IRC log of xmlsec on 2008-04-15

Timestamps are in UTC.

12:44:54 [RRSAgent]
RRSAgent has joined #xmlsec
12:44:54 [RRSAgent]
logging to http://www.w3.org/2008/04/15-xmlsec-irc
12:44:56 [trackbot-ng]
RRSAgent, make logs public
12:44:56 [Zakim]
Zakim has joined #xmlsec
12:44:58 [trackbot-ng]
Zakim, this will be XMLSEC
12:44:58 [Zakim]
ok, trackbot-ng; I see T&S_XMLSEC()9:00AM scheduled to start in 16 minutes
12:44:59 [trackbot-ng]
Meeting: XML Security Specifications Maintenance Working Group Teleconference
12:44:59 [trackbot-ng]
Date: 15 April 2008
12:46:29 [fjh]
fjh has joined #xmlsec
12:46:50 [fjh]
zakim, who is here?
12:46:50 [Zakim]
T&S_XMLSEC()9:00AM has not yet started, fjh
12:46:51 [Zakim]
On IRC I see fjh, Zakim, RRSAgent, tlr, trackbot-ng
12:47:36 [fjh]
Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Apr/0016.html
12:47:42 [fjh]
Chair: Frederick Hirsch
12:48:12 [fjh]
Scribe: John Wray
12:50:01 [Zakim]
T&S_XMLSEC()9:00AM has now started
12:50:08 [Zakim]
+ +1.978.888.aaaa
12:50:13 [tlr]
zakim, call thomas-781
12:50:13 [Zakim]
ok, tlr; the call is being made
12:50:14 [Zakim]
+Thomas
12:50:49 [Zakim]
+Frederick_Hirsch
12:50:49 [tlr]
zakim, aaaa is jwray
12:50:51 [Zakim]
+jwray; got it
12:51:43 [fjh]
zakim, who is here?
12:51:43 [Zakim]
On the phone I see jwray, Thomas, Frederick_Hirsch
12:51:44 [Zakim]
On IRC I see fjh, Zakim, RRSAgent, tlr, trackbot-ng
12:52:51 [fjh]
Topic: Administrative
12:54:35 [sean]
sean has joined #xmlsec
12:54:45 [CGI421]
CGI421 has joined #xmlsec
12:55:26 [jcc]
jcc has joined #xmlsec
12:57:53 [fjh]
Topic: Meeting Planning
12:58:53 [Zakim]
+??P4
12:59:15 [fjh]
zakim, p4 is rob miller
12:59:15 [Zakim]
I don't understand 'p4 is rob miller', fjh
12:59:37 [tlr]
zakim, ??P4 is rob miller
12:59:37 [Zakim]
I don't understand '??P4 is rob miller', tlr
12:59:44 [Zakim]
+ +1.617.876.aabb
12:59:45 [tlr]
zakim, ??P4 is RobMiller
12:59:45 [Zakim]
+RobMiller; got it
13:00:03 [fjh]
zakim, aabb is sean
13:00:03 [Zakim]
+sean; got it
13:00:09 [fjh]
zakim, who is here?
13:00:09 [Zakim]
On the phone I see jwray, Thomas, Frederick_Hirsch, RobMiller, sean
13:00:10 [Zakim]
On IRC I see jcc, sean, fjh, Zakim, RRSAgent, tlr, trackbot-ng
13:00:11 [Zakim]
+Ed_Simon
13:00:19 [Zakim]
+ +1.512.401.aacc
13:00:21 [brich]
brich has joined #xmlsec
13:00:33 [fjh]
zakim, aacc is brich
13:00:33 [Zakim]
+brich; got it
13:00:39 [fjh]
zakim, who is here?
13:00:39 [Zakim]
On the phone I see jwray, Thomas, Frederick_Hirsch, RobMiller, sean, Ed_Simon, brich
13:00:41 [Zakim]
On IRC I see brich, jcc, sean, fjh, Zakim, RRSAgent, tlr, trackbot-ng
13:01:45 [PHB]
PHB has joined #xmlsec
13:01:57 [PHB]
zakim, code?
