IRC log of xmlsec on 2008-04-15

Timestamps are in UTC.

12:44:54 [RRSAgent]

RRSAgent has joined #xmlsec

12:44:54 [RRSAgent]

logging to http://www.w3.org/2008/04/15-xmlsec-irc

12:44:56 [trackbot-ng]

RRSAgent, make logs public

12:44:56 [Zakim]

Zakim has joined #xmlsec

12:44:58 [trackbot-ng]

Zakim, this will be XMLSEC

12:44:58 [Zakim]

ok, trackbot-ng; I see T&S_XMLSEC()9:00AM scheduled to start in 16 minutes

12:44:59 [trackbot-ng]

Meeting: XML Security Specifications Maintenance Working Group Teleconference

12:44:59 [trackbot-ng]

Date: 15 April 2008

12:46:29 [fjh]

fjh has joined #xmlsec

12:46:50 [fjh]

zakim, who is here?

12:46:50 [Zakim]

T&S_XMLSEC()9:00AM has not yet started, fjh

12:46:51 [Zakim]

On IRC I see fjh, Zakim, RRSAgent, tlr, trackbot-ng

12:47:36 [fjh]

Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Apr/0016.html

12:47:42 [fjh]

Chair: Frederick Hirsch

12:48:12 [fjh]

Scribe: John Wray

12:50:01 [Zakim]

T&S_XMLSEC()9:00AM has now started

12:50:08 [Zakim]

+ +1.978.888.aaaa

12:50:13 [tlr]

zakim, call thomas-781

12:50:13 [Zakim]

ok, tlr; the call is being made

12:50:14 [Zakim]

+Thomas

12:50:49 [Zakim]

+Frederick_Hirsch

12:50:49 [tlr]

zakim, aaaa is jwray

12:50:51 [Zakim]

+jwray; got it

12:51:43 [fjh]

zakim, who is here?

12:51:43 [Zakim]

On the phone I see jwray, Thomas, Frederick_Hirsch

12:51:44 [Zakim]

On IRC I see fjh, Zakim, RRSAgent, tlr, trackbot-ng

12:52:51 [fjh]

Topic: Administrative

12:54:35 [sean]

sean has joined #xmlsec

12:54:45 [CGI421]

CGI421 has joined #xmlsec

12:55:26 [jcc]

jcc has joined #xmlsec

12:57:53 [fjh]

Topic: Meeting Planning

12:58:53 [Zakim]

+??P4

12:59:15 [fjh]

zakim, p4 is rob miller

12:59:15 [Zakim]

I don't understand 'p4 is rob miller', fjh

12:59:37 [tlr]

zakim, ??P4 is rob miller

12:59:37 [Zakim]

I don't understand '??P4 is rob miller', tlr

12:59:44 [Zakim]

+ +1.617.876.aabb

12:59:45 [tlr]

zakim, ??P4 is RobMiller

12:59:45 [Zakim]

+RobMiller; got it

13:00:03 [fjh]

zakim, aabb is sean

13:00:03 [Zakim]

+sean; got it

13:00:09 [fjh]

zakim, who is here?

13:00:09 [Zakim]

On the phone I see jwray, Thomas, Frederick_Hirsch, RobMiller, sean

13:00:10 [Zakim]

On IRC I see jcc, sean, fjh, Zakim, RRSAgent, tlr, trackbot-ng

13:00:11 [Zakim]

+Ed_Simon

13:00:19 [Zakim]

+ +1.512.401.aacc

13:00:21 [brich]

brich has joined #xmlsec

13:00:33 [fjh]

zakim, aacc is brich

13:00:33 [Zakim]

+brich; got it

13:00:39 [fjh]

zakim, who is here?

13:00:39 [Zakim]

On the phone I see jwray, Thomas, Frederick_Hirsch, RobMiller, sean, Ed_Simon, brich

13:00:41 [Zakim]

On IRC I see brich, jcc, sean, fjh, Zakim, RRSAgent, tlr, trackbot-ng

13:01:45 [PHB]

PHB has joined #xmlsec

13:01:57 [PHB]

zakim, code?

