IRC log of xmlsec on 2008-12-02

Timestamps are in UTC.

14:51:34 [RRSAgent]
RRSAgent has joined #xmlsec
14:51:34 [RRSAgent]
logging to http://www.w3.org/2008/12/02-xmlsec-irc
14:51:36 [trackbot]
RRSAgent, make logs member
14:51:36 [Zakim]
Zakim has joined #xmlsec
14:51:38 [trackbot]
Zakim, this will be XMLSEC
14:51:38 [Zakim]
ok, trackbot; I see T&S_XMLSEC()10:00AM scheduled to start in 9 minutes
14:51:39 [trackbot]
Meeting: XML Security Working Group Teleconference
14:51:39 [trackbot]
Date: 02 December 2008
14:52:00 [fjh]
Chair: Frederick Hirsch
14:52:30 [smullan]
smullan has joined #xmlsec
14:52:37 [fjh]
Agenda: http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0003.html
14:53:09 [tlr]
on a call
14:53:25 [fjh]
Regrets: Juan Carlos Cruellas, Konrad Lanz, Ed Simon
14:53:57 [csolc]
csolc has joined #xmlsec
14:54:11 [scantor]
scantor has joined #xmlsec
14:54:31 [scantor]
ok
14:54:42 [scantor]
yeah
14:54:52 [fjh]
Scribe: Scott Cantor
14:55:06 [fjh]
zakim, what is the code?
14:55:06 [Zakim]
the conference code is 965732 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), fjh
14:55:16 [Zakim]
T&S_XMLSEC()10:00AM has now started
14:55:22 [Zakim]
+scantor
14:55:57 [Zakim]
+smullan
14:56:59 [Zakim]
+Frederick_Hirsch
14:57:29 [magnus]
magnus has joined #xmlsec
14:58:35 [fjh]
Agenda: http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0003.html
14:59:50 [shivaram]
shivaram has joined #xmlsec
15:00:06 [Zakim]
+Robert_Miller
15:00:09 [Zakim]
+csolc
15:00:45 [fjh]
zakim, who is here?
15:00:45 [Zakim]
On the phone I see scantor, smullan, Frederick_Hirsch, Robert_Miller, csolc
15:00:47 [Zakim]
On IRC I see shivaram, magnus, scantor, csolc, smullan, Zakim, RRSAgent, fjh, anil, tlr, trackbot
15:00:49 [Zakim]
+shivaram
15:00:54 [tlr]
zakim, call thomas-781
15:00:54 [Zakim]
ok, tlr; the call is being made
15:00:58 [Zakim]
+Thomas
15:01:02 [shivaram]
zakim, mute me
15:01:12 [Zakim]
shivaram should now be muted
15:01:46 [fjh]
zakim, who is here?
15:01:46 [Zakim]
On the phone I see scantor, smullan, Frederick_Hirsch, Robert_Miller, csolc, shivaram (muted), Thomas
15:01:48 [Zakim]
On IRC I see shivaram, magnus, scantor, csolc, smullan, Zakim, RRSAgent, fjh, anil, tlr, trackbot
15:01:51 [brich]
brich has joined #xmlsec
15:02:10 [scantor]
TOPIC: Administratrivia
15:02:14 [Zakim]
+ +04670941aaaa
15:02:19 [rdmiller]
rdmiller has joined #xmlsec
15:02:21 [Zakim]
+ +1.512.286.aabb
15:02:29 [tlr]
zakim, aaaa is magnus
15:02:29 [Zakim]
+magnus; got it
15:02:31 [fjh]
zakim, aaaa is magnus
15:02:31 [Zakim]
sorry, fjh, I do not recognize a party named 'aaaa'
15:02:34 [bhill]
bhill has joined #xmlsec
15:02:37 [brich]
zakim, aabb is brich
15:02:38 [Zakim]
+brich; got it
15:03:03 [fjh]
F2F 13-14 January
15:03:15 [fjh]
logistics http://lists.w3.org/Archives/Member/member-xmlsec/2008Nov/0035.html
15:03:26 [fjh]
registratiion page http://www.w3.org/2002/09/wbs/42458/xmlsecredwood0109/
15:03:35 [Zakim]
+bhill
15:04:10 [scantor]
TOPIC: Liasons
15:04:29 [fjh]
ws-policy errata
15:04:30 [fjh]
http://lists.w3.org/Archives/Public/public-ws-policy/2008Nov/0002.html
15:04:47 [pdatta]
pdatta has joined #xmlsec
15:05:03 [scantor]
TOPIC: Announcements
15:05:18 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec/2008Nov/0053.html
15:05:33 [fjh]
FIPS 186-3 (DSS)
15:05:48 [fjh]
please review and indicate any comments on the public list
15:05:52 [Zakim]
+[Oracle]
15:06:12 [fjh]
zakim, [Oracle] is pdatta
15:06:12 [Zakim]
+pdatta; got it
15:06:14 [bal]
bal has joined #xmlsec
15:06:45 [scantor]
pdatta: needs attendance info for F2F a week before the meeting
