See also: IRC log
<trackbot> Date: 11 January 2011
<fjh> Add to 1.1 discussion status of Algorithms Cross-Reference and RELAX NG Schema, to 2.0 updates to C14N2 and XPath profile
<fjh> ScribeNick: Hal
<fjh> Approve minutes, 4 January 2011
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/att-0007/minutes-2011-01-04.html
RESOLUTION: Minutes from 4 January 2011 are approved.
<fjh> Updated same-document section references
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0021.html
fjh fixed internal, not external references
<fjh> XML Signature 1.1. base64 placement, ACTION-764
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0017.html
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0019.html
bal: use same base64 identifier for transforn and encoding purposes
bal; doesn't make sense to eliminate one of them
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0022.html
bal: scott pointed out we not explicitly list as required transform
dioscussion as to whether transform is exactly required
bal: supposed to be able to sign anything
... can argue we need one interoperable way to do this
... base64 is the obvious answer
... spec is not clear
ball: not critical for 1.1, should clarify in 2.0
fjh: should be clear and list as transform and also clarify use for encoding, e.g. for Object
<fjh> bal noted that intent is that content can be a detached signature or that content can be embedded in Object if latter base64 , need interoperable way
scott: suggest not required for 2.0
<fjh> proposed RESOLUTION: add base64 as required transform in 6.1 of XML Signature 1.1, add clarification of encoding usage
RESOLUTION: add base64 as required transform in 6.1 of XML Signature 1.1, add clarification of encoding usage
<fjh> ACTION: bal to implement change for base64 [recorded in http://www.w3.org/2011/01/11-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-766 - Implement change for base64 [on Brian LaMacchia - due 2011-01-18].
<fjh> ACTION: magnus to review XML Encryption 1.1 references to external document sections, explain document and requirements [recorded in http://www.w3.org/2011/01/11-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-767 - Review XML Encryption 1.1 references to external document sections, explain document and requirements [on Magnus Nystrom - due 2011-01-18].
<fjh> Need review of XML Signature 1.1 references to external documents, explain doc
<Cynthia> I can review it also
fjh: no need to send CR notices now, will do so in a few weeks
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0015.html
<fjh> I suggest we mark the Created/Expires/ReplayProtect properties as "at risk" and move the entire Signature Properties document to CR along with the other 1.1 CR drafts.
RESOLUTION: mark the Created/Expires/ReplayProtect properties as "at risk" and move the entire Signature Properties document to CR along with the other 1.1 CR drafts.
<fjh> ISSUE-91?
<trackbot> ISSUE-91 -- ECC can't be REQUIRED -- open
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/91
fjh: Thomas working this issue
<fjh> Agree next week, 18 January to bring the following to Candidate Recommendation (CR) status:
<fjh> XML Signature 1.1, XML Encryption 1.1, XML Security Properties, XML Security Generic Hybrid Ciphers
<fjh> (see roadmap, http://www.w3.org/2008/xmlsec/wiki/Roadmap)
<fjh> Hold Director's call ca 25 January, publish 27 January 2011
<fjh> http://www.w3.org/2008/xmlsec/wiki/Interop
fjh: please let us know if there are items which may not be implemented
... for CR we need to indicate what is at risk
<fjh> part of our submission to publish as CR is to note items that are "at risk" of not being implemented,
<fjh> please indicate on the list of what might be at risk of not having adequate implementation
<tlr> tlr: FYI, expect to have a proposal from Certicom re 1.1 later (probably today).
<fjh> Signature 2.0 Editorial updates
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0008.html
scantor: examples the only outstanding item
fjh: need more document review
scantor: should avoid forward references
... move selection & verification stuff in processintog model
discussion about editoral changes to explanatory text
<fjh> here is my proposal, http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0010.html
fjh: suggest more thought and proposal on the list
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0016.html
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Nov/0002.html
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Nov/0003.html
<tlr> issue-226?
