IRC log of xmlsec on 2008-10-07

Timestamps are in UTC.

13:44:19 [RRSAgent]

RRSAgent has joined #xmlsec

13:44:19 [RRSAgent]

logging to http://www.w3.org/2008/10/07-xmlsec-irc

13:44:21 [trackbot]

RRSAgent, make logs member

13:44:21 [Zakim]

Zakim has joined #xmlsec

13:44:23 [trackbot]

Zakim, this will be XMLSEC

13:44:23 [Zakim]

ok, trackbot; I see T&S_XMLSEC()10:00AM scheduled to start in 16 minutes

13:44:24 [trackbot]

Meeting: XML Security Working Group Teleconference

13:44:24 [trackbot]

Date: 07 October 2008

13:44:48 [fjh]

Chair: Frederick Hirsch

13:45:37 [fjh]

Agenda: http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0009.html

13:45:44 [fjh]

Regrets: Scott Cantor

13:54:31 [fjh]

Regrets: Scott Cantor, John Wray

13:54:40 [brich]

brich has joined #xmlsec

13:55:02 [fjh]

zakim, who is here?

13:55:03 [Zakim]

T&S_XMLSEC()10:00AM has not yet started, fjh

13:55:04 [Zakim]

On IRC I see brich, Zakim, RRSAgent, fjh, klanz2, trackbot

13:55:30 [Zakim]

T&S_XMLSEC()10:00AM has now started

13:55:32 [smullan]

smullan has joined #xmlsec

13:55:37 [Zakim]

+ +1.512.401.aaaa

13:56:09 [fjh]

zakim, what is the code?

13:56:09 [Zakim]

the conference code is 965732 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), fjh

13:56:19 [brich]

zakim, aaaa is brich

13:56:19 [Zakim]

+brich; got it

13:56:19 [tlr]

tlr has joined #xmlsec

13:56:31 [Zakim]

+Frederick_Hirsch

13:56:47 [fjh]

zakim, who is here?

13:56:47 [Zakim]

On the phone I see brich, Frederick_Hirsch

13:56:48 [Zakim]

On IRC I see tlr, smullan, brich, Zakim, RRSAgent, fjh, klanz2, trackbot

13:57:05 [Zakim]

+ +1.617.876.aabb

13:57:30 [smullan]

zakim, aabb is smullan

13:57:30 [Zakim]

+smullan; got it

13:57:31 [tlr]

frederick, I might be 5-10min late

13:57:33 [tlr]

need to get something done between the calls

13:57:50 [Zakim]

+??P14

13:58:12 [fjh]

zakim, P14 is gerald

13:58:14 [Zakim]

sorry, fjh, I do not recognize a party named 'P14'

13:58:22 [fjh]

zakim, ??P14 is gerald

13:58:22 [Zakim]

+gerald; got it

13:58:30 [fjh]

zakim, who is here?

13:58:30 [Zakim]

On the phone I see brich, Frederick_Hirsch, smullan, gerald

13:58:31 [Zakim]

On IRC I see tlr, smullan, brich, Zakim, RRSAgent, fjh, klanz2, trackbot

13:58:34 [CGI624]

CGI624 has joined #xmlsec

13:59:32 [fjh]

http://www.w3.org/2008/xmlsec/Group/Scribe-Instructions.html

14:00:01 [CGI624]

help

14:00:05 [fjh]

zakim, CGI624 is gerald

14:00:06 [Zakim]

sorry, fjh, I do not recognize a party named 'CGI624'

14:00:09 [magnus]

magnus has joined #xmlsec

14:00:26 [Zakim]

+??P18

14:00:29 [csolc]

csolc has joined #xmlsec

14:00:36 [Zakim]

+ +1.303.229.aacc

14:00:41 [CGI080]

CGI080 has joined #xmlsec

14:00:49 [fjh]

zakim, ??P18 is rdmiller

14:00:49 [Zakim]

+rdmiller; got it

14:01:05 [CGI080]

Zakim: CGI080 is Gerald

14:01:29 [Norm]

Norm has joined #xmlsec

14:01:33 [CGI080]

zakim, CGI080 is Gerald

14:01:33 [Zakim]

sorry, CGI080, I do not recognize a party named 'CGI080'

14:01:36 [pdatta]

pdatta has joined #xmlsec

14:01:42 [jcruella]

jcruella has joined #xmlsec

14:01:54 [Zakim]

+ +1.650.879.aadd

14:01:56 [Zakim]

+ +5aaee

14:02:06 [csolc]

zakim, +5aaee is csolc

14:02:14 [Zakim]

+csolc; got it

14:02:16 [fjh]

zakim, aadd is magnus

14:02:23 [bhill]

bhill has joined #xmlsec

14:02:29 [Zakim]

+magnus; got it

14:02:51 [Zakim]

+Norm

14:02:54 [Zakim]

+Hal_Lockhart

14:02:59 [Zakim]

+??P3

14:03:00 [hal]

hal has joined #xmlsec

14:03:12 [CGI080]

zakim, who is here

14:03:16 [Zakim]

CGI080, you need to end that query with '?'