13:01:57 [Zakim]

the conference code is 965732 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), PHB

13:02:07 [Zakim]

+??P13

13:02:23 [Zakim]

+PHB

13:02:23 [EdS]

EdS has joined #xmlsec

13:02:40 [fjh]

zakim, P13 is jcc

13:02:40 [Zakim]

sorry, fjh, I do not recognize a party named 'P13'

13:02:41 [pdatta]

pdatta has joined #xmlsec

13:02:49 [fjh]

zakim, ??P13 is jcc

13:02:49 [Zakim]

+jcc; got it

13:02:56 [fjh]

zakim, who is here?

13:02:56 [Zakim]

On the phone I see jwray, Thomas, Frederick_Hirsch, RobMiller, sean, Ed_Simon, brich, jcc, PHB

13:02:59 [Zakim]

On IRC I see pdatta, EdS, PHB, brich, jcc, sean, fjh, Zakim, RRSAgent, tlr, trackbot-ng

13:03:17 [Zakim]

+Hal_Lockhart

13:03:59 [Zakim]

+James_Nurthen

13:04:19 [tlr]

zakim, James_Nurthen is really Pratik_Datta

13:04:31 [Zakim]

+Pratik_Datta; got it

13:04:48 [fjh]

zakim, who is here?

13:04:53 [Zakim]

On the phone I see jwray, Thomas, Frederick_Hirsch, RobMiller, sean, Ed_Simon, brich, jcc, PHB, Hal_Lockhart, Pratik_Datta

13:05:04 [Zakim]

On IRC I see pdatta, EdS, PHB, brich, jcc, sean, fjh, Zakim, RRSAgent, tlr, trackbot-ng

13:05:08 [klanz2]

klanz2 has joined #xmlsec

13:05:48 [tlr]

ScribeNick: tlr

13:06:14 [shivaram]

shivaram has joined #xmlsec

13:06:37 [tlr]

zakim, call thomas-781

13:06:37 [Zakim]

ok, tlr; the call is being made

13:06:39 [Zakim]

+Thomas.a

13:06:46 [tlr]

zakim, drop Thomas

13:06:46 [Zakim]

Thomas is being disconnected

13:06:47 [Zakim]

-Thomas

13:06:52 [Zakim]

+ +1.408.907.aadd

13:07:05 [fjh]

next call is 6 May

13:07:14 [shivaram]

zakim, aadd is shivaram

13:07:14 [Zakim]

+shivaram; got it

13:07:29 [tlr]

Frederick: next meeting 6 May, Shivaram to scribe

13:07:46 [shivaram]

zakim, mute me

13:07:46 [Zakim]

shivaram should now be muted

13:08:01 [tlr]

frederick: sent material to WS-I

13:08:07 [fjh]

WAF widget signing: http://www.w3.org/TR/widgets-digsig/

13:08:14 [tlr]

... widget signing is FPWD now ...

13:08:22 [tlr]

... you may want to review latest draft ...

13:08:33 [fjh]

minutes - http://www.w3.org/2008/04/01-xmlsec-minutes.html

13:08:34 [tlr]

topic: minutes from last meeting

13:08:43 [tlr]

RESOLUTION: approved

13:09:03 [fjh]

Dsig AC Reps http://www.w3.org/2002/09/wbs/33280/xmlsigper2008/

13:09:08 [Zakim]

+mscottm

13:09:10 [klanz2]

zakim, ? is klanz2

13:09:10 [Zakim]

sorry, klanz2, I do not recognize a party named '?'

13:09:23 [tlr]

zakim, mscottm is really klanz2

13:09:23 [Zakim]

+klanz2; got it

13:10:19 [fjh]

http://www.w3.org/2002/09/wbs/33280/xmlsec2008/

13:10:24 [tlr]

frederick: please make sure your AC reps submit reviews for PER and charter

13:10:33 [tlr]

... chartering deadline is 2 may

13:10:44 [tlr]

... contacting AC reps now might be helpful

13:10:57 [hal]

hal has joined #xmlsec

13:11:14 [tlr]

... face-to-face schedule for kick-off getting tight

13:11:20 [tlr]

... propose week of 14 July ...