13:01:57 [Zakim]
the conference code is 965732 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), PHB
13:02:07 [Zakim]
+??P13
13:02:23 [Zakim]
+PHB
13:02:23 [EdS]
EdS has joined #xmlsec
13:02:40 [fjh]
zakim, P13 is jcc
13:02:40 [Zakim]
sorry, fjh, I do not recognize a party named 'P13'
13:02:41 [pdatta]
pdatta has joined #xmlsec
13:02:49 [fjh]
zakim, ??P13 is jcc
13:02:49 [Zakim]
+jcc; got it
13:02:56 [fjh]
zakim, who is here?
13:02:56 [Zakim]
On the phone I see jwray, Thomas, Frederick_Hirsch, RobMiller, sean, Ed_Simon, brich, jcc, PHB
13:02:59 [Zakim]
On IRC I see pdatta, EdS, PHB, brich, jcc, sean, fjh, Zakim, RRSAgent, tlr, trackbot-ng
13:03:17 [Zakim]
+Hal_Lockhart
13:03:59 [Zakim]
+James_Nurthen
13:04:19 [tlr]
zakim, James_Nurthen is really Pratik_Datta
13:04:31 [Zakim]
+Pratik_Datta; got it
13:04:48 [fjh]
zakim, who is here?
13:04:53 [Zakim]
On the phone I see jwray, Thomas, Frederick_Hirsch, RobMiller, sean, Ed_Simon, brich, jcc, PHB, Hal_Lockhart, Pratik_Datta
13:05:04 [Zakim]
On IRC I see pdatta, EdS, PHB, brich, jcc, sean, fjh, Zakim, RRSAgent, tlr, trackbot-ng
13:05:08 [klanz2]
klanz2 has joined #xmlsec
13:05:48 [tlr]
ScribeNick: tlr
13:06:14 [shivaram]
shivaram has joined #xmlsec
13:06:37 [tlr]
zakim, call thomas-781
13:06:37 [Zakim]
ok, tlr; the call is being made
13:06:39 [Zakim]
+Thomas.a
13:06:46 [tlr]
zakim, drop Thomas
13:06:46 [Zakim]
Thomas is being disconnected
13:06:47 [Zakim]
-Thomas
13:06:52 [Zakim]
+ +1.408.907.aadd
13:07:05 [fjh]
next call is 6 May
13:07:14 [shivaram]
zakim, aadd is shivaram
13:07:14 [Zakim]
+shivaram; got it
13:07:29 [tlr]
Frederick: next meeting 6 May, Shivaram to scribe
13:07:46 [shivaram]
zakim, mute me
13:07:46 [Zakim]
shivaram should now be muted
13:08:01 [tlr]
frederick: sent material to WS-I
13:08:07 [fjh]
WAF widget signing: http://www.w3.org/TR/widgets-digsig/
13:08:14 [tlr]
... widget signing is FPWD now ...
13:08:22 [tlr]
... you may want to review latest draft ...
13:08:33 [fjh]
minutes - http://www.w3.org/2008/04/01-xmlsec-minutes.html
13:08:34 [tlr]
topic: minutes from last meeting
13:08:43 [tlr]
RESOLUTION: approved
13:09:03 [fjh]
Dsig AC Reps http://www.w3.org/2002/09/wbs/33280/xmlsigper2008/
13:09:08 [Zakim]
+mscottm
13:09:10 [klanz2]
zakim, ? is klanz2
13:09:10 [Zakim]
sorry, klanz2, I do not recognize a party named '?'
13:09:23 [tlr]
zakim, mscottm is really klanz2
13:09:23 [Zakim]
+klanz2; got it
13:10:19 [fjh]
http://www.w3.org/2002/09/wbs/33280/xmlsec2008/
13:10:24 [tlr]
frederick: please make sure your AC reps submit reviews for PER and charter
13:10:33 [tlr]
... chartering deadline is 2 may
13:10:44 [tlr]
... contacting AC reps now might be helpful
13:10:57 [hal]
hal has joined #xmlsec
13:11:14 [tlr]
... face-to-face schedule for kick-off getting tight
13:11:20 [tlr]
... propose week of 14 July ...
