# XML Security Working Group Teleconference

## 08 Jan 2013

[Agenda][3]

See also: [IRC log][4]

## Attendees

Present

    Frederick_Hirsch, Bruce_Rich, Scott_Cantor

Regrets


Chair

    Frederick_Hirsch

Scribe

    fjh

## Contents

  * [Topics][5]

    1. [Administrative: Agenda review, Announcements][6]

    2. [Minutes Approval][7]

    3. [PR CfC status: XML Encryption 1.1, XML Signature 1.1, XML Signature
Properties][8]

    4. [Note publications: "XML Security Algorithm Cross-Reference", "XML
Security 1.1 Requirements and Design Considerations", "XML Security Generic
Hybrid Ciphers",][9]

    5. [Note publication: "Functional Explanation of Changes in XML Encryption
1.1"][10]

    6. [Note publication: "XML Security RELAX NG Schemas"][11]

    7. [Algorithm review][12]

    8. [Roadmap][13]

    9. [Signature question on list][14]

    10. [Action items][15]

    11. [Issue review][16]

    12. [Other business][17]

    13. [Adjourn][18]

  * [Summary of Action Items][19]

* * *

<trackbot> Date: 08 January 2013

<scribe> ScribeNick: fjh

### Administrative: Agenda review, Announcements

Happy New Year to all.

### Minutes Approval

Approve minutes from 4 December 2012

[http://lists.w3.org/Archives/Public/public-
xmlsec/2012Dec/att-0018/minutes-2012-12-04.html][20]

**RESOLUTION: Minutes from 4 December 2012 are approved.**

### PR CfC status: XML Encryption 1.1, XML Signature 1.1, XML Signature
Properties

Plan publication on 17 January, assuming transition request approved in time.

Call for Consensus completed (CfC) with support for all specs, no objections
(see list)

CfC messages:

[http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0015.html][21],

[http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0013.html][22] ,

[http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0014.html][23]

Transition approval step with W3C Team desired to happen soon to enable
publication 17 January.

fjh: have started process leading to formal transition approval request
including review

... have entered official tracker entries for comments from Juraj so we can
officially record and close those

... thomas also noticed an issue with the PAG page and is checking internally
to fix that

... once we have these issues fixed I believe we can move forward with the
official transition request process

... I have also updated the ReSpec tool to support PR, updating the
boilerplate and enabling prEnd etc

... I have also updated the references and requested the git pull, that all
should be in the next official ReSpec build (including PR changes)

... this is the message to Juraj listing the tracker entries and requesting
confirmation -> [http://lists.w3.org/Archives/Public/public-
xmlsec/2013Jan/0014.html][24]

PR drafts available, XML Encryption 1.1, XML Signature 1.1, XML Signature
Properties

see [http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0000.html][25]

removed the at-risk 'Created', 'Expires' and 'ReplayProtect' items from the
schema and external example file associated with the XML Signature Properties
draft

removed 'OCSPResponse' from schema file associated with XML Signature 1.1 (bug
fix)

### Note publications: "XML Security Algorithm Cross-Reference", "XML Security
1.1 Requirements and Design Considerations", "XML Security Generic Hybrid
Ciphers",

CfC completed and received support on list:
[http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0016.html][26]

Publication drafts prepared but will need update for RELAX NG Schemas Note
reference.

Please review status, abstract and introduction for Generic Hybrid Ciphers
note - [http://www.w3.org/2008/xmlsec/Drafts/generic-hybrid-
ciphers/2013-01-NOTE/Overview.html][27]

Please review updated Best Practices examples (formatting, bug fixes and
moving links out of examples) - [http://www.w3.org/2008/xmlsec/Drafts/best-
practices/2013-01-Note/Overview.html][28]

Plan publication on 17 January.

### Note publication: "Functional Explanation of Changes in XML Encryption
1.1"

Approved with XML Encryption 1.1 PR CfC.

Updated draft, [http://lists.w3.org/Archives/Public/public-
xmlsec/2013Jan/0001.html][29]

### Note publication: "XML Security RELAX NG Schemas"

CfC to publish update, removing 'Created', 'Expires' and 'ReplayProtect' and
'OCSPResponse' from schema files and updating references received support

[http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0005.html][30]

plan to publish update on 17 January

### Algorithm review

Please review and include xmlsec public list in comments:
[http://tools.ietf.org/html/draft-eastlake-additional-xmlsec-uris-05][31]

### Roadmap

Updated roadmap for 1.1 : [http://www.w3.org/2008/xmlsec/wiki/Roadmap#The_foll
owing_steps_are_planned_for_XML_Security_1.1][32]

decision discussion : update XML Security 2.0 drafts with recent changes to
XML Security 1.1 drafts and publish as Notes, completing work?

fjh: we need to update the 2.0 specifications to align with recent changes in
1.1 and then it is likely that we will publish as W3C WG Notes

### Signature question on list

fjh: we have responded to this question - I believe they can do what they wish
but need to get the References right

[http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0032.html][33]

[http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0015.html][34]

[http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0010.html][35]

### Action items

ACTION-883?