13:11:33 [tlr]

... how would that work? ...

13:11:42 [brich]

that would be a problem for me

13:11:49 [tlr]

juan carlos: would be a problem - holiday starting on the 15th

13:12:20 [sean]

q+

13:12:30 [tlr]

hal: first time I heard the date

13:12:31 [EdS]

I would have to check for conflicts too.

13:12:38 [sean]

q-

13:12:39 [tlr]

... no conflicts off the top of my head

13:12:53 [tlr]

hal: location?

13:13:07 [PHB]

q+

13:13:16 [tlr]

frederick: had two offers from Europe (Barcelona or Graz) ...

13:13:49 [tlr]

jcc: number?

13:14:00 [tlr]

frederick: 15-20 as wild guess

13:14:22 [tlr]

juan carlos: will check, may have some degrees of freedom

13:14:32 [tlr]

hal: Can host in Boston or Bay for < 30

13:15:04 [tlr]

frederick: please share possibilities on member-visible list, what dates work, etc.

13:15:27 [tlr]

frederick: konrad?

13:15:40 [tlr]

konrad: umh

13:15:47 [tlr]

tlr: talked to Peter last week, he said the offer is on

13:16:16 [tlr]

pbaker: please make Tue-Thu, not Mon or Fri

13:16:19 [tlr]

frederick: reasonable

13:16:30 [klanz2]

;-)

13:16:51 [tlr]

topic: test case document

13:16:59 [klanz2]

s/;-)//

13:17:31 [tlr]

frederick: some editorial clean-up from Thomas, some content-wise from Sean

13:17:38 [fjh]

http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Apr/0015.htm

13:17:44 [tlr]

sean: main change in section 3.2

13:17:45 [fjh]

section 3.3.4 and fixed reference

13:17:51 [tlr]

s/3.2/3.3.4/

13:18:06 [tlr]

... explained optional behavior for generation, mandatory for verification ...

13:18:11 [tlr]

... improved wording, added rationale, etc ...

13:18:18 [tlr]

... tried to improve readability of section

13:18:24 [tlr]

frederick: don't know if people have reviewed

13:19:26 [fjh]

tlr: fixed markup, references, added text about conformance

13:19:40 [fjh]

... added sectioning for individual test cases for ease of use

13:20:39 [tlr]

(discussion about make vs ant build processes)

13:21:39 [tlr]

frederick: process for moving forward?

13:21:47 [tlr]

tlr: moratorium ends 28 April

13:21:56 [tlr]

frederick: expect to proceed with publication if don't hear by then

13:22:19 [tlr]

topic: Relax NG schema

13:22:23 [fjh]

http://www.w3.org/2007/xmlsec/Drafts/xmldsig-rngschema/

13:22:50 [fjh]

tlr: request on original xmlsig list related to Open Office XML

13:23:02 [fjh]

... desire to have normative reference to Relax NG schema

13:23:15 [fjh]

... original version from Joseph Reagle on W3C site

13:23:43 [fjh]

... rather than having it copied, a Note might be preferable, especially since they wanted Compact Syntax which had not yet been created.

13:24:19 [fjh]

... Proposal, have minimal WG Note with both Relax NG full and compact syntax. Not normative document.

13:24:42 [fjh]

... Need review of Relax NG schema for correctness

13:24:53 [fjh]

s/review/WG review

13:25:25 [tlr]

http://www.w3.org/2007/xmlsec/Drafts/xmldsig-rngschema/

13:25:26 [klanz2]

we do not support Relax NG

13:26:01 [shivaram]

How many support Relax NG?

13:26:22 [tlr]

RobMiller: put out call on internal list for review

13:26:30 [tlr]

... will report back if/when there's more information ...

13:26:44 [tlr]

hal: not committing anything either

13:26:53 [klanz2]

well, we can parse what xalan can parse, but we'll always the signautre itself against xmlschema

13:27:17 [klanz2]

s/always the/always check/

13:27:31 [klanz2]

ack klanz2

13:27:34 [tlr]

frederick: what's your message in the chat saying?

