- From: Brown, Sam <sbrown@saonet.ucla.edu>
- Date: Thu, 30 Sep 1999 10:49:27 -0700
- To: "'Joseph M. Reagle Jr.'" <reagle@w3.org>, IETF/W3C XML-DSig WG <w3c-ietf-xmldsig@w3.org>
As and IS Manager in a Health Care setting I am interested in knowing what role the U.S. government is playing in the development of these specifications. I ask this because the Department of Health and Human Services is working on developing some security standards for electronic health data. I just want to see that the work of this group is aligned with what HHS is doing. HHS has not finalized their efforts but I've heard it will be by the end of the year. The following link has a general overview of what HHS is doing. http://waisgate.hhs.gov/cgi-bin/waisgate?WAISdocID=1292611759+0+0+0&WAISacti on=retrieve Sam Brown Information Systems Manager UCLA Arthur Ashe Student Health & Wellness Center (310) 206-6356 -----Original Message----- From: Joseph M. Reagle Jr. [mailto:reagle@w3.org] Sent: Thursday, September 30, 1999 10:44 AM To: IETF/W3C XML-DSig WG Subject: 990930 Minutes http://www.w3.org/Signature/Minutes/990930-tele.html [1]IETF [2]W3C [3]XML Signature WG 99-September-30 Chairs: Donald Eastlake and Joseph Reagle Note Taker: Joseph Reagle [[4]ascii] Participants * Donald Eastlake 3rd, IBM * Joseph Reagle, W3C * Mark Bartel, JetForms * John Boyer, UWI * David Solo, Citigroup, <david.solo@citicorp.com> * Barb Fox, Microsoft, [5]bfox@Exchange.Microsoft.com * Ed Simon , Entrust Technologies Inc. * [regrets] Todd Vincent, GSU Minutes Review of Outstanding Action Items * ACTION Fox: do we need to add a nonce? Barb still has it on her queue, experts are travelling. * ACTION Brown: send requirements and syntax comments to list. Sent requirement comments. Still needs to send syntax comments. * ACTION Reagle: Check with everything capitalized, bounce off Ralph. * [DEL: ACTION Reagle: tweak final time and move forward. Will do ASAP. :DEL] * [DEL: ACTION Eastlake: will reword and send to list. Done. :DEL] Requirements [6]xmldsig-requirements-991001.html [candidate InformationalRFC.] * WG agrees to move it as an ietf-draft and W3C TR, then last call and InfoRFC. Syntax * Section 3: Use it as content, try to be consistent throughout. * Section 4.3: Why is location optional? Should we make the default a reference to the root element minues the signature stuff? Reagle: this makes it impossible for other applications to understand the signature outside of that context. Go with default and put comment of beware of data model. * Section 4.3.1: Make value a content of element. * Section 4.3.2: use attribute to find those which might be signature attributes. CDATA, should URI or productions permitted by the MIME/TYPE spec. ACTION Eastlake: propose something. Action Reagle: Make into content. * Section 4.3.3: add a start to end of bnf, XSLT element. What happens if there is an XSLT in the document, and then the signer puts an XSLT on the document in the manifest. Consistent with the idea that we are not chasing references. * Section5: do we have types in the reference or in the object? Does the reference point to dsig:object:xml/text or to the type of the target. + reflect type="signatureattributes" from Don's proposal. + Need to define these clearly. * Section 7: Reagle will reflect what Mark sent. Solo: we need to define how things of multiple numeric qualities are carried in our context. (Need to do more than just provide a reference, but give a little more specifity.) Don nominates Richard's, ACTION: Bartel will send something by Monday. Need to define mandatory, recommended. ACTION: Reagle will check the RFC. * Reagle, will re-insert exclusions and edit such that XSLT/XPath/XPtr is deployed in the spec consistently. * Eastlake: do a serach for "identity" replace with "minimal." * Editors/Authors will have a call on Tuesday (1005) and 3PM EST. Closure on Closure * Didn't have any time, but see last [7]weeks minutes and email discussion. Resulting Action Items. * ACTION Reagle: finish edits to RD and send on its way. * ACTION Bartel: send AlgID by Monday * ACTION Eastlake: propose something on URI and MIME types. WG: disucuss.. * ACTION Reagle: check [8]RFC2119 to see if it defines mandatory, recommended, should. * ACTION Reagle: reflect these minutes in document and post by end of Friday. * ACTION Fox: do we need to add a nonce? Barb still has it on her queue, experts are travelling. * ACTION Brown: send requirements and syntax comments to list. Sent requirement comments. Still needs to send syntax comments. * ACTION Reagle: Check with everything capitalized, bounce off Ralph. References 1. http://www.ietf.org/ 2. http://www.w3.org/ 3. http://www.w3.org/Signature/Overview.html 4. http://www.w3.org/Signature/Minutes/990930-tele,text 5. mailto:bfox@Exchange.Microsoft.com 6. http://www.w3.org/Signature/Drafts/WD-xmldsig-requirements-991001.html 7. http://www.w3.org/Signature/Minutes/990923-tele.html 8. http://info.internet.isi.edu/in-notes/rfc/files/rfc2119.txt _________________________________________________________ Joseph Reagle Jr. Policy Analyst mailto:reagle@w3.org XML-Signature Co-Chair http://w3.org/People/Reagle/
Received on Thursday, 30 September 1999 13:53:09 UTC