See also: IRC log
<trackbot> Date: 04 December 2012
<scribe> ScribeNick: fjh
Note there is a call next week, 11 December, unless cancelled (scribe note - was cancelled at end of today's call)
No call 18 Dec, 25 Dec or 1 January
Approve minutes from 27 November 2012
http://lists.w3.org/Archives/Public/public-xmlsec/2012Nov/att-0015/minutes-2012-11-27.html
RESOLUTION: Minutes from 27 November 2012 are approved.
approval of added security considerations section to XML Encryption 1.1
fjh: I revised the new security considerations section based on comments from Magnus and Bruce
http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0001.html plus subsequent fix for symmetric
Magnus indicated offlist that ok with revised text
juraj gave feedback this morning http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0009.html
two issues: 1 wording of security consideration, 2 definition of key derivation
question: process
fjh: believe we can add security consideration without additional process before PR
tlr: agree
fjh: could add informative example on how to do this without having to cycle through interop, LC, CR etc
... or add as separate document
tlr: agree to adding informative example, could create separate document or a 1.2 revision, agree need to ship 1.1 now
fjh: how quickly could we cycle a new release
tlr: could do it quickly, define the addition and call it 1.2, could do it within six months
fjh: do not want to stall 1.1 waiting for interest in new work
tlr: agree, do 1.1. then do 1.2 if interest, then recharter for that
<scribe> ACTION: send CfC to agree to put additional features in potential 1.2 if interest [recorded in http://www.w3.org/2012/12/04-xmlsec-minutes.html#action01]
<trackbot> Sorry, couldn't find send. You can review and register nicknames at <http://www.w3.org/2008/xmlsec/track/users>.
<scribe> ACTION: fjh to send CfC to agree to put additional features in potential 1.2 if interest [recorded in http://www.w3.org/2012/12/04-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-925 - Send CfC to agree to put additional features in potential 1.2 if interest [on Frederick Hirsch - due 2012-12-11].
fjh: Juraj raised a concern regarding language in the new security consideration, due to the clarification in response to Bruce and Magnus. I suggest we leave it alone
... will put this in the CfC as well
gerald: no comment
tlr: no comment
<scribe> ACTION: fjh to send CfC that WG accepts the added XML Encryption 1.1 security consideration section as currently drafted [recorded in http://www.w3.org/2012/12/04-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-926 - Send CfC that WG accepts the added XML Encryption 1.1 security consideration section as currently drafted [on Frederick Hirsch - due 2012-12-11].
fjh: any thoughts on appropriate length for CfC - 1 week should be enough?
tlr: yes, 1 week is enough
already discussed, will send CfC
XML Encryption 1.1 - http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/Overview.html
fjh: stable but depends on decisions for security consideration and additional key derivation
... will include this in the same CfC
... signature stable, so we can make PR decision
XML Signature 1.1 - http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html
<scribe> ACTION: fjh to make CfC for proposed RESOLUTION: The XML Security working group agrees to progress XML Signature 1.1 to Proposed Recommendation, using the latest editors draft of 13 November 2012 that includes an update in response to LC-2721. [recorded in http://www.w3.org/2012/12/04-xmlsec-minutes.html#action04]
<trackbot> Created ACTION-927 - Make CfC for proposed RESOLUTION: The XML Security working group agrees to progress XML Signature 1.1 to Proposed Recommendation, using the latest editors draft of 13 November 2012 that includes an update in response to LC-2721. [on Frederick Hirsch - due 2012-12-11].
fjh: signature properties also stable
<scribe> ACTION: fjh to send CfC for proposed RESOLUTION: The XML Security working group agrees to progress XML Signature Properties to Proposed Recommendation, using the latest editors draft of 10 September 2012 which reflects removal of at-risk items that were not tested. [recorded in http://www.w3.org/2012/12/04-xmlsec-minutes.html#action05]
XML Signature Properties - http://www.w3.org/2008/xmlsec/Drafts/xmldsig-properties/Overview.html
<scribe> ACTION: fjh to submit transition request to Proposed Recommendation for XML Encryption 1.1, XML Signature 1.1 and XML Signature Properties once Exclusion Period for XML Encryption 1.1 is completed, after 17 December and CfCs approved [recorded in http://www.w3.org/2012/12/04-xmlsec-minutes.html#action06]
<trackbot> Created ACTION-928 - Submit transition request to Proposed Recommendation for XML Encryption 1.1, XML Signature 1.1 and XML Signature Properties once Exclusion Period for XML Encryption 1.1 is completed, after 17 December and CfCs approved [on Frederick Hirsch - due 2012-12-11].
fjh: plan to set publication date for 10 Jan, is that a problem?
... assume it is ok
proposed RESOLUTION:The XML Security working group agrees to publish "XML Security 1.1 Requirements and Design Considerations" as a W3C Note.
Updated "Functional Explanation of Changes in XML Encryption 1.1" , http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0004.html
proposed RESOLUTION: The XML Security working group agrees to published updated Note of "Functional Explanation of Changes in XML Encryption 1.1"
XML Security Algorithm Cross-Reference, Updated editors draft : http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0005.html
proposed RESOLUTION: The XML Security working group agrees not to include XML Security 2.0 algorithms in "XML Security Algorithm Cross-Reference".
proposed RESOLUTION: The XML Security working group agrees to publish "XML Security Algorithm Cross-Reference" as W3C Note.
gerald: what about XML Signature Best Practices
fjh: we probably should update it for the latest and republish
<scribe> ACTION: fjh to update XML Signature Best Practices to add latest key separation concern [recorded in http://www.w3.org/2012/12/04-xmlsec-minutes.html#action07]
<trackbot> Created ACTION-929 - Update security considerations to add latest [on Frederick Hirsch - due 2012-12-11].
<scribe> ACTION: fjh to send CfC for publishing these Notes [recorded in http://www.w3.org/2012/12/04-xmlsec-minutes.html#action08]
<trackbot> Created ACTION-930 - Send CfC for publishing these Notes [on Frederick Hirsch - due 2012-12-11].
RESOLUTION: Cancel next week's call, 11 December
next call will be 8 January
fjh: we will progress our work by email