13:28:06 [tlr]

klanz: we can try to validate a bunch of signatures against RNG schema

13:28:32 [fjh]

ack phb

13:29:24 [tlr]

frederick: konrad, if there's anything immediately noticeable, please say

13:29:39 [tlr]

topic: best practices

13:29:46 [tlr]

http://www.w3.org/2007/xmlsec/Drafts/xmldsig-bestpractices/

13:30:42 [tlr]

frederick: tried to rework what Hal and Pratik had posted into that format

13:31:15 [klanz2]

q+

13:31:41 [tlr]

pratik: on xpath, had a list of xpath expressions

13:32:17 [tlr]

... example there was complex xpath that was signing no node ...

13:33:41 [tlr]

frederick: more on nodes?

13:33:46 [tlr]

hal: need bunch of references

13:33:57 [tlr]

... plan to do 5 more or so on the topics ...

13:34:02 [tlr]

... depth, different issues ...

13:34:28 [tlr]

... there's also some controversial issues ...

13:34:34 [tlr]

... will attempt to identify where people might disagree ...

13:34:35 [jcc]

q+

13:34:58 [tlr]

hal: question what's most expedient

13:35:09 [tlr]

ack klanz

13:35:11 [fjh]

ack klanz

13:35:23 [klanz2]

ack klanz2

13:36:06 [fjh]

ws-i bsp "threats and countermeasures"

13:36:10 [tlr]

klanz2: think we should do some more referencing

13:36:15 [tlr]

... where others have done work ...

13:36:39 [tlr]

... there are some that are narrow xmldsig, some are about stuff on top of xmldsig ...

13:36:44 [tlr]

... time stamps are more broadly ...

13:36:55 [fjh]

wider sense - e.g. application usage of xml signature

13:36:57 [tlr]

... xpath and canonicalization are narrower ...

13:37:03 [tlr]

... think there's a natural partition ...

13:37:10 [fjh]

narrow sense - detail of xml signature standard itself

13:37:28 [tlr]

hal: agree there's a logical division, not sure how easy to do

13:37:32 [tlr]

... and how useful to the reader ...

13:37:45 [tlr]

... I'd think you'd always want to put in a time stamp ...

13:38:00 [fjh]

question of defining roles, target audience for individual best practices

13:38:04 [tlr]

... some of the other concerns only a few people will run into ...

13:38:31 [tlr]

klanz: some applications might simply assume "signature was made during validity period"

13:39:14 [tlr]

... some points here go into PKI validation ...

13:39:23 [tlr]

... time stamping belongs there, too ...

13:39:32 [tlr]

frederick: there are different audiences

13:39:58 [tlr]

hal: want to talk about references

13:40:09 [tlr]

... what we learned doing in WSS ...

13:40:16 [tlr]

... what things turned out to be bad ideas ...

13:40:19 [tlr]

... are deprecated ..

13:40:22 [tlr]

... lots of stuff around that ...

13:40:42 [fjh]

need to discuss referencing

13:40:45 [tlr]

q?

13:40:48 [tlr]

ack jcc

13:40:48 [fjh]

acc jcc

13:40:51 [fjh]

ack jcc

13:40:57 [tlr]

jcc: what are the plans for the production of best practices

13:41:10 [tlr]

... do we expect people to provide material, and people may comment on the material ...

13:41:24 [tlr]

... what's the expectation?

13:41:49 [tlr]

frederick: two aspects to this question

13:41:54 [tlr]

... first one, what's WG process

13:42:03 [tlr]

... second one, what are the broader implications

13:42:07 [tlr]

... this is obviously a draft ...

13:42:15 [tlr]

... need agreement in the WG ...

13:42:29 [tlr]

... trying to put something down, then correct ...

13:42:36 [tlr]

... as opposed to inching toward it piecewise ...

13:42:40 [tlr]

... do stuff on list, get it started ...

13:42:52 [tlr]

... so, please comment ...

13:43:01 [tlr]

... broader question - how play out in general community ...

13:43:13 [tlr]

... is it important for us to get external feedback?

