See also: IRC log
<trackbot> Meeting: XML Security Working Group Teleconference
<trackbot> Date: 06 September 2011
<fjh> xmlsec
<fjh_> scribenick: shivaram
<fjh> publication: updated XML Security RELAX NG Schemas WD, 30 August 2011: http://www.w3.org/TR/2011/WD-xmlsec-rngschema-20110830/
http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/att-0093/minutes-2011-08-30.html
RESOLUTION: Minutes from 30 August 2011 approved
<fjh> Updated XML Encryption 1.1 security consideration for Timing Attacks, http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/0095.html
<fjh> add XSD Schema copyrights?
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/0097.html
<tlr> s/Institut National de Recherche en Informatique et en Automatique/ERCIM/
The schema issues were caused due to browser issues
<tlr> http://www.w3.org/Consortium/Legal/2002/copyright-software-short-notice-20021231.html
The plan is to update copyrights on the schema and post the source verbatim
<fjh> ACTION: fjh to update xsd schemas with copyright and update RNG schema copyrights [recorded in http://www.w3.org/2011/09/06-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-831 - Update xsd schemas with copyright and update RNG schema copyrights [on Frederick Hirsch - due 2011-09-13].
RESOLUTION: Update xsd schemas with copyright and update RNG schema copyrights per current W3C notice
http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/0098.html
fjh is asking why we should not follow Makoto's plan of including XML Enc schema for validation in Singature 1.1
scott: the import does not tell me where we should get the schema; feels that Makoto suggestion is not right; schema should be found locally, do not want to hit server repeatedly based on namespace URI
scantor: understanding Makoto's use case tells him that he should load the 1.1 Signature schema even though he may not be using in the code so that validation can be done
... schema location is a hint; use of namespace tells the app what to bind to
<fjh> grammar bound to namespace can use it, otherwise with lax validation can ignore
RESOLUTION: in response to Makoto's concern regarding 1.1 schema the WG decided not to not to import xsig11 schema into xenc11 schema. fjh will respond
<fjh> ACTION: fjh to respond to makoto re schema issue [recorded in http://www.w3.org/2011/09/06-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-832 - Respond to makoto re schema issue [on Frederick Hirsch - due 2011-09-13].
http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/0014.html
defer this till Magnus is back
<fjh> ACTION-809?
<trackbot> ACTION-809 -- Pratik Datta to fix examples in signature 2.0 -- due 2011-06-21 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/809
<fjh> ACTION-802?
<trackbot> ACTION-802 -- Pratik Datta to review comments from XML Core WG and formulate response, http://lists.w3.org/Archives/Public/public-xmlsec/2011Jun/0005.html -- due 2011-06-14 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/802
<fjh> ACTION-819?
<trackbot> ACTION-819 -- Pratik Datta to update 2.0 11.3 text, including changes discussed in email http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/0000.html -- due 2011-08-09 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/819
<fjh> close action-809
<trackbot> ACTION-809 Fix examples in signature 2.0 closed
pdatta: changed in response to external comments. Changed as discussed in the last meeting
<fjh> draft response http://lists.w3.org/Archives/Public/public-xmlsec/2011Sep/0015.html
RESOLUTION: pdatta's proposal for ACTION-830 is accepted
<fjh> close ACTION-802
<trackbot> ACTION-802 Review comments from XML Core WG and formulate response, http://lists.w3.org/Archives/Public/public-xmlsec/2011Jun/0005.html closed
<fjh> potential errata item, http://lists.w3.org/Archives/Public/public-xmlsec/2011Sep/0016.html
scantor and pdatta find that this is not a issue
<fjh> ACTION: fjh to send response re canonical xml [recorded in http://www.w3.org/2011/09/06-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-833 - Send response re canonical xml [on Frederick Hirsch - due 2011-09-13].
pdatta: link c14n examples doc to reference this CDATA example
<fjh> ACTION-238?
<trackbot> ACTION-238 -- Thomas Roessler to update the proposal associated with ACTION-222 and send to list. -- due 2011-09-30 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/238
<fjh> expectation is that Don Eastlake will update IETF RFC for whirlpool algorithm then we will update our reference
<fjh> ACTION-717?
<trackbot> ACTION-717 -- Pratik Datta to document the Performance improvements with 2.0 -- due 2010-11-09 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/717
<fjh> ACTION-779?
<trackbot> ACTION-779 -- Gerald Edgar to review test cases for 1.1 and summarize which are missing -- due 2011-03-08 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/779
<fjh> ACTION-793?
<trackbot> ACTION-793 -- Gerald Edgar to review 1.1 interop to determine which gaps we have in 1.1 testing itself -- due 2011-04-19 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/793
<fjh> ACTION-802?
<trackbot> ACTION-802 -- Pratik Datta to review comments from XML Core WG and formulate response, http://lists.w3.org/Archives/Public/public-xmlsec/2011Jun/0005.html -- due 2011-06-14 -- CLOSED
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/802
<fjh> ACTION-809?
<trackbot> ACTION-809 -- Pratik Datta to fix examples in signature 2.0 -- due 2011-06-21 -- CLOSED
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/809
<fjh> ACTION-819?
<trackbot> ACTION-819 -- Pratik Datta to update 2.0 11.3 text, including changes discussed in email http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/0000.html -- due 2011-08-09 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/819
<fjh> close ACTION-819
<trackbot> ACTION-819 Update 2.0 11.3 text, including changes discussed in email http://lists.w3.org/Archives/Public/public-xmlsec/2011Aug/0000.html closed
<fjh> ACTION-820?
<trackbot> ACTION-820 -- Thomas Roessler to remind WG how to deprecate RetrievalMethod in 1.1 and disallow in 2.0 appropriately -- due 2011-08-16 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/820
<tlr> ACTION-820 closed
<trackbot> ACTION-820 Remind WG how to deprecate RetrievalMethod in 1.1 and disallow in 2.0 appropriately closed
<tlr> ACTION: thomas review XML Signature 1.1 and 2.0 treatment of RetrievalMethod [recorded in http://www.w3.org/2011/09/06-xmlsec-minutes.html#action04]
<trackbot> Created ACTION-834 - Review XML Signature 1.1 and 2.0 treatment of RetrievalMethod [on Thomas Roessler - due 2011-09-13].
<fjh> ACTION-828?
<trackbot> ACTION-828 -- Hal Lockhart to propose additional text for security considerations of xml encryption -- due 2011-08-23 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/828
<fjh> close ACTION-828
<trackbot> ACTION-828 Propose additional text for security considerations of xml encryption closed
<fjh> ACTION-829?
<trackbot> ACTION-829 -- Scott Cantor to provide additional proposal text regarding xml encryption changes for pkcs1.5 -- due 2011-08-23 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/829
<fjh> close ACTION-829
<trackbot> ACTION-829 Provide additional proposal text regarding xml encryption changes for pkcs1.5 closed
<fjh> aCTION-830?
<trackbot> ACTION-830 -- Pratik Datta to compose draft response for LC-4288 and share on xmlsec list for review -- due 2011-09-06 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/830
<fjh> close ACTION-830
<trackbot> ACTION-830 Compose draft response for LC-4288 and share on xmlsec list for review closed