12:50:01 RRSAgent has joined #xmlsec 12:50:01 logging to http://www.w3.org/2008/06/17-xmlsec-irc 12:50:03 RRSAgent, make logs public 12:50:03 Zakim has joined #xmlsec 12:50:05 Zakim, this will be XMLSEC 12:50:05 ok, trackbot; I see T&S_XMLSEC()9:00AM scheduled to start in 10 minutes 12:50:06 Meeting: XML Security Specifications Maintenance Working Group Teleconference 12:50:06 Date: 17 June 2008 12:50:22 Chair: Frederick Hirsch 12:50:38 Regrets: Shivaram Mysore, Ed Simon 12:51:26 Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0018.html 12:52:02 pdatta has joined #xmlsec 12:53:33 sean has joined #xmlsec 12:55:31 T&S_XMLSEC()9:00AM has now started 12:55:38 +[IBM] 12:56:00 brich has joined #xmlsec 12:56:29 +Frederick_Hirsch 12:56:57 jwray has joined #xmlsec 12:57:45 ScribeNick: brich 12:57:59 tlr has joined #xmlsec 12:58:43 trackbot, start meeting 12:58:45 RRSAgent, make logs public 12:58:47 Zakim, this will be XMLSEC 12:58:47 ok, trackbot, I see T&S_XMLSEC()9:00AM already started 12:58:48 Meeting: XML Security Specifications Maintenance Working Group Teleconference 12:58:48 Date: 17 June 2008 12:58:50 Regrets: Juan Carols Cruelles, http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0018.html 12:59:31 +rdmiller 12:59:49 Regrets: Juan Carlos Cruellas, Shivaram Mysore, Ed Simon 13:00:09 +sean 13:00:09 zakim, who is here? 13:00:10 On the phone I see [IBM], Frederick_Hirsch, rdmiller, sean 13:00:12 On IRC I see tlr, jwray, brich, sean, pdatta, Zakim, RRSAgent, fjh, trackbot 13:00:25 zakim, [IBM] is brich 13:00:25 +brich; got it 13:00:40 -sean 13:00:49 +jwray 13:00:57 Present: Bruce Rich, Frederick Hirsch, Rob Miller, Sean Mullan, Pratik Datta, Thomas Roessler, John Wray 13:01:16 Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0018.html 13:01:18 +sean 13:01:29 + +1.508.634.aaaa 13:01:39 zakim, call thomas-781 13:01:39 ok, tlr; the call is being made 13:01:41 +Thomas 13:01:44 zakim, drop thomas 13:01:44 Thomas is being disconnected 13:01:45 -Thomas 13:01:46 zakim, call thomas-skype 13:01:46 ok, tlr; the call is being made 13:01:47 +Thomas 13:01:54 +James_Nurthen 13:01:56 zakim, aaaa is deastlake 13:01:56 +deastlake; got it 13:02:10 zakim, James_Nurthen is pdatta 13:02:10 +pdatta; got it 13:02:15 zakim, who is here? 13:02:15 On the phone I see brich, Frederick_Hirsch, rdmiller, jwray, sean, deastlake, Thomas, pdatta 13:02:18 On IRC I see tlr, jwray, brich, sean, pdatta, Zakim, RRSAgent, fjh, trackbot 13:02:35 deastalk has joined #xmlsec 13:02:49 Present: Bruce Rich, Frederick Hirsch, Rob Miller, Sean Mullan, Pratik Datta, Thomas Roessler, John Wray, Donald Eastlake 13:03:03 +Hal_Lockhart 13:03:13 TOPIC: Adminstrative 13:03:22 Present: Bruce Rich, Frederick Hirsch, Rob Miller, Sean Mullan, Pratik Datta, Thomas Roessler, John Wray, Hal Lockhart 13:03:34 s/Adminstrative/Administrative 13:03:42 hal has joined #xmlsec 13:03:44 Present: Bruce Rich, Frederick Hirsch, Rob Miller, Sean Mullan, Pratik Datta, Thomas Roessler, John Wray, Hal Lockhart, Donald Eastlake 13:04:31 final meeting of this working group, new one starts with F2F in Barcelona 13:04:51 RESOLUTION: Minutes from 10 June approved 13:05:55 PROPOSAL: Minutes from this meeting will be approved as of Friday if no objections raised via email 13:06:35 zakim, mute me 13:06:35 sorry, tlr, I do not know which phone connection belongs to you 13:06:39 zakim, I am thomas 13:06:39 ok, tlr, I now associate you with Thomas 13:06:40 zakim, mute me 13:06:40 Thomas should now be muted 13:06:41 upcoming wg instructions http://www.w3.org/2004/01/pp-impl/42458/instructions 13:06:53 tlr has joined #xmlsec 13:07:20 F2F for next WG planned. 