14:45:14 RRSAgent has joined #xmlsec 14:45:14 logging to http://www.w3.org/2009/11/17-xmlsec-irc 14:45:16 RRSAgent, make logs member 14:45:16 Zakim has joined #xmlsec 14:45:18 Zakim, this will be XMLSEC 14:45:18 ok, trackbot; I see T&S_XMLSEC()10:00AM scheduled to start in 15 minutes 14:45:19 Meeting: XML Security Working Group Teleconference 14:45:19 Date: 17 November 2009 14:45:46 Chair: Frederick Hirsch 14:46:12 Agenda: http://lists.w3.org/Archives/Public/public-xmlsec/2009Nov/0040.html 14:47:07 fhirsch has changed the topic to: XMLSec teleconf code 965732# agenda http://lists.w3.org/Archives/Public/public-xmlsec/2009Nov/0040.html , please register with Present+ first_last and update zakim handle, zakim, aaa is handle 14:51:31 Cynthia has joined #xmlsec 14:53:21 Yes I can, no I didn't scibe at the f2f 14:54:03 ScribeNick: Cynthia 14:54:15 s/Yes.*f2f// 14:54:26 T&S_XMLSEC()10:00AM has now started 14:54:32 + +1.301.448.aaaa 14:54:44 I am dialed in already 14:54:53 the connection here is super slow 14:55:10 +[IPcaller] 14:55:15 RRSAgent, make log member 14:55:28 Zakim, this will be XMLSEC 14:55:28 ok, Cynthia, I see T&S_XMLSEC()10:00AM already started 14:57:29 TOPIC: Administrivia: scribe confirmation 14:57:50 Cynthia volunteered to scribe 14:57:56 esimon2 has joined #xmlsec 14:58:39 zakim, call thomas-skype 14:58:39 ok, tlr; the call is being made 14:58:40 +Thomas 14:58:52 zakim, I am thomas 14:58:52 ok, tlr, I now associate you with Thomas 14:58:53 zakim, mute me 14:58:53 Thomas should now be muted 14:59:26 SAAG 1.1 Last Call warning note 14:59:30 ack thom 14:59:38 http://lists.w3.org/Archives/Public/public-xmlsec/2009Nov/0028.html 14:59:41 scantor has joined #xmlsec 14:59:42 zakim, mute me 14:59:43 Thomas should now be muted 14:59:56 Publication moratoria 15:00:07 http://lists.w3.org/Archives/Member/member-xmlsec/2009Nov/0011.html 15:00:19 csolc has joined #xmlsec 15:00:30 Present+ Chris_Solc 15:00:39 +scantor 15:00:48 Present+ Scott_Cantor 15:01:49 +csolc 15:02:15 G-Edgar has joined #xmlsec 15:02:19 + +1.617.876.aabb 15:02:27 pdatta has joined #xmlsec 15:02:36 +Ed_Simon 15:02:41 zakim, aabb is sean 15:02:48 aldrin has joined #xmlsec 15:03:09 +sean; got it 15:03:17 Present+ Sean_Mullan, Frederick_Hirsch, Thomas_Roessler 15:03:18 I am on IRC, but I will not be able to call in just yet 15:03:28 zakim, who is here? 15:03:32 mullan has joined #xmlsec 15:03:37 +[Oracle] 15:03:40 On the phone I see cynthia, fhirsch, Thomas (muted), scantor, csolc, sean, Ed_Simon, [Oracle] 15:03:47 On IRC I see mullan, aldrin, pdatta, G-Edgar, csolc, scantor, esimon2, Cynthia, Zakim, RRSAgent, fhirsch, tlr, trackbot 15:03:49 zakim, Oracle is pdatta 15:03:55 +pdatta; got it 15:04:19 Present+ Pratik_Datta 15:04:24 brich has joined #xmlsec 15:04:28 + +1.206.679.aacc 15:04:42 Present+ Brian_LaMacchia 15:04:45 shivaram has joined #xmlsec 15:04:47 zakim, aacc is bal 15:04:53 + +1.512.286.aadd 15:04:55 +bal; got it 15:05:40 +shivaram 15:05:49 zakim, mute me 15:05:49 shivaram should now be muted 15:05:57 +??P46 15:06:07 Will not go to last call yet, will wait, too many issues 15:06:41 ack thom 15:06:48 zakim, mute ??P46 15:06:48 ??P46 should now be muted 15:06:53 zakim, mute shivaram 15:06:53 Present+ Aldrin_DSouza 15:06:54 shivaram was already muted, tlr 15:06:57 zakim, mute me 15:06:57 Thomas should now be muted 15:07:00 wtf? 15:07:00 zakim, mute thomas 15:07:00 Thomas was already muted, fhirsch 15:07:04 zakim, who is making noise? 