<trackbot> ISSUE-226 -- What protection is gained by the <dsig2:IDAttributes> element? -- open
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/226
<fjh> ACTION: mjensen to follow up on ISSUE-226 and byte range with Henrich [recorded in http://www.w3.org/2011/01/11-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-768 - Follow up on ISSUE-226 and byte range with Henrich [on Meiko Jensen - due 2011-01-18].
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Jan/0024.html
<fjh> need to add note that can use URI for id instead of using id \within XPath
<fjh> add to XML Signature selection alg
<fjh> ACTION: pdatta to add note to XML SIgnature to clarify use of id with URI versus XPath [recorded in http://www.w3.org/2011/01/11-xmlsec-minutes.html#action04]
<trackbot> Created ACTION-769 - Add note to XML SIgnature to clarify use of id with URI versus XPath [on Pratik Datta - due 2011-01-18].
<fjh> ACTION-538?
<trackbot> ACTION-538 -- Meiko Jensen to provide proposal related to namespace wrapping attacks once XPath profile available -- due 2010-03-09 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/538
<fjh> http://www.w3.org/2008/xmlsec/Drafts/c14n-20/#sec-Namespace-Algorithm
<fjh> ACTION-729?
<trackbot> ACTION-729 -- Pratik Datta to highlight potential issue with non-support for xml:base through removal of inclusive in xml signature and c14n2 drafts -- due 2010-11-23 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/729
<fjh> ACTION-732?
<trackbot> ACTION-732 -- Frederick Hirsch to add example to signature 2.0 once Meiko shares text on list, see ACTION-711 -- due 2010-12-07 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/732
<fjh> ACTION-747?
<trackbot> ACTION-747 -- Pratik Datta to update XPath profile for Option 1 in proposal associated with ACTION-737 -- due 2010-12-21 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/747
<fjh> ACTION-753?
<trackbot> ACTION-753 -- Scott Cantor to work on creating 2.0 example for Signature 2.0 -- due 2010-12-21 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/753
<fjh> ACTION-758?
<trackbot> ACTION-758 -- Pratik Datta to update abstract and intro of c14N2 to remove relationship to C14N1 and exclusive in abstract and explain relationship in intro -- due 2011-01-11 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/758
<fjh> ACTION-759?
<trackbot> ACTION-759 -- Pratik Datta to update requirements section of c14n2 with context/exclusive c14n requirement and description -- due 2011-01-11 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/759
<fjh> ACTION-760?
<trackbot> ACTION-760 -- Thomas Roessler to help simplify and clarify processing for Curie in C14N2 -- due 2011-01-11 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/760
<fjh> ACTION-763?
<trackbot> ACTION-763 -- Pratik Datta to review ISSUE-198 and where algorithm should be placed -- due 2011-01-11 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/763
<tlr> action-760 due next week
<trackbot> ACTION-760 Help simplify and clarify processing for Curie in C14N2 due date now next week
<fjh> ISSUE-198?
<trackbot> ISSUE-198 -- How to determine if arbitrary text content contains prefixes? Might need to do a lot of searching because text content can be large -- open
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/198
<tlr> action-761 due next week
<trackbot> ACTION-761 Explain importance and need for Curie support due date now next week
<fjh> don't recognize in whitespace separated list of qnames
<fjh> meiko notes the cases not handled in 2.0 are corner cases.
<fjh> proposed RESOLUTION: limit handling of prefixes as noted in document, note cases not handled.
<fjh> pdatta: notes concern about covering other possible situations
<fjh> hal suggests looking at where implementation difficulty occurs
<fjh> for last call we need to note what is not covered in the document.
fjh: should have one list or two for 1.1 and 2.0?
... suggest a single doc
<Cynthia> Prefer single document, easier to reference and update
RESOLUTION: Create a single document for Algorithm cross reference for 1.1 and 2.0
<tlr> were planning on Note, otherwise schemas should probably be in the specs
<Cynthia> I will take a survey about this and let you know
<Cynthia> Just a reminder, I will not be on the call next week