13:11:33 [tlr]
... how would that work? ...
13:11:42 [brich]
that would be a problem for me
13:11:49 [tlr]
juan carlos: would be a problem - holiday starting on the 15th
13:12:20 [sean]
q+
13:12:30 [tlr]
hal: first time I heard the date
13:12:31 [EdS]
I would have to check for conflicts too.
13:12:38 [sean]
q-
13:12:39 [tlr]
... no conflicts off the top of my head
13:12:53 [tlr]
hal: location?
13:13:07 [PHB]
q+
13:13:16 [tlr]
frederick: had two offers from Europe (Barcelona or Graz) ...
13:13:49 [tlr]
jcc: number?
13:14:00 [tlr]
frederick: 15-20 as wild guess
13:14:22 [tlr]
juan carlos: will check, may have some degrees of freedom
13:14:32 [tlr]
hal: Can host in Boston or Bay for < 30
13:15:04 [tlr]
frederick: please share possibilities on member-visible list, what dates work, etc.
13:15:27 [tlr]
frederick: konrad?
13:15:40 [tlr]
konrad: umh
13:15:47 [tlr]
tlr: talked to Peter last week, he said the offer is on
13:16:16 [tlr]
pbaker: please make Tue-Thu, not Mon or Fri
13:16:19 [tlr]
frederick: reasonable
13:16:30 [klanz2]
;-)
13:16:51 [tlr]
topic: test case document
13:16:59 [klanz2]
s/;-)//
13:17:31 [tlr]
frederick: some editorial clean-up from Thomas, some content-wise from Sean
13:17:38 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Apr/0015.htm
13:17:44 [tlr]
sean: main change in section 3.2
13:17:45 [fjh]
section 3.3.4 and fixed reference
13:17:51 [tlr]
s/3.2/3.3.4/
13:18:06 [tlr]
... explained optional behavior for generation, mandatory for verification ...
13:18:11 [tlr]
... improved wording, added rationale, etc ...
13:18:18 [tlr]
... tried to improve readability of section
13:18:24 [tlr]
frederick: don't know if people have reviewed
13:19:26 [fjh]
tlr: fixed markup, references, added text about conformance
13:19:40 [fjh]
... added sectioning for individual test cases for ease of use
13:20:39 [tlr]
(discussion about make vs ant build processes)
13:21:39 [tlr]
frederick: process for moving forward?
13:21:47 [tlr]
tlr: moratorium ends 28 April
13:21:56 [tlr]
frederick: expect to proceed with publication if don't hear by then
13:22:19 [tlr]
topic: Relax NG schema
13:22:23 [fjh]
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-rngschema/
13:22:50 [fjh]
tlr: request on original xmlsig list related to Open Office XML
13:23:02 [fjh]
... desire to have normative reference to Relax NG schema
13:23:15 [fjh]
... original version from Joseph Reagle on W3C site
13:23:43 [fjh]
... rather than having it copied, a Note might be preferable, especially since they wanted Compact Syntax which had not yet been created.
13:24:19 [fjh]
... Proposal, have minimal WG Note with both Relax NG full and compact syntax. Not normative document.
13:24:42 [fjh]
... Need review of Relax NG schema for correctness
13:24:53 [fjh]
s/review/WG review
13:25:25 [tlr]
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-rngschema/
13:25:26 [klanz2]
we do not support Relax NG
13:26:01 [shivaram]
How many support Relax NG?
13:26:22 [tlr]
RobMiller: put out call on internal list for review
13:26:30 [tlr]
... will report back if/when there's more information ...
13:26:44 [tlr]
hal: not committing anything either
13:26:53 [klanz2]
well, we can parse what xalan can parse, but we'll always the signautre itself against xmlschema
13:27:17 [klanz2]
s/always the/always check/
13:27:31 [klanz2]
ack klanz2
13:27:34 [tlr]
frederick: what's your message in the chat saying?