15:06:47 [Zakim]
+bal
15:07:12 [scantor]
TOPIC: Minutes Approval
15:07:32 [fjh]
http://www.w3.org/2008/11/18-xmlsec-minutes
15:07:39 [scantor]
RESOLUTION: Minutes for 18 Nov 2008 approved
15:07:53 [tlr]
so marked
15:07:55 [scantor]
TOPIC: Issues
15:08:04 [fjh]
ISSUE-72 closed, requirement for DTD solved (up to WG, though preferred)
15:08:17 [scantor]
TOPIC: Best Practices
15:08:22 [fjh]
Default attributes in XML Signature
15:08:28 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec/2008Nov/0054.html
15:09:16 [fjh]
sean msg http://lists.w3.org/Archives/Public/public-xmlsec/2008Nov/0055.html
15:10:44 [fjh]
proposed resolution: adopt the proposal from magnus regarding default attributes, removing material starting with "Another possibility"
15:11:19 [brich]
+1
15:12:06 [scantor]
RESOLUTION: adopt the proposal from magnus regarding default attributes, removing material starting with "Another possibility"
15:12:43 [kyiu]
kyiu has joined #xmlsec
15:12:51 [scantor]
ACTION: fjh to add default attribute language to Best Practices doc
15:12:51 [trackbot]
Created ACTION-111 - Add default attribute language to Best Practices doc [on Frederick Hirsch - due 2008-12-09].
15:13:00 [scantor]
TOPIC: 1.1 draft
15:13:09 [fjh]
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm
15:13:19 [fjh]
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/xmldsig-ecc.xsd
15:13:26 [fjh]
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview_diff.htm
15:13:36 [scantor]
fjh: suggested we drop DSA from required list
15:13:41 [fjh]
Still require DSAwithSHA1?
15:13:51 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec/2008Dec/0000.html
15:14:13 [scantor]
bal: original key size defined was too small anyway, and the RSA patent was the big driver for DSA
15:14:48 [Zakim]
+ +1.425.237.aacc
15:15:03 [csolc]
required for verification
15:15:04 [scantor]
bal: would prefer to see it optional, not even recommended
15:15:12 [rdmiller]
+1
15:15:18 [Gerald-Edgar]
Gerald-Edgar has joined #xmlsec
15:16:52 [csolc]
q+
15:17:34 [scantor]
bal: might want to say something about key size anyway, if it's left as required for verifying
15:18:50 [fhirsch3]
fhirsch3 has joined #xmlsec
15:19:23 [Zakim]
+[Microsoft]
15:19:25 [scantor]
bal: would prefer not to see it as recommended at all, and have the spec make it optional and note the issues around it
15:20:54 [scantor]
csolc: needs tp be required to verify, but we need language either way explaining the issues
15:21:00 [scantor]
s/tp/to
15:21:32 [scantor]
ACTION: bal to draft text on DSA issues for 1.1
15:21:32 [trackbot]
Created ACTION-112 - Draft text on DSA issues for 1.1 [on Brian LaMacchia - due 2008-12-09].
15:21:38 [csolc]
q-
15:22:24 [fhirsch3]
ietf feedback - http://lists.w3.org/Archives/Member/member-xmlsec/2008Dec/0001.html
15:23:24 [scantor]
fjh: need feedback from implementers on algorithm changes
15:24:02 [fhirsch3]
Brian action should include drafting language about MUST and MAY for DSAwithSHA1
15:24:41 [fjh]
zakim, [Microsoft] is kyiu
15:24:41 [Zakim]
+kyiu; got it
15:27:05 [scantor]
fjh: want to publish a draft of 1.1 in January
15:28:42 [tlr]
ISSUE-50?
15:28:42 [trackbot]
ISSUE-50 -- Missing < in closing DigestValue element tag -- OPEN
15:28:42 [trackbot]
http://www.w3.org/2008/xmlsec/track/issues/50
15:28:51 [scantor]
fjh: would be good for tlr to get versioning text out to the list
15:29:10 [tlr]
ACTION: tlr to suggest text re versioning and namespaces for XML Signature
15:29:10 [trackbot]
Created ACTION-113 - Suggest text re versioning and namespaces for XML Signature [on Thomas Roessler - due 2008-12-09].
