IRC log of xmlsec on 2008-06-17

Timestamps are in UTC.

12:50:01 [RRSAgent]
RRSAgent has joined #xmlsec
12:50:01 [RRSAgent]
logging to http://www.w3.org/2008/06/17-xmlsec-irc
12:50:03 [trackbot]
RRSAgent, make logs public
12:50:03 [Zakim]
Zakim has joined #xmlsec
12:50:05 [trackbot]
Zakim, this will be XMLSEC
12:50:05 [Zakim]
ok, trackbot; I see T&S_XMLSEC()9:00AM scheduled to start in 10 minutes
12:50:06 [trackbot]
Meeting: XML Security Specifications Maintenance Working Group Teleconference
12:50:06 [trackbot]
Date: 17 June 2008
12:50:22 [fjh]
Chair: Frederick Hirsch
12:50:38 [fjh]
Regrets: Shivaram Mysore, Ed Simon
12:51:26 [fjh]
Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0018.html
12:52:02 [pdatta]
pdatta has joined #xmlsec
12:53:33 [sean]
sean has joined #xmlsec
12:55:31 [Zakim]
T&S_XMLSEC()9:00AM has now started
12:55:38 [Zakim]
+[IBM]
12:56:00 [brich]
brich has joined #xmlsec
12:56:29 [Zakim]
+Frederick_Hirsch
12:56:57 [jwray]
jwray has joined #xmlsec
12:57:45 [brich]
ScribeNick: brich
12:57:59 [tlr]
tlr has joined #xmlsec
12:58:43 [tlr]
trackbot, start meeting
12:58:45 [trackbot]
RRSAgent, make logs public
12:58:47 [trackbot]
Zakim, this will be XMLSEC
12:58:47 [Zakim]
ok, trackbot, I see T&S_XMLSEC()9:00AM already started
12:58:48 [trackbot]
Meeting: XML Security Specifications Maintenance Working Group Teleconference
12:58:48 [trackbot]
Date: 17 June 2008
12:58:50 [fjh]
Regrets: Juan Carols Cruelles, http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0018.html
12:59:31 [Zakim]
+rdmiller
12:59:49 [fjh]
Regrets: Juan Carlos Cruellas, Shivaram Mysore, Ed Simon
13:00:09 [Zakim]
+sean
13:00:09 [fjh]
zakim, who is here?
13:00:10 [Zakim]
On the phone I see [IBM], Frederick_Hirsch, rdmiller, sean
13:00:12 [Zakim]
On IRC I see tlr, jwray, brich, sean, pdatta, Zakim, RRSAgent, fjh, trackbot
13:00:25 [fjh]
zakim, [IBM] is brich
13:00:25 [Zakim]
+brich; got it
13:00:40 [Zakim]
-sean
13:00:49 [Zakim]
+jwray
13:00:57 [fjh]
Present: Bruce Rich, Frederick Hirsch, Rob Miller, Sean Mullan, Pratik Datta, Thomas Roessler, John Wray
13:01:16 [fjh]
Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0018.html
13:01:18 [Zakim]
+sean
13:01:29 [Zakim]
+ +1.508.634.aaaa
13:01:39 [tlr]
zakim, call thomas-781
13:01:39 [Zakim]
ok, tlr; the call is being made
13:01:41 [Zakim]
+Thomas
13:01:44 [tlr]
zakim, drop thomas
13:01:44 [Zakim]
Thomas is being disconnected
13:01:45 [Zakim]
-Thomas
13:01:46 [tlr]
zakim, call thomas-skype
13:01:46 [Zakim]
ok, tlr; the call is being made
13:01:47 [Zakim]
+Thomas
13:01:54 [Zakim]
+James_Nurthen
13:01:56 [fjh]
zakim, aaaa is deastlake
13:01:56 [Zakim]
+deastlake; got it
13:02:10 [fjh]
zakim, James_Nurthen is pdatta
13:02:10 [Zakim]
+pdatta; got it
13:02:15 [fjh]
zakim, who is here?
