See also: IRC log
<trackbot> Date: 13 December 2011
<scribe> ScribeNick: fjh
<csolc> * no problem
Call next week, 20th; No call on 27 December
Keep 3 Jan on schedule but may cancel by email depending on 2.0 CR status
Approve minutes, 29 November 2011
http://lists.w3.org/Archives/Public/public-xmlsec/2011Nov/att-0016/minutes-2011-11-29.html
RESOLUTION: Minutes from 29 November 2011 are approved.
http://lists.w3.org/Archives/Public/public-xmlsec/2011Dec/0006.html
prepared XML Encyption 1.1 and Security Algorithms Cross Reference for publication as WD, thursday 15 December
prepared "XML Encryption 1.1 CipherReference Processing using 2.0 Transforms" for Last Call publication
XML Encryption 1.1 Test Cases and Canonical XML 2.0 Test Cases documents for publication
RESOLUTION: CfCs for publication of XML Encryption 1.1 and test cases passed successfully
also
RESOLUTION: CfCs for publication of Last Call XML "XML Encryption 1.1 CipherReference Processing using 2.0 Transforms" passed successfully
http://lists.w3.org/Archives/Public/public-xmlsec/2011Dec/0001.html
http://lists.w3.org/Archives/Public/public-xmlsec/2011Dec/0002.html
<scribe> ACTION: hal to review FIPS and RSA-OAEP question in http://lists.w3.org/Archives/Public/public-xmlsec/2011Dec/0001.html [recorded in http://www.w3.org/2011/12/13-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-862 - Review FIPS and RSA-OAEP question in http://lists.w3.org/Archives/Public/public-xmlsec/2011Dec/0001.html [on Hal Lockhart - due 2011-12-20].
Reference test cases from C14N 2.0:
http://lists.w3.org/Archives/Public/public-xmlsec/2011Dec/0005.html
<scribe> ACTION: fjh to confirm correctness of C14N2 test case reference after publication [recorded in http://www.w3.org/2011/12/13-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-863 - Confirm correctness of C14N2 test case reference after publication [on Frederick Hirsch - due 2011-12-20].
CfC for going to CR: http://lists.w3.org/Archives/Public/public-xmlsec/2011Nov/0024.html
CfC includes summary of changes
From W3C process, transition to CR: "At this step, W3C believes the technical report is stable and appropriate for implementation. The technical report may still change based on implementation experience."
proposed RESOLUTION: Advance Canonical XML 2.0, XML Signature Streaming Profile of XPath 1.0 and XML Signature 2.0 to CR with no features as at risk, exit with at least 2 implementations
proposed RESOLUTION: Advance Canonical XML 2.0, XML Signature Streaming Profile of XPath 1.0 and XML Signature 2.0 to CR with no features as at risk, exit criteria at least 2 implementations and minimum period of two months
RESOLUTION: Advance Canonical XML 2.0, XML Signature Streaming Profile of XPath 1.0 and XML Signature 2.0 to CR with no features as at risk, exit criteria at least 2 implementations and minimum period of two months
csolc: how to get second implementation, open source or university, do we have any contacts
two potential issues - elliptic curve status and implementation
<scribe> ACTION: fjh to implement CR transition [recorded in http://www.w3.org/2011/12/13-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-864 - Implement CR transition [on Frederick Hirsch - due 2011-12-20].
fjh: hopefully the PAG will have a result this month
<scribe> ACTION: fjh to contact parties re participation in interop for 2.0 [recorded in http://www.w3.org/2011/12/13-xmlsec-minutes.html#action04]
<trackbot> Created ACTION-865 - Contact parties re participation in interop for 2.0 [on Frederick Hirsch - due 2011-12-20].
Microsoft has additional and updated elliptic curve test cases in wiki, completed oracle interop. Not working on encryption interop..
Magnus noted "chunked" form of GCM would allow streaming, offlist
brich: specification requires checking of tags and full processing to reach end
... hence streaming not possible
... certification not clear since spec has some vague language about certification
hal: would be helpful to have detail from magnus on the public list
ACTION-841?
<trackbot> ACTION-841 -- Pratik Datta to add link to canonical XML 2.0 samples into the spec -- due 2011-10-11 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/841
fjh: I did this
close ACTION-841
<trackbot> ACTION-841 Add link to canonical XML 2.0 samples into the spec closed
ACTION-848?
<trackbot> ACTION-848 -- Bruce Rich to contact OASIS ebXML community regarding large data issue and GCM -- due 2011-10-25 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/848
brich: ebXML is in use for small chunks of data, so more general issue than GCM
... will forward message to xml signature public list
fjh: summary, not an issue here
ACTION-850?
<trackbot> ACTION-850 -- Hal Lockhart to review XML Encryption 1.1 security considerations and propose changes in light of today's discussion -- due 2011-10-25 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/850
hal: producing a detailed summary, few paragraphs, lots of subtlety
... for example, can have wrapping attack with even one error message
... issue is multiple processing layers, security, application, etc without any responsibility on any layer to detect message structure
<Ed_Simon> * Ed: signing off.
ACTION-851?
<trackbot> ACTION-851 -- Pratik Datta to propose text regarding KeyLength and PBKDF2, assuming we do not change the schemna -- due 2011-10-25 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/851
proposal made, adopted in draft
close ACTION-851
<trackbot> ACTION-851 Propose text regarding KeyLength and PBKDF2, assuming we do not change the schemna closed
hal: could use hmac based on decryption key but not more helpful than GCM
ACTION-856?
<trackbot> ACTION-856 -- Brian LaMacchia to discuss with magnus possible encryption algorithms suitable for streaming -- due 2011-11-15 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/856
<scribe> done but need to share result with wg
close ACTION-858
<trackbot> ACTION-858 Send CfC for resolution to Publish CR drafts of Canonical XML 2.0, XML Signature 2.0 and Streaming Profile of XPath 1.0 this month closed
close ACTION-859
<trackbot> ACTION-859 Send CfC to move XML Encryption 1.1 CipherReference Processing using 2.0 Transforms to LC closed
close ACTION-861
<trackbot> ACTION-861 Send message re closing ISSUE-230 closed