W3C

XML Security Working Group Teleconference

24 May 2011

Agenda

See also: IRC log

Attendees

Present
Frederick_Hirsch, Scott_Cantor, Gerald_Edgar, Pratik_Datta, Magnus_Nystrom, Brian_LaMacchia, Bruce_Rich, Shivaram_Mysore, Chris_Solc
Regrets
Cynthia_Martin, Ed_Simon
Chair
Frederick_Hirsch
Scribe
Gerald-E

Contents

<trackbot> Date: 24 May 2011

<fjh> ScribeNick: Gerald-E

Administrative

<fjh> Next meeting 7 June 2011, see http://www.w3.org/2008/xmlsec/Group/Overview.html#meetings

Widget Signature

<fjh> new widget signature last call anticipated, http://lists.w3.org/Archives/Public/public-xmlsec/2011May/0007.html

Minutes approval

<fjh> Approve minutes, 19 April 2011

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Apr/att-0032/minutes-2011-04-19.html

RESOLUTION: Minutes from 19 April approved.

PAG

fjh: The PAG has been meeting and continues to meet.

Charter renewal

<fjh> http://lists.w3.org/Archives/Member/member-xmlsec/2011Apr/0001.html

fjh: to work with thomas for this.

2.0 Last call

<fjh> Last Call drafts published 26 April 2011: XML Signature 2.0, Canonical XML 2.0, XML Signature Streaming Profile of XPath 1.0

<fjh> http://www.w3.org/News/2011#entry-9075

<fjh> Updated WDs also published: XML Security 2.0 Requirements and Design Consideration, XML Security RELAX NG Schemas, XML Security Algorithm Cross-Reference

<fjh> announcement, http://lists.w3.org/Archives/Public/public-xmlsec/2011Apr/0034.html (Frederick)

<fjh> ACTION-791: Thomas Roessler to Request SAAG review of XML Sec 2.0 once spec is in LC

<trackbot> ACTION-791 Request SAAG review of XML Sec 2.0 once spec is in LC notes added

<fjh> Definition of whitespace for the TrimTextNodes parameter in C14N 2.0

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Apr/0041.html

fjh: whitespace or trim text comment

Pratik: there is a "iswhitespace" function in Java that is different from this.

<fjh> need to clarify that whitespace is as xml defined

Scott To use whitespace as XML defines it, not as others define it.

<fjh> ACTION: pdatta to update C14N2 draft with note to clarify whitespace definition as XML definition, provide warning re using other libraries like Java [recorded in http://www.w3.org/2011/05/24-xmlsec-minutes.html#action01]

<trackbot> Created ACTION-799 - Update C14N2 draft with note to clarify whitespace definition as XML definition, provide warning re using other libraries like Java [on Pratik Datta - due 2011-05-31].

<fjh> PrefixRewrite in C14N 2.0

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011May/0000.html

<fjh> proposal each uri to map only to one prefix

pdatta: prefix rewriting and operations based on URIs

fjh: what is the downside of this change?

<fjh> pdatta: prefix shortcut for uri, this was an oversight noticed with writing test cases

<fjh> ACTION: pdatta to update C14N for 1-1 prefix to uri mapping [recorded in http://www.w3.org/2011/05/24-xmlsec-minutes.html#action02]

<trackbot> Created ACTION-800 - Update C14N for 1-1 prefix to uri mapping [on Pratik Datta - due 2011-05-31].

<pdatta> if there are two prefix declarations to the same URI e.g.xmlns:a="http://z0" and xmlns:b:="http://z0" they should map to the same rewritten prefix

C14N2 Test Cases

<fjh> http://www.w3.org/2008/xmlsec/Group/interop/c14n2/

Pdatta: documented test using default namespaces
... test with whitespaces

<fjh> pdatta: need to add whitespace, c14n1 examples

pdatta: to see what applies to 2.0

fjh: we should take a look at the test cases

<fjh> all, please review c14N test case document - namespace sections

<fjh> ACTION: fjh to review C14N2 test case document [recorded in http://www.w3.org/2011/05/24-xmlsec-minutes.html#action03]

<trackbot> Created ACTION-801 - Review C14N2 test case document [on Frederick Hirsch - due 2011-05-31].

Interop gap review

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011May/0006.html

<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011May/att-0006/test-table-1_1-2_0.html

fjh: other groups have attempted to write the specifications to automate test case gereration
... ocsp tests seems to be missing
... to document exceptions

<fjh> http://www.w3.org/Signature/2001/04/05-xmldsig-interop.html

<fjh> http://www.w3.org/Signature/2002/02/01-exc-c14n-interop.html

<fjh> http://www.w3.org/Encryption/2002/02-xenc-interop.html

bal: try to pick a base of tests that exercise the mandatory elements, and adding in optional elements
... eg ecdsa tests then add additoinal elements, a delta of funtionality
... or to create a large test case and prove the results

fjh: to create "unit tests" that can test functionality

<Magnus> The tests we developed this winter (and did interop on) was for Derived Key

<Magnus> We had interop with IBM

<fjh> http://www.w3.org/2008/xmlsec/wiki/Interop

<Magnus> The test cases have been updated on the Wiki after our interop

<fjh> Gerald is continuing to update the test coverage document, later we can consider moving into CVS etc

<fjh> ISSUE-132?

<trackbot> ISSUE-132 -- Keep 2.0 xenc transform feature in sync with signature 2.0 -- open

<trackbot> http://www.w3.org/2008/xmlsec/track/issues/132

Adjourn

Summary of Action Items

[NEW] ACTION: fjh to review C14N2 test case document [recorded in http://www.w3.org/2011/05/24-xmlsec-minutes.html#action03]
[NEW] ACTION: pdatta to update C14N for 1-1 prefix to uri mapping [recorded in http://www.w3.org/2011/05/24-xmlsec-minutes.html#action02]
[NEW] ACTION: pdatta to update C14N2 draft with note to clarify whitespace definition as XML definition, provide warning re using other libraries like Java [recorded in http://www.w3.org/2011/05/24-xmlsec-minutes.html#action01]
 
[End of minutes]
Minutes formatted by David Booth's scribe.perl version 1.135 (CVS log)
$Date: 2009-03-02 03:52:20 $