13:02:15 [Zakim]
On the phone I see brich, Frederick_Hirsch, rdmiller, jwray, sean, deastlake, Thomas, pdatta
13:02:18 [Zakim]
On IRC I see tlr, jwray, brich, sean, pdatta, Zakim, RRSAgent, fjh, trackbot
13:02:35 [deastalk]
deastalk has joined #xmlsec
13:02:49 [fjh]
Present: Bruce Rich, Frederick Hirsch, Rob Miller, Sean Mullan, Pratik Datta, Thomas Roessler, John Wray, Donald Eastlake
13:03:03 [Zakim]
+Hal_Lockhart
13:03:13 [brich]
TOPIC: Adminstrative
13:03:22 [fjh]
Present: Bruce Rich, Frederick Hirsch, Rob Miller, Sean Mullan, Pratik Datta, Thomas Roessler, John Wray, Hal Lockhart
13:03:34 [brich]
s/Adminstrative/Administrative
13:03:42 [hal]
hal has joined #xmlsec
13:03:44 [fjh]
Present: Bruce Rich, Frederick Hirsch, Rob Miller, Sean Mullan, Pratik Datta, Thomas Roessler, John Wray, Hal Lockhart, Donald Eastlake
13:04:31 [brich]
final meeting of this working group, new one starts with F2F in Barcelona
13:04:51 [brich]
RESOLUTION: Minutes from 10 June approved
13:05:55 [brich]
PROPOSAL: Minutes from this meeting will be approved as of Friday if no objections raised via email
13:06:35 [tlr]
zakim, mute me
13:06:35 [Zakim]
sorry, tlr, I do not know which phone connection belongs to you
13:06:39 [tlr]
zakim, I am thomas
13:06:39 [Zakim]
ok, tlr, I now associate you with Thomas
13:06:40 [tlr]
zakim, mute me
13:06:40 [Zakim]
Thomas should now be muted
13:06:41 [fjh]
upcoming wg instructions http://www.w3.org/2004/01/pp-impl/42458/instructions
13:06:53 [tlr]
tlr has joined #xmlsec
13:07:20 [fjh]
F2F for next WG planned. 16-17 July, Barcelona
13:07:30 [fjh]
http://www.w3.org/2008/xmlsec/Group/barcelona.html
13:07:52 [fjh]
Technical Plenary / Advisory Committee Meetings Week, 20 - 24 October 2008
13:08:01 [fjh]
XML Security scheduled Monday 20 October - Tuesday 21 October
13:08:12 [fjh]
Schedule: http://www.w3.org/2008/10/TPAC/Schedule
13:08:54 [fjh]
XML Signature, Syntax and Processing (Second Edition) Published as Recommendation, 10 June 2008
13:09:01 [fjh]
http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/
13:09:10 [fjh]
Test cases published as Working Group Note, 10 June 2008
13:09:19 [fjh]
http://www.w3.org/TR/2008/NOTE-xmldsig2ed-tests-20080610/
13:09:25 [brich]
TOPIC: RFC
13:09:54 [fjh]
References http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2008Jun/0011.html
13:09:59 [brich]
Bulk of work done, but RFC updates needed
13:10:38 [brich]
Direct quotes from RFC 2828 need to be checked
13:10:44 [fjh]
additional note from Donald Eastlake http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0020.html
13:11:53 [brich]
Document will be sent to list, comments welcome
13:12:00 [fjh]
document http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/att-0020/Xsig2-19fftoc.txt
13:13:36 [brich]
Front matter and end matter are most critical for review
13:13:58 [tlr]
zakim, unmute me
13:13:58 [Zakim]
Thomas should no longer be muted
13:14:34 [brich]
Question: does this WG mailing list continue after formal close of group activities?
13:15:01 [brich]
hopefully, it will persist for a while
13:15:51 [tlr]
q+
13:16:33 [tlr]
q-
13:17:09 [tlr]
q+
13:17:12 [tlr]
q-
13:17:28 [tlr]
ACTION: frederick to update XML Signature errata to reflect RFC version's reference changes
13:17:29 [trackbot]
Created ACTION-170 - Update XML Signature errata to reflect RFC version's reference changes [on Frederick Hirsch - due 2008-06-24].
13:17:30 [tlr]
q+
13:18:55 [tlr]
action-170?
13:18:56 [trackbot]
ACTION-170 -- Frederick Hirsch to update XML Signature errata to reflect RFC version's reference changes -- due 2008-06-24 -- OPEN
13:18:56 [trackbot]
http://www.w3.org/2007/xmlsec/Group/track/actions/170
13:19:27 [tlr]
action-170?
13:19:27 [trackbot]
ACTION-170 -- Thomas Roessler to update XML Signature errata to reflect RFC version's reference changes, based on input from Don Eastlake -- due 2008-06-24 -- OPEN
13:19:27 [trackbot]
http://www.w3.org/2007/xmlsec/Group/track/actions/170
13:19:53 [brich]
Public draft will be posted in a week or so
13:20:12 [brich]
IETF Last Call will take 4 weeks or so
13:20:19 [fjh]
Please review and provide comment on the list in the next week
13:20:35 [fjh]
will continue to use current WG mail list until new WG starts
13:20:49 [brich]
TOPIC: Relax NG
13:21:11 [brich]
Updated version of schema provided by Norm
13:21:17 [fjh]
updates schema http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0011.html
13:23:14 [tlr]
zakim, mute me
13:23:14 [Zakim]
Thomas should now be muted
13:23:29 [brich]
Thomas will continue to work action items on this
13:23:38 [brich]
TOPIC: Best Practices
13:24:04 [brich]
Access control discussion
13:24:17 [fjh]
http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2008Jun/0009.html
13:25:28 [tlr]
q+
13:25:42 [brich]
Timetable for releasing the best practices doc will likely extend into the next group
13:26:53 [fjh]
not give formula in document for denial of service, give general discussion.