13:43:16 [tlr]

... e.g., WS-I, OASIS?

13:43:19 [tlr]

q+

13:43:26 [tlr]

... what's the right process

13:44:12 [hal]

+1

13:44:12 [shivaram]

I would suggest an informal notice to all of these groups and have them comment on public mailing list. We can then invite them as needed.

13:45:00 [klanz2]

tlr: Intended to be a Note

13:45:39 [klanz2]

... we can do a Deliverable like this in the next WG even without having it in the charter (process wise)

13:45:58 [fjh]

tlr: can start and hand off to follow on WG

13:46:28 [klanz2]

tlr: we can make working tdafts to notes

13:46:41 [fjh]

tlr: can produce version, can publish as public WD to have continued by follow on wg, and seek input

13:46:43 [klanz2]

s/tdafts/drafts/

13:46:52 [fjh]

s/input/external input

13:46:59 [jcc]

q+

13:47:00 [klanz2]

q+

13:47:21 [tlr]

q-

13:47:23 [tlr]

jcc: personal feeling is that external review would be extremely useful

13:47:30 [fjh]

ack jcc

13:47:34 [tlr]

.... e.g., etsi has time-stamp related formats on top of dsig

13:47:46 [fjh]

ack klanz

13:48:02 [hal]

q+

13:48:02 [klanz2]

http://lists.w3.org/Archives/Public/public-xmlsec-comments/

13:48:04 [tlr]

klanz2: can we use the comments mailing list?

13:48:18 [tlr]

... for people to send input?

13:48:19 [tlr]

tlr: yes

13:48:23 [fjh]

tlr: this list is appropriate

13:48:47 [tlr]

frederick: will take a bit of time to have an initial version that we're comfortable with

13:48:52 [tlr]

... can start public review at that point ...

13:48:59 [tlr]

... something to do before we have to worry about that ...

13:49:08 [tlr]

... sounds like we don't have a problem ...

13:49:15 [hal]

q-

13:49:17 [tlr]

... main thing is to write down things we've learned in this group ...

13:49:41 [tlr]

hal: 3-5 more mails of the same size, then might want to flush that out

13:49:53 [tlr]

... speaking to what JCC said, looking forward to comment ...

13:49:58 [tlr]

... would be surprised if I got it all right ...

13:50:10 [Zakim]

-jcc

13:50:16 [tlr]

... another point, very true and general comments can end up being unintelligible ...

13:50:23 [tlr]

frederick: yes, value of concrete examples

13:50:32 [tlr]

q?

13:50:36 [fjh]

q?

13:50:52 [jcc]

Sorry, was kicked off

13:51:05 [tlr]

klanz: think this is a good thing to lead us from this group to the next one

13:51:22 [jcc]

dialing again

13:51:36 [tlr]

frederick: anything else on best practices

13:51:46 [tlr]

... also, anybody who has material to contribute, please send to public list ...

13:52:09 [tlr]

... hoping to make progress on draft between now and next call ...

13:52:13 [tlr]

topic: action item review

13:52:35 [tlr]

trackbot-ng, close ACTION-147

13:52:36 [trackbot-ng]

ACTION-147 Update the test cases document; polish for publication as a Note closed

13:52:47 [Zakim]

+??P7

13:52:59 [fjh]

see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Apr/0010.html

13:53:05 [fjh]

zakim, P7 is jcc

13:53:05 [Zakim]

sorry, fjh, I do not recognize a party named 'P7'

13:53:13 [fjh]

zakim, ??P7 is jcc

13:53:13 [Zakim]

+jcc; got it

13:53:25 [tlr]

trackbot-ng, close ACTION-148

13:53:25 [trackbot-ng]

ACTION-148 Send comments to EXI group as circulated to the XMLSEC closed

13:53:52 [fjh]

http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Apr/0009.html

13:54:00 [tlr]

trackbot-ng, close ACTION-149

13:54:00 [trackbot-ng]

ACTION-149 Clarify DName testing in test case document closed

13:54:11 [fjh]

http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Apr/0015.html

13:54:20 [tlr]

ACTION-150?