<trackbot> ACTION-883 -- Frederick Hirsch to review C14N 20 test cases
document -- due 2012-04-10 -- OPEN

<trackbot> [http://www.w3.org/2008/xmlsec/track/actions/883][36]

fjh: plan to defer unless we progress 2.0

close ACTION-883

<trackbot> Closed ACTION-883 Review C14N 20 test cases document.

ACTION-928?

<trackbot> ACTION-928 -- Frederick Hirsch to submit transition request to
Proposed Recommendation for XML Encryption 1.1, XML Signature 1.1 and XML
Signature Properties once Exclusion Period for XML Encryption 1.1 is
completed, after 17 December and CfCs approved -- due 2012-12-11 -- OPEN

<trackbot> [http://www.w3.org/2008/xmlsec/track/actions/928][37]

<scribe> in progress

### Issue review

ISSUE-236?

<trackbot> ISSUE-236 -- Update all references in all Notes and Recs when
publishing final REC? -- open

<trackbot> [http://www.w3.org/2008/xmlsec/track/issues/236][38]

Plan to have references up to date during each publication as part of normal
process so no need for explicit issue for this one

close ISSUE-236

<trackbot> Closed ISSUE-236 Update all references in all Notes and Recs when
publishing final REC?.

ISSUE-234?

<trackbot> ISSUE-234 -- Reference SP800-56A later in publication process if
the latest version is no longer a draft -- open

<trackbot> [http://www.w3.org/2008/xmlsec/track/issues/234][39]

ISSUE-122?

<trackbot> ISSUE-122 -- Explain peformance improvements and rationale,
relationship to earlier work, document, benchmarks -- open

<trackbot> [http://www.w3.org/2008/xmlsec/track/issues/122][40]

we should address this issue as part of deciding how to progress 2.0

### Other business

fjh: we will have calls as needed, looks like we may be near completing 1.1
work

... once we have PR publication I believe not much will be required to
transition to Recommendation unless there are AC review concerns

brich: thanks for your work on chairing and excellent leadership

scantor: +1

fjh: thanks, and thanks for all your work as well

### Adjourn

## Summary of Action Items

[End of minutes]

* * *

Minutes formatted by David Booth's [scribe.perl][41] version 1.135 ([CVS
log][42])

$Date: 2009-03-02 03:52:20 $

   [1]: http://www.w3.org/Icons/w3c_home

   [2]: http://www.w3.org/

   [3]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0007.html

   [4]: http://www.w3.org/2013/01/08-xmlsec-irc

   [5]: #agenda

   [6]: #item01

   [7]: #item02

   [8]: #item03

   [9]: #item04

   [10]: #item05

   [11]: #item06

   [12]: #item07

   [13]: #item08

   [14]: #item09

   [15]: #item10

   [16]: #item11

   [17]: #item12

   [18]: #item13

   [19]: #ActionSummary

   [20]: http://lists.w3.org/Archives/Public/public-
xmlsec/2012Dec/att-0018/minutes-2012-12-04.html

   [21]: http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0015.html

   [22]: http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0013.html

   [23]: http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0014.html

   [24]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0014.html

   [25]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0000.html

   [26]: http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0016.html

   [27]: http://www.w3.org/2008/xmlsec/Drafts/generic-hybrid-
ciphers/2013-01-NOTE/Overview.html

   [28]: http://www.w3.org/2008/xmlsec/Drafts/best-
practices/2013-01-Note/Overview.html

   [29]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0001.html

   [30]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0005.html

   [31]: http://tools.ietf.org/html/draft-eastlake-additional-xmlsec-uris-05

   [32]: http://www.w3.org/2008/xmlsec/wiki/Roadmap#The_following_steps_are_pl
anned_for_XML_Security_1.1

   [33]: http://lists.w3.org/Archives/Public/public-xmlsec/2012Dec/0032.html

   [34]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0015.html

   [35]: http://lists.w3.org/Archives/Public/public-xmlsec/2013Jan/0010.html

   [36]: http://www.w3.org/2008/xmlsec/track/actions/883

   [37]: http://www.w3.org/2008/xmlsec/track/actions/928

   [38]: http://www.w3.org/2008/xmlsec/track/issues/236

   [39]: http://www.w3.org/2008/xmlsec/track/issues/234

   [40]: http://www.w3.org/2008/xmlsec/track/issues/122

   [41]: http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm

   [42]: http://dev.w3.org/cvsweb/2002/scribe/