13:27:09 [tlr]
q-
13:27:43 [tlr]
q+
13:28:25 [klanz2]
klanz2 has joined #xmlsec
13:28:47 [tlr]
ack tlr
13:28:48 [fjh]
ack tlr
13:28:51 [tlr]
ack thom
13:29:33 [fjh]
desire to also give implementers time to work on this material
13:29:37 [brich]
tlr...want to preserve clarity of communication in the document
13:30:30 [fjh]
zakim, who is here?
13:30:30 [Zakim]
On the phone I see brich, Frederick_Hirsch, rdmiller, jwray, sean, deastlake, Thomas, pdatta, Hal_Lockhart
13:30:32 [Zakim]
On IRC I see klanz2, tlr, hal, deastalk, jwray, brich, sean, pdatta, Zakim, RRSAgent, fjh, trackbot
13:30:38 [tlr]
zakim, mute me
13:30:38 [Zakim]
Thomas should now be muted
13:30:46 [Zakim]
+klanz2
13:30:56 [fjh]
Topic: Review comments on draft
13:31:18 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0014.html
13:31:50 [fjh]
advice rather than rules..
13:32:02 [fjh]
s/advice/sean: advice/
13:32:19 [klanz2]
+1
13:32:20 [brich]
+1
13:32:26 [fjh]
+1
13:33:23 [klanz2]
q+
13:33:27 [fjh]
timestamp text revision http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0019.html
13:34:26 [tlr]
zakim, unmute me
13:34:26 [Zakim]
Thomas should no longer be muted
13:35:33 [brich]
all drafts are currently world-readable...should this be restricted a bit"
13:37:02 [klanz2]
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-bestpractices/samples/ --> member only ?
13:39:39 [klanz2]
... google cache is your friend ;-)
13:39:41 [brich]
RESOLUTION: Change the best practices directory to be member-confidential only for now
13:40:06 [brich]
s/only for now/only
13:40:53 [klanz2]
q+
13:42:24 [brich]
klanz suggests tooling needs to change to render attacks less effective (e.g., XSLT, XPath DOS attacks)
13:43:25 [fjh]
klanz: notes that we need to inform working groups in these other groups regarding potential security issues
13:44:01 [fjh]
new wg should share security considerations with other wg
13:44:14 [fjh]
hal: not necessarily signature specific, more generic issues come out
13:44:47 [fjh]
Topic: Timestamps for Best Practices
13:44:50 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0019.html
13:46:31 [brich]
RESOLUTION: pratik to incorporate jcc's updates, folding in sean's comments
13:47:28 [brich]
TOPIC: AI review
13:47:40 [brich]
action-158 still open
13:47:48 [brich]
action-166 still open
13:48:30 [brich]
ACTION-167 close
13:48:37 [tlr]
trackbot, close ACTION-167
13:48:37 [trackbot]
ACTION-167 Propose change to timestamp text to address requirement for trusted third parties. closed
13:49:13 [Zakim]
-rdmiller
13:49:38 [brich]
action-168 still open, will go for new tracker
13:51:10 [brich]
action-169 still open
13:51:51 [tlr]
topic: champaign!
13:52:01 [tlr]
s/champaign/champagne/
13:52:06 [brich]
TOPIC: AOB
13:53:06 [brich]
Agenda updates for F2F are still welcome
13:53:14 [klanz2]
http://www.w3.org/2000/09/dbwg/details?group=42458&public=1
13:53:27 [klanz2]
JCC seems to have an internationalization issue here
13:53:28 [Zakim]
-pdatta
13:53:29 [Zakim]
-sean
13:53:31 [Zakim]
-Hal_Lockhart
13:53:32 [Zakim]
-deastlake
13:53:34 [Zakim]
-jwray
13:53:36 [pdatta]
pdatta has left #xmlsec
13:54:28 [klanz2]
è
13:55:05 [Zakim]
-klanz2
13:55:46 [fjh]
RRSAgent, make log public
13:56:38 [fjh]
Present: Bruce Rich, Frederick Hirsch, Rob Miller, Sean Mullan, Pratik Datta, Thomas Roessler, John Wray, Hal Lockhart, Donald Eastlake, Konrad Lanz
13:56:50 [fjh]
RRSAgent, generate minutes
13:56:50 [RRSAgent]
I have made the request to generate http://www.w3.org/2008/06/17-xmlsec-minutes.html fjh
13:56:59 [Zakim]
-Thomas
13:58:17 [Zakim]
-brich
13:58:19 [Zakim]
-Frederick_Hirsch
13:58:20 [Zakim]
T&S_XMLSEC()9:00AM has ended
13:58:21 [Zakim]
Attendees were Frederick_Hirsch, rdmiller, sean, brich, jwray, +1.508.634.aaaa, Thomas, deastlake, pdatta, Hal_Lockhart, klanz2
15:41:26 [Zakim]
Zakim has left #xmlsec