14:03:26 [CGI080]

zakim, who is here?

14:03:34 [fjh]

zakim, who is here?

14:03:35 [Zakim]

+??P9

14:03:41 [Zakim]

On the phone I see brich, Frederick_Hirsch, smullan, gerald, rdmiller, +1.303.229.aacc, magnus, csolc, Norm, Hal_Lockhart, ??P3, ??P9

14:03:41 [tlr]

zakim, call thomas-skype

14:03:51 [jcruella]

zakim, jcruella is myhandle

14:03:54 [bhill]

zakim aacc is bhill

14:03:55 [Zakim]

On the phone I see brich, Frederick_Hirsch, smullan, gerald, rdmiller, +1.303.229.aacc, magnus, csolc, Norm, Hal_Lockhart, ??P3, ??P9

14:03:55 [tlr]

zakim, I am thomas

14:03:58 [tlr]

zakim, mute me

14:04:14 [Zakim]

ok, tlr; the call is being made

14:04:16 [Zakim]

+Thomas

14:04:19 [tlr]

zakim, mute ??P3

14:04:20 [Zakim]

On IRC I see hal, bhill, jcruella, pdatta, Norm, CGI080, csolc, magnus, tlr, smullan, brich, Zakim, RRSAgent, fjh, klanz2, trackbot

14:04:24 [tlr]

klanz, say something

14:04:27 [Zakim]

sorry, jcruella, I do not recognize a party named 'jcruella'

14:04:31 [fjh]

zakim, who is here?

14:04:31 [Zakim]

ok, tlr, I now associate you with Thomas

14:04:35 [tlr]

zakim, ??P3 is klanz

14:04:35 [Zakim]

Thomas should now be muted

14:04:50 [tlr]

zakim, ??P3 is gerald

14:04:53 [tlr]

zakim, unmute ??P3

14:04:54 [CGI080]

Scribe: Gerald Edgar

14:04:58 [Zakim]

??P3 should now be muted

14:05:04 [fjh]

TOPIC: XProc discussion with Norm Walsh

14:05:06 [tlr]

ScribeNick: CGI080

14:05:06 [Zakim]

On the phone I see brich, Frederick_Hirsch, smullan, gerald, rdmiller, +1.303.229.aacc, magnus, csolc, Norm, Hal_Lockhart, ??P3 (muted), ??P9, Thomas (muted)

14:05:11 [jcruella]

zakim, ??P4 is jcruella

14:05:12 [Zakim]

+klanz; got it

14:05:20 [CGI080]

Zakim, who is here?

14:05:21 [Zakim]

I already had ??P3 as klanz, tlr

14:05:23 [Zakim]

sorry, tlr, I do not know which phone connection belongs to ??P3

14:05:33 [Zakim]

+[Oracle]

14:05:37 [Zakim]

On IRC I see hal, bhill, jcruella, pdatta, Norm, CGI080, csolc, magnus, tlr, smullan, brich, Zakim, RRSAgent, fjh, klanz2, trackbot

14:05:43 [Zakim]

I already had ??P4 as Norm, jcruella

14:05:46 [Zakim]

On the phone I see brich, Frederick_Hirsch, smullan, gerald, rdmiller, +1.303.229.aacc, magnus, csolc, Norm, Hal_Lockhart, klanz (muted), ??P9, Thomas (muted), [Oracle]

14:05:52 [CGI080]

Norm Walsh - XML processing group

14:05:52 [pdatta]

zakim, Oracle is pdatta

14:06:00 [Zakim]

On IRC I see hal, bhill, jcruella, pdatta, Norm, CGI080, csolc, magnus, tlr, smullan, brich, Zakim, RRSAgent, fjh, klanz2, trackbot

14:06:03 [Zakim]

+pdatta; got it

14:06:25 [bal]

bal has joined #xmlsec

14:07:02 [Zakim]

+ +1.206.726.aaff

14:07:02 [CGI080]

what is the impliucation of XML processing on encryption.