15:29:59 [Zakim]
-magnus
15:30:30 [fjh]
scott noted some 1.1 cleanup for text language eg RetrievalMethod etc could be useful
15:32:23 [Zakim]
-bal
15:32:40 [smullan]
q+
15:33:02 [scantor]
pdatta: think most of the newer proposals would be for 2.0, so not a short term impact on 1.1
15:33:02 [fjh]
group notes that streaming and transform material in 2.0
15:33:08 [fjh]
ack smullan
15:33:43 [fjh]
sean notes could encourage XPath filter in 1.1 instead of XPath
15:33:52 [tlr]
q+
15:33:58 [csolc]
+1
15:34:12 [fjh]
ack tlr
15:35:09 [csolc]
q+
15:35:25 [scantor]
tlr: how much effort do we spend on the current transform model?
15:35:32 [fjh]
ack csolc
15:36:05 [scantor]
csolc: supports moving some transforms to optional to give people a warning about 2.0
15:36:13 [fjh]
csolc notes moving transforms to optional in 1.1 is a heads up for 2.0
15:37:08 [brich]
q+
15:38:08 [fjh]
ack brich
15:38:31 [scantor]
brich: seemed that 1.1 would be for adding algorithms, and 2.0 would take things out
15:38:55 [fjh]
fjh notes that 1.1 could have some clarifications - need to give heads up in email announcing 1.1 about 2.0, request feedback on 1.1 and requirements for 2.0
15:42:52 [scantor]
ACTION: scantor to propose language improvements for 1.1 draft
15:42:52 [trackbot]
Created ACTION-114 - Propose language improvements for 1.1 draft [on Scott Cantor - due 2008-12-09].
15:44:16 [scantor]
ACTION: smullan to craft language on encouraging XPath2 Filter for Best Practices doc
15:44:16 [trackbot]
Created ACTION-115 - Craft language on encouraging XPath2 Filter for Best Practices doc [on Sean Mullan - due 2008-12-09].
15:44:33 [scantor]
TOPIC: Certificate Encoding
15:44:45 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec/2008Nov/0050.html
15:45:06 [fjh]
scott outlined his proposal for 1.1 and also the best practices
15:45:32 [fjh]
scott noted based on text from Magnus with additions
15:46:42 [scantor]
RESOLUTION: accept proposed text for 1.1 and BP drafts
15:47:03 [scantor]
ACTION: fjh to add approved certificate encoding text to drafts
15:47:03 [trackbot]
Created ACTION-116 - Add approved certificate encoding text to drafts [on Frederick Hirsch - due 2008-12-09].
15:47:12 [scantor]
TOPIC: Public Web Site
15:47:34 [fjh]
http://lists.w3.org/Archives/Member/member-xmlsec/2008Nov/0033.html
15:47:38 [shivaram]
zakim, unmute me
15:47:38 [Zakim]
shivaram should no longer be muted
15:48:41 [Zakim]
+hlockhart
15:48:41 [shivaram]
zakim, mute me
15:48:41 [Zakim]
shivaram should now be muted
15:48:56 [scantor]
RESOLUTION: approved updates to public web site
15:49:05 [scantor]
TOPIC: XMLSignature schema
15:49:14 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec/2008Nov/0049.html
15:49:54 [fjh]
scott recorded issues he noted with xml Signature schema, in four categories
15:50:29 [fjh]
scott noted IDs, Attribute Extensibility, Mixed Content, KeyInfo child issues as issues
15:50:47 [fjh]
scott noted not a generic schema redesign from scratch but note of issues
15:54:16 [fjh]
scott noted that may not want to pass bare keys exactly as OpenSSL but need to do something, this would be a new element
15:55:39 [fjh]
scott asks is it appropriate for 1.1 to add this addition for key?
15:56:34 [fjh]
scott or additional document , perhaps using 2.0 namespace in advance
15:57:31 [scantor]
ACTION: scantor to propose a schema and language for bare key encoding in KeyInfo
15:57:31 [trackbot]
Created ACTION-117 - Propose a schema and language for bare key encoding in KeyInfo [on Scott Cantor - due 2008-12-09].
15:59:28 [fjh]
scott notes could use separate namespace for this, not 2.0 or 1.0
15:59:44 [fjh]
need to determine namespace to use for this
15:59:57 [fjh]
s/XMLSignature/XML Signature/
16:01:07 [scantor]
TOPIC: Requirements
16:01:24 [fjh]
updated draft http://lists.w3.org/Archives/Public/public-xmlsec/2008Nov/0044.html
16:01:57 [fjh]
web services requirements http://lists.w3.org/Archives/Public/public-xmlsec/2008Sep/0036.html
16:02:45 [scantor]
RESOLUTION: add Hal's text to requirements doc
16:03:12 [scantor]
ACTION: fjh to add web services text from Hal to Requirements draft
16:03:12 [trackbot]
Created ACTION-118 - Add web services text from Hal to Requirements draft [on Frederick Hirsch - due 2008-12-09].