13:28:06 [tlr]
klanz: we can try to validate a bunch of signatures against RNG schema
13:28:32 [fjh]
ack phb
13:29:24 [tlr]
frederick: konrad, if there's anything immediately noticeable, please say
13:29:39 [tlr]
topic: best practices
13:29:46 [tlr]
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-bestpractices/
13:30:42 [tlr]
frederick: tried to rework what Hal and Pratik had posted into that format
13:31:15 [klanz2]
q+
13:31:41 [tlr]
pratik: on xpath, had a list of xpath expressions
13:32:17 [tlr]
... example there was complex xpath that was signing no node ...
13:33:41 [tlr]
frederick: more on nodes?
13:33:46 [tlr]
hal: need bunch of references
13:33:57 [tlr]
... plan to do 5 more or so on the topics ...
13:34:02 [tlr]
... depth, different issues ...
13:34:28 [tlr]
... there's also some controversial issues ...
13:34:34 [tlr]
... will attempt to identify where people might disagree ...
13:34:35 [jcc]
q+
13:34:58 [tlr]
hal: question what's most expedient
13:35:09 [tlr]
ack klanz
13:35:11 [fjh]
ack klanz
13:35:23 [klanz2]
ack klanz2
13:36:06 [fjh]
ws-i bsp "threats and countermeasures"
13:36:10 [tlr]
klanz2: think we should do some more referencing
13:36:15 [tlr]
... where others have done work ...
13:36:39 [tlr]
... there are some that are narrow xmldsig, some are about stuff on top of xmldsig ...
13:36:44 [tlr]
... time stamps are more broadly ...
13:36:55 [fjh]
wider sense - e.g. application usage of xml signature
13:36:57 [tlr]
... xpath and canonicalization are narrower ...
13:37:03 [tlr]
... think there's a natural partition ...
13:37:10 [fjh]
narrow sense - detail of xml signature standard itself
13:37:28 [tlr]
hal: agree there's a logical division, not sure how easy to do
13:37:32 [tlr]
... and how useful to the reader ...
13:37:45 [tlr]
... I'd think you'd always want to put in a time stamp ...
13:38:00 [fjh]
question of defining roles, target audience for individual best practices
13:38:04 [tlr]
... some of the other concerns only a few people will run into ...
13:38:31 [tlr]
klanz: some applications might simply assume "signature was made during validity period"
13:39:14 [tlr]
... some points here go into PKI validation ...
13:39:23 [tlr]
... time stamping belongs there, too ...
13:39:32 [tlr]
frederick: there are different audiences
13:39:58 [tlr]
hal: want to talk about references
13:40:09 [tlr]
... what we learned doing in WSS ...
13:40:16 [tlr]
... what things turned out to be bad ideas ...
13:40:19 [tlr]
... are deprecated ..
13:40:22 [tlr]
... lots of stuff around that ...
13:40:42 [fjh]
need to discuss referencing
13:40:45 [tlr]
q?
13:40:48 [tlr]
ack jcc
13:40:48 [fjh]
acc jcc
13:40:51 [fjh]
ack jcc
13:40:57 [tlr]
jcc: what are the plans for the production of best practices
13:41:10 [tlr]
... do we expect people to provide material, and people may comment on the material ...
13:41:24 [tlr]
... what's the expectation?
13:41:49 [tlr]
frederick: two aspects to this question
13:41:54 [tlr]
... first one, what's WG process
13:42:03 [tlr]
... second one, what are the broader implications
13:42:07 [tlr]
... this is obviously a draft ...
13:42:15 [tlr]
... need agreement in the WG ...
13:42:29 [tlr]
... trying to put something down, then correct ...
13:42:36 [tlr]
... as opposed to inching toward it piecewise ...
13:42:40 [tlr]
... do stuff on list, get it started ...
13:42:52 [tlr]
... so, please comment ...
13:43:01 [tlr]
... broader question - how play out in general community ...
13:43:13 [tlr]
... is it important for us to get external feedback?
13:43:16 [tlr]
... e.g., WS-I, OASIS?
