/track/actions/778

action-778: not making this change unless sufficient interest expressed during Last Call

<trackbot> ACTION-778 Propose changes to the XPath profile related to using XPath 2.0 notes added

close ACTION-778

<trackbot> ACTION-778 Propose changes to the XPath profile related to using XPath 2.0 closed

<gedgar> for action 779 I will create a table of test cases to use for interoperability, since some implementations will only address required functionality I will focus on that

Issue review

ISSUE-86 Document performance criterial and benchmarks

ISSUE-91 ECC can't be REQUIRED2009-01-26XML Security

ISSUE-122 Explain why peformance improvements and rationale, relationship to earlier work

ISSUE-132 Keep 2.0 xenc transform feature in sync with signature 2.0

ISSUE-208 List 2.0 algorithms in algorithms cross-reference

ISSUE-217 XML Signature 2.0 needs 2.0 mode examples, e.g. , verification, selection etc.

close ISSUE-217

<trackbot> ISSUE-217 XML Signature 2.0 needs 2.0 mode examples, e.g. , verification, selection etc. closed

ISSUE-132?

<trackbot> ISSUE-132 -- Keep 2.0 xenc transform feature in sync with signature 2.0 -- open

<trackbot> http://www.w3.org/2008/xmlsec/track/issues/132

tlr comment on issue -> suggest to revisit when xml sig 2.0 comes out of last call

fjh: any action needed now?

ISSUE-208?

<trackbot> ISSUE-208 -- List 2.0 algorithms in algorithms cross-reference -- open

<trackbot> http://www.w3.org/2008/xmlsec/track/issues/208

<scribe> ACTION: fjh to review impact of 2.0 on algorithms cross-reference, ISSUE-208 [recorded in http://www.w3.org/2011/04/05-xmlsec-minutes.html#action01]

<trackbot> Created ACTION-787 - Review impact of 2.0 on algorithms cross-reference, ISSUE-208 [on Frederick Hirsch - due 2011-04-12].

Items of concern going forward: 1. publication of 2.0 last call, 2. PAG and ECC resolution, 3. Interop for 1.1 and 2.0, 4. Performance review and documentation

5. Evaluate and review comments on CR and Last Call (none to date)

Adjourn

Summary of Action Items

[NEW] ACTION: fjh to review impact of 2.0 on algorithms cross-reference, ISSUE-208 [recorded in http://www.w3.org/2011/04/05-xmlsec-minutes.html#action01]
 
[End of minutes]
Minutes formatted by David Booth's scribe.perl version 1.135 (CVS log)
$Date: 2009-03-02 03:52:20 $