16:04:22 [fjh]
http://www.w3.org/2008/xmlsec/Drafts/transform-note/Overview.html
16:05:47 [scantor]
ACTION: fjh to add pointer to Transforms note to Requirements draft
16:05:47 [trackbot]
Created ACTION-119 - Add pointer to Transforms note to Requirements draft [on Frederick Hirsch - due 2008-12-09].
16:07:35 [scantor]
TOPIC: Signature Metadata
16:07:40 [fjh]
ISSUE-32, http://www.w3.org/2008/xmlsec/track/issues/32
16:08:14 [scantor]
fjh: do we need to add metadata as a requirement for 2.0?
16:09:22 [fjh]
scott notes that this is about signing context, signer etc. Appropriate to signature from business sense...
16:10:38 [csolc]
new namespace and add a version attribute.
16:11:08 [Gerald-Edgar]
What kind of metadata are we speaking of? it could be anything about the signature. Will we be defing a standard set of metadata? One example would be the relation of the signature applied to other signatures such as signatures with expired certificates.
16:11:23 [hlockhar]
hlockhar has joined #xmlsec
16:12:57 [fjh]
scott notes for whitespace topic could have class of documents that are not mixed content, hence requirement on c14n
16:14:35 [scantor]
fjh: please send suggestions for F2F topics to list
16:15:07 [scantor]
fjh: will close pending actions
16:16:41 [fjh]
tlr has items for 1.1 including separating normative and informative references, so keep ACTION-2 open
16:17:49 [tlr]
sorry, it's been a crazy couple of weeks
16:18:29 [scantor]
TOPIC: Open Action Items
16:18:38 [shivaram]
zakim, unmute me
16:18:38 [Zakim]
shivaram should no longer be muted
16:19:40 [shivaram]
zakim, mute me
16:19:40 [Zakim]
shivaram should now be muted
16:21:23 [scantor]
tlr: W3C notes can be done as HTML or with xmlspec to generate the HTML
16:22:52 [fjh]
http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0042.html
16:23:56 [fjh]
algorithm uri, document reference, what it is
16:24:12 [fjh]
additional comment
16:28:06 [smullan]
smullan has joined #xmlsec
16:28:58 [scantor]
TOPIC: Open Issues
16:29:20 [scantor]
fjh reviewed open issues
16:31:45 [fjh]
issue74 hmac-sha256 required in 1.1?
16:32:35 [kyiu]
I think the issue is referring to a question about the status of HMAC-SHA256 in SP 800-57 Part 1
16:34:03 [scantor]
ACTION: kyiu to review SP 800-57 for HMAC-SHA256 item
16:34:04 [trackbot]
Created ACTION-120 - Review SP 800-57 for HMAC-SHA256 item [on Kelvin Yiu - due 2008-12-09].
16:34:22 [fjh]
issue-77 ordering requirement in signature 1.1
16:36:02 [scantor]
ISSUE-70 closed
16:36:13 [bhill]
bhill has joined #xmlsec
16:36:52 [scantor]
Issue-77 can be closed
16:37:55 [Zakim]
-pdatta
16:37:56 [Zakim]
-hlockhart
16:37:58 [Zakim]
-shivaram
16:37:58 [Zakim]
-csolc
16:37:59 [Zakim]
-brich
16:38:00 [Zakim]
-smullan
16:38:01 [Zakim]
- +1.425.237.aacc
16:38:06 [Zakim]
-kyiu
16:38:08 [Zakim]
-Robert_Miller
16:38:13 [scantor]
Zakim, list participants
16:38:13 [Zakim]
As of this point the attendees have been scantor, smullan, Frederick_Hirsch, Robert_Miller, csolc, shivaram, Thomas, +04670941aaaa, +1.512.286.aabb, magnus, brich, bhill, pdatta,
16:38:17 [Zakim]
... bal, +1.425.237.aacc, kyiu, hlockhart
16:38:31 [Zakim]
-bhill
16:38:36 [fjh]
RRSAgent, generate minutes
16:38:36 [RRSAgent]
I have made the request to generate http://www.w3.org/2008/12/02-xmlsec-minutes.html fjh
16:39:20 [Zakim]
-Frederick_Hirsch
16:39:21 [Zakim]
-scantor
17:05:00 [Zakim]
disconnecting the lone participant, Thomas, in T&S_XMLSEC()10:00AM
17:05:01 [Zakim]
T&S_XMLSEC()10:00AM has ended
17:05:03 [Zakim]
Attendees were scantor, smullan, Frederick_Hirsch, Robert_Miller, csolc, shivaram, Thomas, +04670941aaaa, +1.512.286.aabb, magnus, brich, bhill, pdatta, bal, +1.425.237.aacc, kyiu,
17:05:05 [Zakim]
... hlockhart
19:01:14 [Zakim]
Zakim has left #xmlsec
19:47:42 [anil]
anil has joined #xmlsec
23:45:45 [anil]
anil has left #xmlsec