14:07:56 [CGI080]

xml processing there were aspects of security, but that was taken out. the recognition of the need was the propt to contact this (the XMLSEC) gorup.

14:08:33 [CGI080]

with XML processing, there are various operations in various orders.

14:08:45 [brich]

http://www.w3.org/TR/xproc/

14:10:12 [CGI080]

the goal is ot produce a language that enables people to define a sequences of preocesses. composing processes from other proccesses.

14:10:36 [bhill]

zakim, aacc is bhill

14:10:36 [Zakim]

+bhill; got it

14:11:30 [CGI080]

there are various steps available

14:11:54 [Zakim]

-Thomas

14:11:57 [CGI080]

(examples of steps given)

14:11:59 [tlr]

zakim, call thomas-skype

14:11:59 [Zakim]

ok, tlr; the call is being made

14:12:01 [Zakim]

+Thomas

14:12:02 [tlr]

zakim, I am thomas

14:12:02 [Zakim]

ok, tlr, I now associate you with Thomas

14:12:17 [CGI080]

Zakim, I am Gerald

14:12:17 [Zakim]

ok, CGI080, I now associate you with gerald

14:12:39 [klanz2]

http://www.w3.org/TR/xproc/#c.compare

14:12:54 [jcruella]

zakim, ??P9 is jcruella

14:12:54 [Zakim]

+jcruella; got it

14:13:01 [CGI080]

(discussion on parallel operations)

14:13:04 [Zakim]

+[Microsoft]

14:14:33 [CGI080]

a reference process model for xml signatures, to process a document , this is perhaps similar to an xproc pipeline.

14:15:40 [kyiu]

kyiu has joined #xmlsec

14:15:56 [kyiu]

zakim, who is here?

14:15:56 [Zakim]

On the phone I see brich, Frederick_Hirsch, smullan, gerald, rdmiller, bhill, magnus, csolc, Norm, Hal_Lockhart, klanz (muted), jcruella, Thomas, pdatta, bal (muted), [Microsoft]

14:15:59 [Zakim]

On IRC I see kyiu, bal, hal, bhill, jcruella, pdatta, Norm, CGI080, csolc, magnus, tlr, smullan, brich, Zakim, RRSAgent, fjh, klanz2, trackbot

14:16:10 [CGI080]

(discussion on transformation and processing)

14:17:03 [klanz2]

XMLDSig Transfroms chains defines that Inputs and outputs are either, node-set data or octet streams, beside that interoperability is the limit and that's a rather hard limit ...

14:18:14 [CGI080]

Xproc has an extensability model. example of RDF where they can define the required steps

14:19:01 [CGI080]

a security extention defining the steps for security could be done

14:19:46 [CGI080]

2 kinds of steps - atomic e.g. XSLT and compound, consistanting of other steps.

14:20:19 [CGI080]

enquption and decryption could be deinfed as compound steps.

14:20:35 [CGI080]

s/enquption/encryption/

14:21:14 [CGI080]

the XPROC courl at first saw security as atomic steps, but perhaps they were more complex

14:21:28 [CGI080]

s/courl/group/

14:22:19 [CGI080]

is it that people adopting xproc would have to redo their processes?

14:23:38 [CGI080]

Is there open-source available?

14:23:39 [tlr]

q?

14:23:50 [CGI080]

yes - e.g. "calabash"

14:23:57 [klanz2]

http://xmlcalabash.com/

14:24:10 [CGI080]

they are attempting to make this "steamable"

14:24:50 [CGI080]

there is no requirement for streamable. but a lot of the steps can steam.

14:24:52 [tlr]

zakim, who is muted?

14:24:52 [Zakim]

I see klanz, bal muted

14:24:56 [tlr]

zakim, mute me

14:24:56 [Zakim]

Thomas should now be muted

14:25:00 [CGI080]

Xpath as a performance issue.

14:25:34 [CGI080]

there is flexability to use XPath 1 or XPath 2

14:26:27 [CGI080]

most of the actions people use can use xpath 1 or xpath 2

14:26:31 [klanz2]

q+

14:26:43 [fjh]

ack klanz

14:27:12 [CGI080]

is there a requirement for fidelity or "rountripping" mode?

14:27:23 [CGI080]

what flows in the pipeline are infosets.

14:27:41 [CGI080]

rather than a sequence of byes.

14:27:52 [CGI080]

s/byes/bytes/

14:28:10 [fjh]

norm notes c14n would be serialization step, end of pipeline

14:28:32 [CGI080]

the only step requiring the input and the out being the same is the identity step.

