planning publication roadmap

I propose we agree to publish the revised XML Signature Best Practices as a W3C Note on tomorrow's call.

Here are the next publication steps I propose we take once the PAG completes:

(1) XML Signature 1.1 - New Last Call and then back to CR.

Changes to XML Signature 1.1 since CR publication:

Editorial:

* Wording changes to align with PAG for ECC.

* Reference functional explanation in SOTD

* Reference best practices in Introduction (and add reference) 

* clarify serialization, http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/0006.html

* additional clarifications:  add to first paragraph in 4.5, KeyInfo Element additional text on scope, add note to 4.5.3 RetrievalMethod Element that KeyInfoReference preferred.; changes to finish addressing LC-2506, http://www.w3.org/2006/02/lc-comments-tracker/42458/WD-xmldsig-core2-20110421/2506?cid=2506

Non-Editorial:

* Add REQUIRED to Exclusive C14N omits comments identifier in   6.5.3,

* change SHOULD for KeyInfoReference instead of RetrievalMethod per ACTION-816

(2) XML Encryption 1.1 - new LC, then CR. 

Changes

* added AES192-GCM which was missing due to oversight 6/9/2012
* clarify Parameters with anyType addition to schema (the default)

(3) Publish update of Security Algorithms Cross-Reference as W3C Note

* added AES192-GCM which was missing due to oversight 6/9/2012
* do not include 2.0 algorithms

(4) Publish new LC of XML SIgnature 2.0 then CR

Editorial changes related to PAG and ECC.

(5) Publish XML Security 1.1 and 2.0 requirements documents as W3C Notes.

Comment or concern? Are any additional changes needed for these specifications?

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG

Received on Monday, 2 July 2012 23:55:14 UTC