RE: 990930 Minutes

As and IS Manager in a Health Care setting I am interested in knowing what
role the U.S. government is playing in the development of these
specifications.  I ask this because the Department of Health and Human
Services is working on developing some security standards for electronic
health data.  I just want to see that the work of this group is aligned with
what HHS is doing.  HHS has not finalized their efforts but I've heard it
will be by the end of the year.  The following link has a general overview
of what HHS is doing.


http://waisgate.hhs.gov/cgi-bin/waisgate?WAISdocID=1292611759+0+0+0&WAISacti
on=retrieve


Sam Brown
Information Systems Manager
UCLA Arthur Ashe Student Health & Wellness Center
(310) 206-6356

-----Original Message-----
From: Joseph M. Reagle Jr. [mailto:reagle@w3.org]
Sent: Thursday, September 30, 1999 10:44 AM
To: IETF/W3C XML-DSig WG
Subject: 990930 Minutes

http://www.w3.org/Signature/Minutes/990930-tele.html

                     [1]IETF [2]W3C   [3]XML Signature WG
                                      
  99-September-30
  Chairs: Donald Eastlake and Joseph Reagle
  Note Taker: Joseph Reagle [[4]ascii]
 
Participants

     * Donald Eastlake 3rd, IBM
     * Joseph Reagle, W3C
     * Mark Bartel, JetForms
     * John Boyer, UWI
     * David Solo, Citigroup, <david.solo@citicorp.com>
     * Barb Fox, Microsoft, [5]bfox@Exchange.Microsoft.com
     * Ed Simon , Entrust Technologies Inc.
     * [regrets] Todd Vincent, GSU
      
Minutes

   Review of Outstanding Action Items
     * ACTION Fox: do we need to add a nonce? Barb still has it on her
       queue, experts are travelling.
     * ACTION Brown: send requirements and syntax comments to list. Sent
       requirement comments. Still needs to send syntax comments.
     * ACTION Reagle: Check with everything capitalized, bounce off
       Ralph.
     * [DEL: ACTION Reagle: tweak final time and move forward. Will do
       ASAP. :DEL]
     * [DEL: ACTION Eastlake: will reword and send to list. Done. :DEL]
      
  Requirements
 
   [6]xmldsig-requirements-991001.html [candidate InformationalRFC.]
     * WG agrees to move it as an ietf-draft and W3C TR, then last call
       and InfoRFC.
      
  Syntax
 
     * Section 3: Use it as content, try to be consistent throughout.
     * Section 4.3: Why is location optional? Should we make the default
       a reference to the root element minues the signature stuff?
       Reagle: this makes it impossible for other applications to
       understand the signature outside of that context. Go with default
       and put comment of beware of data model.
     * Section 4.3.1: Make value a content of element.
     * Section 4.3.2: use attribute to find those which might be
       signature attributes. CDATA, should URI or productions permitted
       by the MIME/TYPE spec. ACTION Eastlake: propose something. Action
       Reagle: Make into content.
     * Section 4.3.3: add a start to end of bnf, XSLT element. What
       happens if there is an XSLT in the document, and then the signer
       puts an XSLT on the document in the manifest. Consistent with the
       idea that we are not chasing references.
     * Section5: do we have types in the reference or in the object? Does
       the reference point to dsig:object:xml/text or to the type of the
       target.
          + reflect type="signatureattributes" from Don's proposal.
          + Need to define these clearly.
     * Section 7: Reagle will reflect what Mark sent. Solo: we need to
       define how things of multiple numeric qualities are carried in our
       context. (Need to do more than just provide a reference, but give
       a little more specifity.) Don nominates Richard's, ACTION: Bartel
       will send something by Monday.  Need to define mandatory,
       recommended. ACTION: Reagle will check the RFC.
     * Reagle, will re-insert exclusions and edit such that
       XSLT/XPath/XPtr is deployed in the spec consistently.
     * Eastlake: do a serach for "identity" replace with "minimal."
     * Editors/Authors will have a call on Tuesday (1005) and 3PM EST.
      
  Closure on Closure
 
     * Didn't have any time, but see last [7]weeks minutes and email
       discussion.
      
  Resulting Action Items.
 
     * ACTION Reagle: finish edits to RD and send on its way.
     * ACTION Bartel: send AlgID by Monday
     * ACTION Eastlake: propose something on URI and MIME types. WG:
       disucuss..
     * ACTION Reagle: check [8]RFC2119 to see if it defines mandatory,
       recommended, should.
     * ACTION Reagle: reflect these minutes in document and post by end
       of Friday.
      
     * ACTION Fox: do we need to add a nonce? Barb still has it on her
       queue, experts are travelling.
     * ACTION Brown: send requirements and syntax comments to list. Sent
       requirement comments. Still needs to send syntax comments.
     * ACTION Reagle: Check with everything capitalized, bounce off
       Ralph.

References

   1. http://www.ietf.org/
   2. http://www.w3.org/
   3. http://www.w3.org/Signature/Overview.html
   4. http://www.w3.org/Signature/Minutes/990930-tele,text
   5. mailto:bfox@Exchange.Microsoft.com
   6. http://www.w3.org/Signature/Drafts/WD-xmldsig-requirements-991001.html
   7. http://www.w3.org/Signature/Minutes/990923-tele.html
   8. http://info.internet.isi.edu/in-notes/rfc/files/rfc2119.txt



_________________________________________________________
Joseph Reagle Jr.  
Policy Analyst           mailto:reagle@w3.org
XML-Signature Co-Chair   http://w3.org/People/Reagle/

Received on Thursday, 30 September 1999 13:53:09 UTC