14:29:26 [fjh]

norm notes implementation defined what done with document before handed to piipeline

14:29:56 [CGI080]

schma validation is a step that might be done before handing the infoset to the pipeline.

14:30:40 [fjh]

norm notes XPath serialization

14:31:15 [CGI080]

all the steps have serialization options.

14:32:44 [CGI080]

providing security steps to XProc will also entail specifying the required security options

14:33:12 [CGI080]

what is the difficulty for programmers to use this?

14:33:18 [klanz2]

<klanz2> Just, FYI ...

14:33:18 [klanz2]

<klanz2> ... then the additional serialization parameters MAY affect

14:33:18 [klanz2]

the output of the serializer to the extent (but only to the extent)

14:33:18 [klanz2]

that this specification leaves the output implementation-defined or

14:33:18 [klanz2]

implementation-dependent. ...

14:33:30 [klanz2]

from our last minutes: http://lists.w3.org/Archives/Public/public-xmlsec/2008Sep/0065.html

14:33:33 [CGI080]

will people learn to glue the primatives together?

14:34:26 [CGI080]

to use a pipeline rather than using a library. to make this as easy as an XSLT sylesheet

14:34:57 [CGI080]

the goal is to specify a standard XProc pipeline

14:37:50 [klanz2]

q+

14:38:10 [CGI080]

[norm] his view is that security is composed of compud steps.

14:38:28 [CGI080]

s/compud/compund/

14:38:40 [fjh]

norm notes may want compound step plus primatives

14:38:42 [fjh]

ack klanz

14:38:48 [hal]

q+

14:38:58 [CGI080]

[Konrad] is there a notion of payload?

14:40:34 [fjh]

norm notes, no protection from inherited namespace

14:40:44 [CGI080]

Norm: there is a notion of a payload - such as in an enclosed document

14:41:47 [CGI080]

Norm: there is work to define the security steps.

14:42:31 [CGI080]

Norm: he is willing to work with us on defining the steps.

14:42:40 [klanz2]

q?

14:42:43 [tlr]

q?

14:42:45 [fjh]

ack hal

14:43:14 [CGI080]

Hal: a notion of sending Xproc with a document.

14:43:20 [klanz2]

XProc is Code, good point Hal ...

14:43:27 [CGI080]

Norm: this is posable,

14:43:42 [CGI080]

Hal: this is a potential security hole.

14:43:42 [fjh]

norm notes security in 2.12, can send xproc with data

14:44:20 [CGI080]

Norm: there is not a notion of signing an XProc

14:45:02 [fjh]

norm notes have tried to keep core as small number of steps, 31, spec notes how to connect them

14:45:04 [CGI080]

Norm: they tried to minimize the basic steps (to 31)

14:45:05 [fjh]

q?

14:45:41 [CGI080]

Norm: defining security in terms of Xproc, he does not see a problem wiht that.

14:45:59 [CGI080]

s/wiht/with/

14:46:51 [CGI080]

Norm: to define security - it is reasonable to use signed xproc. the pipeline is an XML document, it too can be signed.

14:48:10 [CGI080]

Norm: if we define security within XProc, he thinks this would be accepted.

14:48:11 [brich]

+1 on additional time at F2F with Norm

14:48:47 [CGI080]

fjh: this would be a good idea to meet with XProc. Perhaps an hour to talk of this.

14:50:06 [Zakim]

-[Microsoft]

14:50:06 [CGI080]

Action: fjh to sceduale time with XProc group for security

14:50:06 [trackbot]

Created ACTION-75 - Sceduale time with XProc group for security [on Frederick Hirsch - due 2008-10-14].

14:50:07 [Zakim]

-Norm

14:50:27 [Zakim]

+[Microsoft]

14:50:56 [CGI080]

TOPIC: meeting planning

14:51:21 [CGI080]

fjh: no meeting next week

14:51:37 [CGI080]

review the agenda for the F2F

14:51:41 [fjh]

draft f2f agenda - http://lists.w3.org/Archives/Public/public-xmlsec/2008Sep/0067.html

14:52:12 [fjh]

http://www.w3.org/2008/xmlsec/Group/Overview.html

14:52:20 [CGI080]

fjh: do we need to cancel any meetings?

14:52:58 [tlr]

zakim, unmute me

14:52:58 [Zakim]

Thomas should no longer be muted

14:53:00 [CGI080]

meet after the F2F? on the 4th, and 11th. Cancel the 25th of November. (thanksgiving in the US)

14:53:33 [CGI080]

fjh: propose to cancel the 25

14:53:47 [CGI080]

resolution, Cancel the meeting on the 25th of November

14:54:01 [tlr]

my regrets for both of these

14:55:22 [CGI080]

tlr: we will have 8 calls before year-end to get the deliverables out.