16-17 July, Barcelona 13:07:30 http://www.w3.org/2008/xmlsec/Group/barcelona.html 13:07:52 Technical Plenary / Advisory Committee Meetings Week, 20 - 24 October 2008 13:08:01 XML Security scheduled Monday 20 October - Tuesday 21 October 13:08:12 Schedule: http://www.w3.org/2008/10/TPAC/Schedule 13:08:54 XML Signature, Syntax and Processing (Second Edition) Published as Recommendation, 10 June 2008 13:09:01 http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/ 13:09:10 Test cases published as Working Group Note, 10 June 2008 13:09:19 http://www.w3.org/TR/2008/NOTE-xmldsig2ed-tests-20080610/ 13:09:25 TOPIC: RFC 13:09:54 References http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2008Jun/0011.html 13:09:59 Bulk of work done, but RFC updates needed 13:10:38 Direct quotes from RFC 2828 need to be checked 13:10:44 additional note from Donald Eastlake http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0020.html 13:11:53 Document will be sent to list, comments welcome 13:12:00 document http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/att-0020/Xsig2-19fftoc.txt 13:13:36 Front matter and end matter are most critical for review 13:13:58 zakim, unmute me 13:13:58 Thomas should no longer be muted 13:14:34 Question: does this WG mailing list continue after formal close of group activities? 13:15:01 hopefully, it will persist for a while 13:15:51 q+ 13:16:33 q- 13:17:09 q+ 13:17:12 q- 13:17:28 ACTION: frederick to update XML Signature errata to reflect RFC version's reference changes 13:17:29 Created ACTION-170 - Update XML Signature errata to reflect RFC version's reference changes [on Frederick Hirsch - due 2008-06-24]. 13:17:30 q+ 13:18:55 action-170? 13:18:56 ACTION-170 -- Frederick Hirsch to update XML Signature errata to reflect RFC version's reference changes -- due 2008-06-24 -- OPEN 13:18:56 http://www.w3.org/2007/xmlsec/Group/track/actions/170 13:19:27 action-170? 13:19:27 ACTION-170 -- Thomas Roessler to update XML Signature errata to reflect RFC version's reference changes, based on input from Don Eastlake -- due 2008-06-24 -- OPEN 13:19:27 http://www.w3.org/2007/xmlsec/Group/track/actions/170 13:19:53 Public draft will be posted in a week or so 13:20:12 IETF Last Call will take 4 weeks or so 13:20:19 Please review and provide comment on the list in the next week 13:20:35 will continue to use current WG mail list until new WG starts 13:20:49 TOPIC: Relax NG 13:21:11 Updated version of schema provided by Norm 13:21:17 updates schema http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0011.html 13:23:14 zakim, mute me 13:23:14 Thomas should now be muted 13:23:29 Thomas will continue to work action items on this 13:23:38 TOPIC: Best Practices 13:24:04 Access control discussion 13:24:17 http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2008Jun/0009.html 13:25:28 q+ 13:25:42 Timetable for releasing the best practices doc will likely extend into the next group 13:26:53 not give formula in document for denial of service, give general discussion. 