13:54:20 [trackbot-ng]

ACTION-150 -- Phillip Hallam-Baker to distribute a draft regarding identifiers registry -- due 2008-04-15 -- OPEN

13:54:20 [trackbot-ng]

http://www.w3.org/2007/xmlsec/Group/track/actions/150

13:54:30 [Zakim]

-jwray

13:55:08 [tlr]

http://www.w3.org/2007/xmlsec/Group/track/actions/pendingreview

13:55:20 [tlr]

trackbot-ng, close ACTION-121

13:55:20 [trackbot-ng]

ACTION-121 Fix CR/LF issue for test case 103 closed

13:55:25 [tlr]

trackbot-ng, close ACTION-126

13:55:25 [trackbot-ng]

ACTION-126 Check consistency of 4.3.3.1 and references closed

13:55:40 [tlr]

trackbot-ng, close ACTION-127

13:55:40 [trackbot-ng]

ACTION-127 Propose change to charter draft that opens encryption, in a limited way closed

13:56:36 [tlr]

topic: aob

13:57:21 [tlr]

frederick: reminders again

13:57:21 [klanz2]

thx

13:57:23 [tlr]

... RNG schema

13:57:25 [tlr]

... prod ac reps

13:57:27 [tlr]

... review best practices

13:57:29 [tlr]

adjourned

13:57:31 [tlr]

zakim, list participants

13:57:31 [Zakim]

-Hal_Lockhart

13:57:33 [Zakim]

As of this point the attendees have been +1.978.888.aaaa, Thomas, Frederick_Hirsch, jwray, +1.617.876.aabb, RobMiller, sean, Ed_Simon, +1.512.401.aacc, brich, PHB, jcc,

13:57:35 [Zakim]

... Hal_Lockhart, Pratik_Datta, Thomas.a, +1.408.907.aadd, shivaram, klanz2

13:57:35 [Zakim]

-shivaram

13:57:36 [Zakim]

-Pratik_Datta

13:57:37 [Zakim]

-RobMiller

13:57:38 [Zakim]

-brich

13:57:38 [Zakim]

-sean

13:57:39 [Zakim]

-PHB

13:57:41 [Zakim]

-Thomas.a

13:57:43 [Zakim]

-jcc

13:57:45 [Zakim]

-Ed_Simon

13:57:46 [jcc]

jcc has left #xmlsec

13:57:51 [fjh]

zakim, who is here?

13:57:51 [Zakim]

On the phone I see Frederick_Hirsch, klanz2

13:57:55 [Zakim]

On IRC I see klanz2, PHB, brich, fjh, Zakim, RRSAgent, tlr, trackbot-ng

13:58:03 [Zakim]

-klanz2

13:58:11 [Zakim]

-Frederick_Hirsch

13:58:13 [Zakim]

T&S_XMLSEC()9:00AM has ended

13:58:17 [Zakim]

Attendees were +1.978.888.aaaa, Thomas, Frederick_Hirsch, jwray, +1.617.876.aabb, RobMiller, sean, Ed_Simon, +1.512.401.aacc, brich, PHB, jcc, Hal_Lockhart, Pratik_Datta, Thomas.a,

13:58:20 [Zakim]

... +1.408.907.aadd, shivaram, klanz2

13:58:42 [fjh]

Zakim, list participants

13:58:44 [Zakim]

sorry, fjh, I don't know what conference this is

13:59:16 [fjh]

RRSAgent, make log public

13:59:29 [fjh]

RRSAgent, generate minutes

13:59:29 [RRSAgent]

I have made the request to generate http://www.w3.org/2008/04/15-xmlsec-minutes.html fjh

14:00:29 [fjh]

Scribe: Thomas Roessler, Frederick Hirsch

14:00:53 [fjh]

RRSAgent, generate minutes

14:00:53 [RRSAgent]

I have made the request to generate http://www.w3.org/2008/04/15-xmlsec-minutes.html fjh

14:02:13 [tlr]

rrsagent, make record public

14:02:15 [tlr]

rrsagent, excuse us

14:02:15 [RRSAgent]

I see no action items