14:55:28 [tlr]

s/tlr/fjh/

14:56:03 [CGI080]

resolution: Cancel the meetings on the 25th November

14:56:17 [CGI080]

RESOLUTION: Cancel the meetings on the 25th November

14:56:35 [CGI080]

RESOLUTION: Cancel the meetings on the 30th of December 2008.

14:56:52 [magnus]

Apologies, but I need to leave for another call now.

14:56:57 [CGI080]

TOPIC: Minutes Approval

14:57:06 [Zakim]

-magnus

14:57:12 [CGI080]

tlr: minor changes,

14:57:18 [tlr]

s/tlr/fjh/

14:57:35 [CGI080]

RESOLUTION: the minutes form the 23rd of September are approved.

14:57:48 [CGI080]

Topic: Liason

14:58:21 [CGI080]

fjh: meetings firmed up at the face to face

14:58:55 [CGI080]

There are pointers to materials in the agenda.

14:59:08 [fjh]

webapps http://lists.w3.org/Archives/Public/public-xmlsec/2008Sep/0076.html

15:00:00 [CGI080]

Pratik: xpath working group.

15:00:04 [tlr]

Michael Kay was with XSL

15:00:11 [tlr]

s/was/is/

15:01:34 [CGI080]

tlr: face to face planning. we need to have an adea of what we want to do

15:01:47 [tlr]

s/tlr/fjh/

15:01:47 [CGI080]

TOPIC: meeting planning

15:02:13 [CGI080]

we meet in January, the next might be in May.

15:02:46 [tlr]

2-6 November, Santa Clara

15:02:52 [CGI080]

The next Plenery is November 2-6 November

15:03:37 [jcruella]

May should be OK

15:03:45 [jcruella]

UPC could host if you want

15:03:53 [CGI080]

may is good for me too.

15:05:05 [CGI080]

it is not possable for me to know if I will be able to travel to europe next year

15:05:45 [CGI080]

meeting at the plenery - one more meeting to plan.

15:06:02 [tlr]

zakim, mute me

15:06:04 [Zakim]

Thomas should now be muted

15:06:08 [CGI080]

Santa CLara in January,

15:06:14 [CGI080]

TOPIC: Best practices

15:06:35 [CGI080]

tlr: the document has been edited.

15:06:48 [tlr]

s/anta CLara in January,/Redwood City in January, Santa Clara in November/

15:06:53 [tlr]

s/tlr:/fjh:/

15:07:05 [CGI080]

zakim, who is here?

15:07:05 [Zakim]

On the phone I see brich, Frederick_Hirsch, smullan, gerald, rdmiller, bhill, csolc, Hal_Lockhart, klanz, jcruella, Thomas (muted), pdatta, bal (muted), [Microsoft]

15:07:09 [Zakim]

On IRC I see kyiu, bal, hal, bhill, jcruella, pdatta, Norm, CGI080, csolc, tlr, smullan, brich, Zakim, RRSAgent, fjh, klanz2, trackbot

15:08:20 [fjh]

proposal 1 - http://lists.w3.org/Archives/Public/public-xmlsec/2008Sep/0068.html

15:09:04 [CGI080]

Review this to address issue 55 to change "should" to "it is recommended"

15:09:10 [bal]

zakim, unmute me

15:09:10 [Zakim]

bal should no longer be muted

15:09:39 [CGI080]

there is a need to review the document carefully.

15:09:47 [jcruella]

+q

15:10:19 [CGI080]

tlr: to review and approve the document so we can publish it.

15:10:20 [fjh]

ack jcruella

15:10:26 [tlr]

s/tlr/fjh/

15:10:41 [CGI080]

... sorry..

15:13:51 [CGI080]

RESOLUTION: The proposal for Issue-55 is accepted

15:13:52 [klanz2]

Not here http://lists.w3.org/Archives/Member/member-xmlsec/2008Oct/ and not here http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/

15:13:52 [klanz2]

JCC: maybe post again your comments to the list ...

15:14:57 [fjh]

proposal 2 - http://lists.w3.org/Archives/Public/public-xmlsec/2008Sep/0069.html

15:15:12 [CGI080]

FJH: issue -53 to reword the best practice - proposal 2

15:15:30 [jcruella]

I had sent the message to another list...apologies.. I have now sent the message to the public list.