13:43:19 [tlr]
q+
13:43:26 [tlr]
... what's the right process
13:44:12 [hal]
+1
13:44:12 [shivaram]
I would suggest an informal notice to all of these groups and have them comment on public mailing list. We can then invite them as needed.
13:45:00 [klanz2]
tlr: Intended to be a Note
13:45:39 [klanz2]
... we can do a Deliverable like this in the next WG even without having it in the charter (process wise)
13:45:58 [fjh]
tlr: can start and hand off to follow on WG
13:46:28 [klanz2]
tlr: we can make working tdafts to notes
13:46:41 [fjh]
tlr: can produce version, can publish as public WD to have continued by follow on wg, and seek input
13:46:43 [klanz2]
s/tdafts/drafts/
13:46:52 [fjh]
s/input/external input
13:46:59 [jcc]
q+
13:47:00 [klanz2]
q+
13:47:21 [tlr]
q-
13:47:23 [tlr]
jcc: personal feeling is that external review would be extremely useful
13:47:30 [fjh]
ack jcc
13:47:34 [tlr]
.... e.g., etsi has time-stamp related formats on top of dsig
13:47:46 [fjh]
ack klanz
13:48:02 [hal]
q+
13:48:02 [klanz2]
http://lists.w3.org/Archives/Public/public-xmlsec-comments/
13:48:04 [tlr]
klanz2: can we use the comments mailing list?
13:48:18 [tlr]
... for people to send input?
13:48:19 [tlr]
tlr: yes
13:48:23 [fjh]
tlr: this list is appropriate
13:48:47 [tlr]
frederick: will take a bit of time to have an initial version that we're comfortable with
13:48:52 [tlr]
... can start public review at that point ...
13:48:59 [tlr]
... something to do before we have to worry about that ...
13:49:08 [tlr]
... sounds like we don't have a problem ...
13:49:15 [hal]
q-
13:49:17 [tlr]
... main thing is to write down things we've learned in this group ...
13:49:41 [tlr]
hal: 3-5 more mails of the same size, then might want to flush that out
13:49:53 [tlr]
... speaking to what JCC said, looking forward to comment ...
13:49:58 [tlr]
... would be surprised if I got it all right ...
13:50:10 [Zakim]
-jcc
13:50:16 [tlr]
... another point, very true and general comments can end up being unintelligible ...
13:50:23 [tlr]
frederick: yes, value of concrete examples
13:50:32 [tlr]
q?
13:50:36 [fjh]
q?
13:50:52 [jcc]
Sorry, was kicked off
13:51:05 [tlr]
klanz: think this is a good thing to lead us from this group to the next one
13:51:22 [jcc]
dialing again
13:51:36 [tlr]
frederick: anything else on best practices
13:51:46 [tlr]
... also, anybody who has material to contribute, please send to public list ...
13:52:09 [tlr]
... hoping to make progress on draft between now and next call ...
13:52:13 [tlr]
topic: action item review
13:52:35 [tlr]
trackbot-ng, close ACTION-147
13:52:36 [trackbot-ng]
ACTION-147 Update the test cases document; polish for publication as a Note closed
13:52:47 [Zakim]
+??P7
13:52:59 [fjh]
see http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Apr/0010.html
13:53:05 [fjh]
zakim, P7 is jcc
13:53:05 [Zakim]
sorry, fjh, I do not recognize a party named 'P7'
13:53:13 [fjh]
zakim, ??P7 is jcc
13:53:13 [Zakim]
+jcc; got it
13:53:25 [tlr]
trackbot-ng, close ACTION-148
13:53:25 [trackbot-ng]
ACTION-148 Send comments to EXI group as circulated to the XMLSEC closed
13:53:52 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Apr/0009.html
13:54:00 [tlr]
trackbot-ng, close ACTION-149
13:54:00 [trackbot-ng]
ACTION-149 Clarify DName testing in test case document closed
13:54:11 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Apr/0015.html
13:54:20 [tlr]
ACTION-150?