13:27:09 q- 13:27:43 q+ 13:28:25 klanz2 has joined #xmlsec 13:28:47 ack tlr 13:28:48 ack tlr 13:28:51 ack thom 13:29:33 desire to also give implementers time to work on this material 13:29:37 tlr...want to preserve clarity of communication in the document 13:30:30 zakim, who is here? 13:30:30 On the phone I see brich, Frederick_Hirsch, rdmiller, jwray, sean, deastlake, Thomas, pdatta, Hal_Lockhart 13:30:32 On IRC I see klanz2, tlr, hal, deastalk, jwray, brich, sean, pdatta, Zakim, RRSAgent, fjh, trackbot 13:30:38 zakim, mute me 13:30:38 Thomas should now be muted 13:30:46 +klanz2 13:30:56 Topic: Review comments on draft 13:31:18 http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0014.html 13:31:50 advice rather than rules.. 13:32:02 s/advice/sean: advice/ 13:32:19 +1 13:32:20 +1 13:32:26 +1 13:33:23 q+ 13:33:27 timestamp text revision http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0019.html 13:34:26 zakim, unmute me 13:34:26 Thomas should no longer be muted 13:35:33 all drafts are currently world-readable...should this be restricted a bit" 13:37:02 http://www.w3.org/2007/xmlsec/Drafts/xmldsig-bestpractices/samples/ --> member only ? 13:39:39 ... google cache is your friend ;-) 13:39:41 RESOLUTION: Change the best practices directory to be member-confidential only for now 13:40:06 s/only for now/only 13:40:53 q+ 13:42:24 klanz suggests tooling needs to change to render attacks less effective (e.g., XSLT, XPath DOS attacks) 13:43:25 klanz: notes that we need to inform working groups in these other groups regarding potential security issues 13:44:01 new wg should share security considerations with other wg 13:44:14 hal: not necessarily signature specific, more generic issues come out 13:44:47 Topic: Timestamps for Best Practices 13:44:50 http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2008Jun/0019.html 13:46:31 RESOLUTION: pratik to incorporate jcc's updates, folding in sean's comments 13:47:28 TOPIC: AI review 13:47:40 action-158 still open 13:47:48 action-166 still open 13:48:30 ACTION-167 close 13:48:37 trackbot, close ACTION-167 13:48:37 ACTION-167 Propose change to timestamp text to address requirement for trusted third parties. closed 13:49:13 -rdmiller 13:49:38 action-168 still open, will go for new tracker 13:51:10 action-169 still open 13:51:51 topic: champaign! 13:52:01 s/champaign/champagne/ 13:52:06 TOPIC: AOB 13:53:06 Agenda updates for F2F are still welcome 13:53:14 http://www.w3.org/2000/09/dbwg/details?group=42458&public=1 13:53:27 JCC seems to have an internationalization issue here 13:53:28 -pdatta 13:53:29 -sean 13:53:31 -Hal_Lockhart 13:53:32 -deastlake 13:53:34 -jwray 13:53:36 pdatta has left #xmlsec 13:54:28 è 13:55:05 -klanz2 13:55:46 RRSAgent, make log public 13:56:38 Present: Bruce Rich, Frederick Hirsch, Rob Miller, Sean Mullan, Pratik Datta, Thomas Roessler, John Wray, Hal Lockhart, Donald Eastlake, Konrad Lanz 13:56:50 RRSAgent, generate minutes 13:56:50 I have made the request to generate http://www.w3.org/2008/06/17-xmlsec-minutes.html fjh 13:56:59 -Thomas 13:58:17 -brich 13:58:19 -Frederick_Hirsch 13:58:20 T&S_XMLSEC()9:00AM has ended 13:58:21 Attendees were Frederick_Hirsch, rdmiller, sean, brich, jwray, +1.508.634.aaaa, Thomas, deastlake, pdatta, Hal_Lockhart, klanz2 15:41:26 Zakim has left #xmlsec