15:15:59 [CGI080]

This would close Action 72

15:16:27 [fjh]

proposal 3 - http://lists.w3.org/Archives/Public/public-xmlsec/2008Sep/0070.html

15:16:37 [CGI080]

RESOLUTION: to accept the proposal for issue-55

15:16:54 [CGI080]

RESOLUTION: to accept the proposal for issue-53

15:17:49 [bal]

(sorry, i have to drop for a couple minutes, back shortly...)

15:17:55 [Zakim]

-bal

15:18:00 [CGI080]

(discussion on table of contents)

15:19:11 [CGI080]

fjh: accept the proposal to update the titles

15:19:13 [Zakim]

-jcruella

15:19:36 [fjh]

proposal 4 - ISSUE-56 Add references for timestamping proposal

15:19:39 [CGI080]

RESOLUTION: To accept the proposal to update the titles of the sections

15:19:45 [fjh]

http://lists.w3.org/Archives/Public/public-xmlsec/2008Sep/0071.html

15:20:03 [jcruella]

sorry... was dropped of the call....call back in few seconds

15:21:09 [fjh]

xades

15:21:15 [Zakim]

+bal

15:21:40 [CGI080]

fjh: To add the references to xades in the best practices

15:22:08 [Zakim]

+??P27

15:22:13 [CGI080]

RESOLUTION: To add the references to xades in the best practices

15:22:20 [jcruella]

zakim, ??P27 is jcruella

15:22:20 [Zakim]

+jcruella; got it

15:22:20 [fjh]

proposal 5 - http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0008.html

15:22:31 [tlr]

ACTION-70?

15:22:31 [trackbot]

ACTION-70 -- Thomas Roessler to propose disclaimer for SOTD -- due 2008-09-30 -- PENDINGREVIEW

15:22:31 [trackbot]

http://www.w3.org/2008/xmlsec/track/actions/70

15:22:35 [fjh]

zakim, who is here?

15:22:35 [Zakim]

On the phone I see brich, Frederick_Hirsch, smullan, gerald, rdmiller, bhill, csolc, Hal_Lockhart, klanz, Thomas (muted), pdatta, [Microsoft], bal (muted), jcruella

15:22:39 [Zakim]

On IRC I see kyiu, bal, hal, bhill, jcruella, pdatta, Norm, CGI080, csolc, tlr, smullan, brich, Zakim, RRSAgent, fjh, klanz2, trackbot

15:22:39 [tlr]

zakim, unmute me

15:22:39 [Zakim]

Thomas should no longer be muted

15:23:42 [tlr]

zakim, mute me

15:23:42 [Zakim]

Thomas should now be muted

15:23:56 [klanz2]

"XAdES_v1.3.2" "http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=21353" XML Advanced Electronic Signatures (XAdES). ETSI TS 101 903 V1.3.2 (2006-03) -> Talks about Timestamps for long term signatures ...

15:24:00 [CGI080]

Thomas: The wording that should be that the best practices are not normative. It is not a recommmendation.

15:24:22 [tlr]

ACTION-70 closed

15:24:23 [trackbot]

ACTION-70 Propose disclaimer for SOTD closed

15:25:03 [CGI080]

RESoLUTION: Accept the proposal from Action-70 from Thomas

15:25:17 [CGI080]

RESOLUTION: Accept the proposal from Action-70 from Thomas

15:25:18 [jcruella]

XAdES: the reference should include the complete title... could you put an action on me for providing it?

15:26:08 [fjh]

additional item from Bruce - http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0012.html

15:26:40 [CGI080]

ACTION: jcruella to provide the complete title of XAdES for the best practices reference

15:26:41 [trackbot]

Created ACTION-76 - Provide the complete title of XAdES for the best practices reference [on Juan Carlos Cruellas - due 2008-10-14].

15:26:48 [Norm]

Norm has left #xmlsec

15:27:48 [fjh]

pratik notes that example was deliberate

15:29:13 [CGI080]

Pratik: to address "E2" to update the document and accept changes raised in terms of the corrections

15:29:46 [CGI080]

RESOLUTION: to accept the corrections from Bruce

15:30:24 [CGI080]

RESOLUTION: TO accept changes raised in terms of the corrections.

15:30:50 [tlr]

back

15:32:27 [CGI080]

ACTION: Thomas to deal with the titling

15:32:27 [trackbot]

Created ACTION-77 - Deal with the titling [on Thomas Roessler - due 2008-10-14].

15:33:46 [tlr]

action-77?