13:54:20 [trackbot-ng]
ACTION-150 -- Phillip Hallam-Baker to distribute a draft regarding identifiers registry -- due 2008-04-15 -- OPEN
13:54:20 [trackbot-ng]
http://www.w3.org/2007/xmlsec/Group/track/actions/150
13:54:30 [Zakim]
-jwray
13:55:08 [tlr]
http://www.w3.org/2007/xmlsec/Group/track/actions/pendingreview
13:55:20 [tlr]
trackbot-ng, close ACTION-121
13:55:20 [trackbot-ng]
ACTION-121 Fix CR/LF issue for test case 103 closed
13:55:25 [tlr]
trackbot-ng, close ACTION-126
13:55:25 [trackbot-ng]
ACTION-126 Check consistency of 4.3.3.1 and references closed
13:55:40 [tlr]
trackbot-ng, close ACTION-127
13:55:40 [trackbot-ng]
ACTION-127 Propose change to charter draft that opens encryption, in a limited way closed
13:56:36 [tlr]
topic: aob
13:57:21 [tlr]
frederick: reminders again
13:57:21 [klanz2]
thx
13:57:23 [tlr]
... RNG schema
13:57:25 [tlr]
... prod ac reps
13:57:27 [tlr]
... review best practices
13:57:29 [tlr]
adjourned
13:57:31 [tlr]
zakim, list participants
13:57:31 [Zakim]
-Hal_Lockhart
13:57:33 [Zakim]
As of this point the attendees have been +1.978.888.aaaa, Thomas, Frederick_Hirsch, jwray, +1.617.876.aabb, RobMiller, sean, Ed_Simon, +1.512.401.aacc, brich, PHB, jcc,
13:57:35 [Zakim]
... Hal_Lockhart, Pratik_Datta, Thomas.a, +1.408.907.aadd, shivaram, klanz2
13:57:35 [Zakim]
-shivaram
13:57:36 [Zakim]
-Pratik_Datta
13:57:37 [Zakim]
-RobMiller
13:57:38 [Zakim]
-brich
13:57:38 [Zakim]
-sean
13:57:39 [Zakim]
-PHB
13:57:41 [Zakim]
-Thomas.a
13:57:43 [Zakim]
-jcc
13:57:45 [Zakim]
-Ed_Simon
13:57:46 [jcc]
jcc has left #xmlsec
13:57:51 [fjh]
zakim, who is here?
13:57:51 [Zakim]
On the phone I see Frederick_Hirsch, klanz2
13:57:55 [Zakim]
On IRC I see klanz2, PHB, brich, fjh, Zakim, RRSAgent, tlr, trackbot-ng
13:58:03 [Zakim]
-klanz2
13:58:11 [Zakim]
-Frederick_Hirsch
13:58:13 [Zakim]
T&S_XMLSEC()9:00AM has ended
13:58:17 [Zakim]
Attendees were +1.978.888.aaaa, Thomas, Frederick_Hirsch, jwray, +1.617.876.aabb, RobMiller, sean, Ed_Simon, +1.512.401.aacc, brich, PHB, jcc, Hal_Lockhart, Pratik_Datta, Thomas.a,
13:58:20 [Zakim]
... +1.408.907.aadd, shivaram, klanz2
13:58:42 [fjh]
Zakim, list participants
13:58:44 [Zakim]
sorry, fjh, I don't know what conference this is
13:59:16 [fjh]
RRSAgent, make log public
13:59:29 [fjh]
RRSAgent, generate minutes
13:59:29 [RRSAgent]
I have made the request to generate http://www.w3.org/2008/04/15-xmlsec-minutes.html fjh
14:00:29 [fjh]
Scribe: Thomas Roessler, Frederick Hirsch
14:00:53 [fjh]
RRSAgent, generate minutes
14:00:53 [RRSAgent]
I have made the request to generate http://www.w3.org/2008/04/15-xmlsec-minutes.html fjh
14:02:13 [tlr]
rrsagent, make record public
14:02:15 [tlr]
rrsagent, excuse us
14:02:15 [RRSAgent]
I see no action items