W3C   XML Key Management Services WG

DRAFT 5th December 2002 XKMS Teleconference Minutes
Chairs: Stephen Farrell, Shivaram Mysore
Note Takers: Stephen Farrell

Last revised by $Author: sfarrell $ $Date: 2002/12/05 17:46:33 $


  1. Shivaram Mysore, Sun Microsystems
  2. Stephen Farrell, Baltimore
  3. Mike Just, Treasury Board of Canada Secretariat (TBS)
  4. Joseph Reagle, W3C
  5. Frederick Hirsch, Nokia
  6. Phill Hallam-Baker, Verisign
  7. Merlin Hughes, Baltimore
  8. Ed Simon, XMLsec


  1. Yassir Elley, Sun Microsystems
  2. Blair Dillaway, Microsoft


Agenda is to go through the issues with the specification document this week.

First checking actions from previous call.

Then AOB.

Last call's actions

  1. For Issue number explanation, refer to Issues List
  2. Issue #47: ACTION Blair to find code & send to Phill/list

    OPEN Blair DONE Phill OPEN (integrating)

  3. Issue #79, text needed ACTION Stephen Farrell, define fixed locate message (UseKeyWith value)


  4. Issue #85, close. Add sentence that nothing is idempotent (ACTION Mike Just to add to issues list)


Before getting into the issues list in detail: After we get next rev of requirements document first get W3C-wide last call for (need to update requirements document wrt message level security) and then ask OASIS WSS to review our requirements ACTION Joseph R. to provide requirements text. DONE

The issues list thingys:

#72: Intent still valid, but maybe mechanism (specific justificatory text everywhere) isn't right. Split optional vs. unbounded (ACTION Frederick to change requirements DONE); and (ACTION stephen OPEN) provide list of uses of unbounded and ask if we need justification Mike will open new issue against spec.

#74: Stays OPEN; (ACTION Mike J) to check if its done already (it may be) DONE

#75: Since decided that that requirement 2.1.12 should be removed, but ACTION Stephen DONE to re-raise on list esp wrt p#10 support. Meanwhile this is CLOSED (as a requirements issue)

#82: Req 2.4.5 is where the change to handle general compounding is to be made.OPEN - ACTION Freederick propose text for requirements doc covering compounding DONE

ACTION Mike/Frederick New one: Remove requirement that we need support for MgmtData. DONE

Make sure we refer to SOAP 1.2 everywhere instead of XMLP (unless something happens in SOAP 1.2's last call.) ACTION: Mike to create new/reopen issue. DONE

ACTION: Mike to update issues list prior to next call DONE

ACTION: Joseph to get Mike write access to issues list [1] and Frederick for the requirements document [2] DONE

ACTION Shivaram to update participant's list DONE

ACTION: Newly affiliated folks to send new agreement to list (repeat introductory email) DONE

Spec Issues

Issue#71: Client/responder conformance. Question "Should we..." is answered "yes", ACTION Phill to propose text implementing this.

Issue#25: On Phill's todo list

Issue#30,84,100: Relate to policy question. Discussion. ACTION PHB to send proposal to list on this. 100 can be CLOSED.

Issue#74: Still open

Issue#79: ACTION PHB to take account of list discussion in editing

Issue#96.103: On PHB todo;

Issue#105: CLOSE since Frederick is happy

Issue#108: Get rid of mgmtdata entirely

Issue#4: CLOSE

ACTION "Confirmation of resolution needed" list needs to be gone through between Mike and Phill offline and Mike to update issues list then.

Merlin speaks. Issue#57 goes back to open (ACTION Mike)

ACTION Merlin to send mail re status query.

Ed wants us to use exclusive canonicalization. Already agreed to be a MUST. ACTION Mike to raise a new issue that this is clear everywhere. ACTION on Ed to raise on list for pointing purposes


SHA1 for passphrases etc. Push this off to WSDL whenever it works.

Private key encoding/encrypting. Suggestion to use the passphrase to auth D-H to get PFS. ACTION on PHB to raise on IRTF crypto research group.

Next Telecons