15:33:46 [trackbot]

ACTION-77 -- Thomas Roessler to deal with the titling -- due 2008-10-14 -- OPEN

15:33:46 [trackbot]

http://www.w3.org/2008/xmlsec/track/actions/77

15:33:51 [CGI080]

ACTION: Pratik will add the time stamp reference to the best practices

15:33:51 [trackbot]

Created ACTION-78 - Will add the time stamp reference to the best practices [on Pratik Datta - due 2008-10-14].

15:35:09 [CGI080]

ACTION: fjh to address Action-53, Action-55 and action-70

15:35:09 [trackbot]

Created ACTION-79 - Address Action-53, Action-55 and action-70 [on Frederick Hirsch - due 2008-10-14].

15:35:51 [jcruella]

jcruella has joined #xmlsec

15:36:35 [fjh]

zakim, who is making noise?

15:36:45 [Zakim]

fjh, listening for 10 seconds I heard sound from the following: jcruella (76%), pdatta (28%)

15:36:54 [fjh]

jcc notes best practice 1 and 3

15:37:06 [CGI080]

Juan Carlos: Best practice 1 and 3 to subsitiute terms

15:37:25 [CGI080]

s/subsitiute/substitute/

15:37:38 [jcruella]

Best Practice 1: Mitigate denial of service attacks by executing potentially dangerous operations only after authenticating the signature.

15:38:01 [fjh]

jcc notes text talks about building trust

15:38:06 [jcruella]

Best Practice 3: Establish trust in the verification/validation key.

15:38:08 [CGI080]

jcruella: a need to extablish trust

15:38:24 [fjh]

jcc notes duplication

15:38:54 [fjh]

jcc suggestion changing title of bp #1 only after estabishing trust in the key

15:39:06 [jcruella]

Best Practice 1: Mitigate denial of service attacks by executing potentially dangerous operations only after establishing trust in the verification/validation key

15:39:19 [jcruella]

and eliminate best practice 3.

15:40:24 [jcruella]

Step 1 fetch the verification key and establish trust in that key

15:40:39 [CGI080]

fjh: edit the document that we can look at a complete draft rather than scattered proposals and fragments.

15:40:43 [fjh]

http://www.w3.org/2007/xmlsec/Drafts/xmldsig-bestpractices/

15:43:09 [CGI080]

TOPIC: Web App

15:43:10 [fjh]

WebApps SHA-1 Algorithm

15:43:22 [fjh]

http://lists.w3.org/Archives/Public/public-xmlsec/2008Sep/0077.html

15:43:51 [CGI080]

take a look at the message on the mailing list - profiling on SHA-1

15:44:07 [CGI080]

Topic: V.Next

15:44:19 [CGI080]

TOPIC: V.Next

15:44:19 [fjh]

http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0000.html

15:44:21 [klanz2]

http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0000.html

15:44:46 [fjh]

rovide proposal on list regarding transform primitives

15:45:28 [fjh]

konrad suggests having simple transforms that can be implemented in parallel

15:46:06 [fjh]

konrad suggests they be idempotent

15:46:19 [CGI080]

Konrad: a collection of simple transforms potentially to be executred in parrallel

15:47:52 [CGI080]

is this like steps in xproc? no, there are differences.

15:48:46 [CGI080]

Konrad:L XPROC is much powerful than we need for signatures

15:49:32 [CGI080]

Konrad: he is seeking simplification

15:49:55 [CGI080]

TOPIC: Conicalization Errata

15:49:59 [fjh]

http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0003.html

15:50:18 [tlr]

ack thomas

15:51:33 [CGI080]

what happens if an XML docuemnt incloudes a references to an XML name space and its effects on cononicalization

15:52:28 [tlr]

zakim, mute me

15:52:28 [Zakim]

Thomas should now be muted

15:52:35 [tlr]

zakim, unmute me

15:52:35 [Zakim]

Thomas should no longer be muted

15:53:38 [CGI080]

Konrad: problems with a data model underneath c14n with xpath

15:54:02 [fjh]

Hoylen

15:54:07 [tlr]

ACTION: konrad to propose answer to http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0003.html

15:54:07 [trackbot]

Created ACTION-80 - Propose answer to http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0003.html [on Konrad Lanz - due 2008-10-14].

15:54:30 [CGI080]

ACTION: klanz2 to provide an answer from hoylen

15:54:31 [trackbot]

Created ACTION-81 - Provide an answer from hoylen [on Konrad Lanz - due 2008-10-14].

