See also: IRC log
<trackbot> Date: 27 November 2012
<scribe> ScribeNick: fjh
XML Encryption 1.1 Interop Test Report" and "XML Signature 1.1 Interop Test Report" published as W3C Notes on 13 November, see http://www.w3.org/News/2012#entry-9630
Approve minutes from 13 November 2012
http://lists.w3.org/Archives/Public/public-xmlsec/2012Nov/att-0012/minutes-2012-11-13.html
RESOLUTION: Minutes from 13 November 2012 are approved.
Proposed changes to XML Encryption 1.1 security considerations
proposed RESOLUTION: working group agrees to add new security consideration noted by Frederick Hirsch based on Juraj input
RESOLUTION: working group agrees to add new security consideration noted by Frederick Hirsch based on Juraj input
<scribe> ACTION: tlr to confirm ok to add security consideration to XML Encryption 1.1 before PR [recorded in http://www.w3.org/2012/11/27-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-924 - Confirm ok to add security consideration to XML Encryption 1.1 before PR [on Thomas Roessler - due 2012-12-04].
scantor: question of what is supported by OpenSSL to enable implementations, such as GCM
here() function clarification added to Editors draft (for Last Call comment LC-2721), per http://lists.w3.org/Archives/Public/public-xmlsec/2012Nov/0009.html
See http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.html#sec-XPath
fjh: please review the change but I think this is done
fjh: a couple of thoughts - we could disallow risky algorithms, Sign metadata (e.g. algorithm information), etc
... also not sure I like having a replication of 1.1 in a backward compatibility section
... however if we are not progressing not sure we should devote resources to it
... pdatta, have you heard anything more about implementations?
ACTION-883?
<trackbot> ACTION-883 -- Frederick Hirsch to review C14N 20 test cases document -- due 2012-04-10 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/883
ACTION-922?
<trackbot> ACTION-922 -- Frederick Hirsch to propose additional security consideration for XML Encryption 1.1 key separation and update draft -- due 2012-11-20 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/922
fjh: done by Juraj, revised by me
close ACTION-922
<trackbot> ACTION-922 Propose additional security consideration for XML Encryption 1.1 key separation and update draft closed
ACTION-921?
<trackbot> ACTION-921 -- Frederick Hirsch to update XML Signature 1.1 to address LC-2721 -- due 2012-11-20 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/921
close ACTION-921
<trackbot> ACTION-921 Update XML Signature 1.1 to address LC-2721 closed
ACTION-923?
<trackbot> ACTION-923 -- Frederick Hirsch to update Roadmap page to reflect current status -- due 2012-11-20 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/923
close ACTION-923
<trackbot> ACTION-923 Update Roadmap page to reflect current status closed
ISSUE-122?
<trackbot> ISSUE-122 -- Explain peformance improvements and rationale, relationship to earlier work, document, benchmarks -- open
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/122
ISSUE-234?
<trackbot> ISSUE-234 -- Reference SP800-56A later in publication process if the latest version is no longer a draft -- open
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/234
ISSUE-236?
<trackbot> ISSUE-236 -- Update all references in all Notes and Recs when publishing final REC? -- open
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/236