See also: IRC log
<trackbot> Date: 11 October 2011
<scribe> ScribeNick: fjh
No announcements
Approve minutes, 4 October 2011
http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/att-0007/minutes-2011-10-04.html
RESOLUTION: Minutes from 4 October 2011 are approved.
http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/0024.html (Frederick)
http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/0029.html (Scott)
proposed RESOLUTION: Accept XML Encryption 1.1 change proposed by Frederick in 2011Oct/0024 with change to make MGF xenc11 element
RESOLUTION: Accept XML Encryption 1.1 change proposed by Frederick in 2011Oct/0024 with change to make MGF xenc11 element
<scribe> ACTION: fjh to update XML Encryption 1.1 with changes in http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/0024.html [recorded in http://www.w3.org/2011/10/11-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-844 - Update XML Encryption 1.1 with changes in http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/0024.html [on Frederick Hirsch - due 2011-10-18].
<scribe> ACTION: fjh to propose URI for sha 2 for mgf function [recorded in http://www.w3.org/2011/10/11-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-845 - Propose URI for sha 2 for mgf function [on Frederick Hirsch - due 2011-10-18].
<scribe> ACTION: fjh to update algorithm cross-reference to reflect changes for xml encryption 1.1 [recorded in http://www.w3.org/2011/10/11-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-846 - Update algorithm cross-reference to reflect changes for xml encryption 1.1 [on Frederick Hirsch - due 2011-10-18].
http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/0018.html
pdatta: have started two tables, one for key transport for various combinations
... one for key agreement
... only have one combination in each table but would like to expand this to various combinations
fjh: request that other implementers review this and contribute, please contact Pratik
http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/0017.html
fjh: Waiting for response from Magnus or others
proposal is to remove KeyLength
http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/0022.html
pdatta: sent an email to NIST as well, asking about this, but have received no response
... question was not about re-using the key, know should not re-use it
scantor: understood magnus to say could not re-use key with same recipient, but for different recipients get different derived key due to different public key
... question if using ephemeral key with different recipients, is there a weakness, even though different derived keys
... sounds like from Magnus response that there isn't
... document should be clear that can only use same key for different recipients, not same
pdatta: this is something to look at
scantor: probably need a warning in the text that not to re-use the key
pdatta: safer to use a nonce each time, then do not need to worry about warning
Discussion of 2.0 and CBC mode, question of versioning
fjh: should not make dramatic changes to 1.1 due to deployment, should we consider changes for 2.0
hal: might need to wait for a few years to let attacks settle
... interop is important
... authenticating mode for block mode is an interesting direction, not sure of weaknesses with those however
pdatta: could make recommendation in 2.0 in this direction
<scribe> ACTION: pdatta to propose update to 2.0 algorithm requirements to encourage authenticating mode [recorded in http://www.w3.org/2011/10/11-xmlsec-minutes.html#action04]
<trackbot> Created ACTION-847 - Propose update to 2.0 algorithm requirements to encourage authenticating mode [on Pratik Datta - due 2011-10-18].
http://lists.w3.org/Archives/Public/public-xmlsec/2011Sep/0046.html (Pratik)
Additional editorial feedback on proposal - http://lists.w3.org/Archives/Public/public-xmlsec/2011Sep/0051.html (Paul Grosso)
pdatta: edit remaining to be done
fjh: mentioned on XML Coordination call that it was done...