Minutes:1999.04.28 XML Syntax WG from Joseph M. Reagle Jr. on 1999-04-28 (w3c-xml-sig-ws@w3.org from April 1999)

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Wed, 28 Apr 1999 15:16:44 -0400
To: "XML-DSig Workshop" <w3c-xml-sig-ws@w3.org>
Message-Id: <3.0.5.32.19990428151644.009e2b70@localhost>
I don't plan to necessarily do this every week, but I thought I would
forward these Syntax WG notes on given their relevance and since I was
purporting to represent workshop consensus. 

C14N: short hand for canonicalization.
RD: Requirements Document
        http://www.w3.org/TR/NOTE-xml-canonical-req

Excerpt Text ----
 
 In attendance: Joel Nava, Tim Bray (in part), James Tauber,
 Joseph Reagle, Murata Makoto, Tim Boland, ...

...

 > 4. Canonicalization
 > 
 > On the Needs of the Dsig Workshop for Canonical XML we had an email
 > report from Joseph:
 >  http://lists.w3.org/Archives/Member/w3c-xml-syntax-wg/1999Apr/0076.html
 > 
 > Perhaps, we can get a more through report from Joseph, in the
 > teleconference to see what we need to do to support XML DSig
 > in C14N.
 
 Which we got.
 
 Resolved: We agree to add Schiller's proposal to RD. Seeing as we all
 believe that our work on C14N would certainly meet that test. [I guess
 that this means that this would also make it into the WD?] See:
  http://lists.w3.org/Archives/Member/w3c-xml-syntax-wg/1999Apr/0096.html
 
 Joseph: Had Workshop - I18N not so important, but don't change the
 character compositions. Imagine collaberating on a document with signed
 pieces with colleagues in Europe using editors that change character 
 composition. 
 [Should  we have a motherhood note that says to beware of taking signed
 documents into text editors, if they want the C14N to be the same
 before and after, and thus not break the security?]
 
 3 levels of XML to Sign:
 
 1) Byte level
 2) Conversion to the standard encoding in use by the C14N Spec.
 3) Full C14N, as described in the REC to be.
 
 New Co-IETF/W3C working group is being formed for XML-DSig. We
 note that the group has agreed that email discussions on C14N in
 our mailing list can be summarized, or cross posted as needed
 to the new group to facilitate coordination. We agreed on this
 by an email vote, and realize that the XML-DSig mail list will
 be public. Joseph is the informal liaison to this group, from that
 group to be.
 
 ACTION: James Tauber to put a req. in the RD about coordination
 with soon to be XML-DSig WG, including whether to hold up last
 call, PR, REC process after group has finished work, but XML-Dsig
 WG needs us to wait. We noted no hard deadlines on C14N besides
 the schedule for the completion of this WG.
 
 Joseph: What do we mean by entity expansion in C14N version?
 James: We expand all entities and put in place. No longer
 know where the entity boundaries are in the C14N form of the
 document.
 
 ACTION: James Tauber to send early WD to Joseph for early review
 of security issues.
 
 Joseph: DOCTYPE not part of C14N version, doesn't this cause a
 problem?
 
 James: We use all the available DTD information to create the
 C14N version, but there is no DTD in the C14N form.
 
 Joel: Put motherhood note in WD to explain namespaces better
 for document references than the reference to the DTD in the
 DOCTYPE declaration.
 
 Note in WD, that people may want to make docs standalone if
 DTD availability is in doubt.
 
 James Tauber: He is making a note with an Algorithm for making
 any XML doc standalone='yes', after he has finished the first WD.
 Joel: This could be a non-normative appendix in the spec.
 
 James Tauber: Need responses to email on C14N for processor
 conformance testing. See:
  http://lists.w3.org/Archives/Member/w3c-xml-syntax-wg/1999Apr/0101.html
 
 James Tauber: Any need to worry about processing limited devices in RD?
 
 Joseph: Another motherhood note: If low on processing power use byte
 level conformance for XML-DSig.
 
 James Tauber: How small could a c14n processor be. Does anyone plan
 to build one? Volunteers?
 
 Joseph: What about extra processing by application?
 
 Joel: You can build it into a C14N processor if you want, but now it is
 not a conforming C14N processor, it's an application specific C14N
 processor.
 
 > Besides that we are awaiting a new RD, and a first WD from James
 > Tauber to review.
 
 RD was published just before the meeting. We can expect a first WD
 very soon.
 

End Forwarded Text ----
___________________________________________________________
Joseph Reagle Jr.  W3C:     http://www.w3.org/People/Reagle/
Policy Analyst     Personal:  http://web.mit.edu/reagle/www/
                   mailto:reagle@w3.org
Received on Wednesday, 28 April 1999 15:17:03 UTC