15:54:42 [tlr]

topic: Actions pending review

15:54:43 [CGI080]

TOPIC: Pending actions

15:55:30 [CGI080]

RESOLUTION: that all pending actions are close

15:55:53 [tlr]

ACTION-4 closed

15:55:53 [trackbot]

ACTION-4 Arrange joint F2F meetings closed

15:55:55 [tlr]

ACTION-19 closed

15:55:55 [trackbot]

ACTION-19 Evaluate Issues and Actions for appropriate placement closed

15:55:56 [klanz2]

http://www.w3.org/TR/xml-c14n.html#ProcessingModel

15:55:56 [klanz2]

To finish processing L, simply process every namespace node in L, except omit namespace node with local name xml, which defines the xml prefix, if its string value is http://www.w3.org/XML/1998/namespace.

15:55:58 [tlr]

ACTION-65 closed

15:55:58 [trackbot]

ACTION-65 Document use case and semantics of byte-range signatures. closed

15:56:00 [CGI080]

TOPIC: Other business

15:56:02 [tlr]

ACTION-67 closed

15:56:02 [trackbot]

ACTION-67 Edit best practices to implement Scott's and his own changes; see http://www.w3.org/2008/09/23-xmlsec-irc#T14-20-33 closed

15:56:07 [tlr]

ACTION-68 closed

15:56:07 [trackbot]

ACTION-68 Implement http://www.w3.org/2008/09/23-xmlsec-irc#T14-25-06, http://www.w3.org/2008/09/23-xmlsec-irc#T14-24-47 closed

15:56:09 [tlr]

ACTION-72 closed

15:56:09 [trackbot]

ACTION-72 Contribute synopsis for each best practice closed

15:56:17 [fjh]

zakim, who is here?

15:56:17 [Zakim]

On the phone I see brich, Frederick_Hirsch, smullan, gerald, rdmiller, bhill, csolc, Hal_Lockhart, klanz, Thomas, pdatta, [Microsoft], bal (muted), jcruella

15:56:20 [Zakim]

On IRC I see jcruella, kyiu, bal, hal, bhill, pdatta, CGI080, csolc, tlr, smullan, brich, Zakim, RRSAgent, fjh, klanz2, trackbot

15:57:36 [tlr]

zakim, unmute me

15:57:36 [Zakim]

Thomas was not muted, tlr

15:58:36 [Zakim]

-rdmiller

15:58:38 [Zakim]

-smullan

15:58:42 [Zakim]

-bal

15:58:45 [Zakim]

-jcruella

15:58:46 [pdatta]

pdatta has left #xmlsec

15:58:47 [Zakim]

-csolc

15:58:50 [Zakim]

-Hal_Lockhart

15:58:51 [Zakim]

-brich

15:58:52 [Zakim]

-pdatta

15:58:53 [Zakim]

-bhill

15:58:54 [Zakim]

-Thomas

15:58:56 [Zakim]

-[Microsoft]

15:58:57 [Zakim]

-klanz

15:59:11 [fjh]

Zakim, list participants

15:59:11 [Zakim]

As of this point the attendees have been +1.512.401.aaaa, brich, Frederick_Hirsch, +1.617.876.aabb, smullan, gerald, +1.303.229.aacc, rdmiller, +1.650.879.aadd, csolc, magnus,

15:59:15 [Zakim]

... Norm, Hal_Lockhart, Thomas, klanz, pdatta, +1.206.726.aaff, bal, bhill, jcruella, [Microsoft]

15:59:25 [fjh]

Regrets+ Shivaram Mysore

15:59:36 [fjh]

RRSAgent, generate minutes

15:59:36 [RRSAgent]

I have made the request to generate http://www.w3.org/2008/10/07-xmlsec-minutes.html fjh

16:00:29 [fjh]

zakim,who is here?

16:00:29 [Zakim]

On the phone I see Frederick_Hirsch, gerald

16:00:30 [Zakim]

On IRC I see jcruella, kyiu, CGI080, tlr, brich, Zakim, RRSAgent, fjh, klanz2, trackbot

16:01:03 [fjh]

http://www.w3.org/2008/10/07-xmlsec-minutes.html

16:01:33 [Zakim]

-gerald

16:01:35 [Zakim]

-Frederick_Hirsch

16:01:36 [Zakim]

T&S_XMLSEC()10:00AM has ended

16:01:37 [Zakim]

Attendees were +1.512.401.aaaa, brich, Frederick_Hirsch, +1.617.876.aabb, smullan, gerald, +1.303.229.aacc, rdmiller, +1.650.879.aadd, csolc, magnus, Norm, Hal_Lockhart, Thomas,

16:01:39 [Zakim]

... klanz, pdatta, +1.206.726.aaff, bal, bhill, jcruella, [Microsoft]