15:07:07 zakim, mute me 15:07:08 fhirsch should now be muted 15:07:14 zakim, unmute me 15:07:14 fhirsch should no longer be muted 15:07:17 tlr, listening for 10 seconds I could not identify any sounds 15:07:20 ugh 15:07:22 zakim, drop thomas 15:07:24 I am on IRC, but I will not be able to call in just yet 15:07:24 Thomas is being disconnected 15:07:27 -Thomas 15:07:27 zakim, call thomas-skype 15:07:33 ok, tlr; the call is being made 15:07:35 +Thomas 15:07:44 zakim, mute brich 15:07:44 brich should now be muted 15:07:45 zakim, mute bal 15:07:45 bal should now be muted 15:08:17 ah, 't was brial 15:08:22 s/brial/brian/ 15:08:24 zakim, unmute ??P46 15:08:24 ??P46 should no longer be muted 15:08:42 am i mute? 15:08:46 zakim, ??P46 is aldrin 15:08:46 +aldrin; got it 15:09:19 zakim, I am muted 15:09:19 sorry, tlr, I do not see a party named 'muted' 15:09:19 still adding information to the XML encryption v1.1 document, will wait for last call 15:09:22 zakim, I mute me 15:09:22 I don't understand 'I mute me', tlr 15:09:24 zakim, mute me 15:09:24 sorry, tlr, I do not know which phone connection belongs to you 15:09:28 zakim, I am thomas 15:09:28 ok, tlr, I now associate you with Thomas 15:09:29 zakim, mute me 15:09:29 Thomas should now be muted 15:09:37 there is a publication moratoria Dec 18 15:09:50 Publication moratoria, Deadline 18 Dec 2009 15:09:54 if we are going to last call for DSIG v1.1 we need to do it before Dec 18 15:10:01 TOPIC: Meeting Planning 15:10:14 We have a meeting next week, Thomas is chairing 15:10:37 Continue to have a call on Dec 24, many may be on vacation 15:11:08 Call scheduled for Dec 8 and 16, could do one 22 and 29 15:11:48 any changes to the agenda? Any other business? 15:12:01 TOPIC: Approval of F2F minutes 15:12:07 nope - I did not scribe 15:12:15 sorry 15:12:19 I did scribe for a while 15:12:26 Re Minutes of F2F, list of present does not show those who attended partially (e.g. me) 15:12:40 Any comments on F2F minutes? need to review them for next week 15:12:47 TOPIC: Editorial Updates 15:12:59 Will try to approve the F2F minutes next week 15:13:23 Added References to the Best Practices document, need additional references 15:13:39 Almost finished with References for DSIG v1.1 15:14:25 zakim, mute me 15:14:25 aldrin should now be muted 15:14:28 woo-hoo, re shared bibliography 15:14:34 fhirsch: Will use the new format for v1.1 documents, once it's set up you can share bibliography between the documents 15:14:52 fhirsch: need a volunteer for the bibliography review 15:15:01 I can review it 15:15:24 ACTION: REview the v1.1 specification bibliographys 15:15:24 Sorry, couldn't find user - REview 15:15:34 ACTION: frederick to hand 1.1 bibliography to Cynthia when converted to respec 15:15:35 Created ACTION-448 - Hand 1.1 bibliography to Cynthia when converted to respec [on Frederick Hirsch - due 2009-11-24]. 15:15:52 action: cynthia to review 1.1 bibliographies (depends on ACTION-448) 15:15:52 Created ACTION-449 - Review 1.1 bibliographies (depends on ACTION-448) [on Cynthia Martin - due 2009-11-24]. 15:16:18 fhirsch: Hooks in the JAVA script for HTML documents 15:16:46 fhirsch: updated the web page for publication status, requirements 15:16:56 TOPIC: v1.1 Last Call status 15:17:08 issue-155? 15:17:08 ISSUE-155 -- Add AES-GCM to XML Encryption 1.1 -- OPEN 15:17:08 http://www.w3.org/2008/xmlsec/track/issues/155 15:17:20 http://lists.w3.org/Archives/Public/public-xmlsec/2009Nov/0030.html 15:17:29 fhirsch: Issue 155- Pratik made a proposal for this 15:17:33 Suggest adding a reference to, e.g. NIST SP 800-38D 15:17:44 AES-CBC 15:18:21 pdatta: AS-GSM for Suite B, HMAC signature with AES, may be faster than doing them separately 15:19:13 q+ 15:19:15 pdatta: Reviewed documents, TLS suggested use of AS-GSM, requirements for Suite B, IV size is 96 15:19:40 s/AS-GSM/AES-GSM/ 15:19:46 pdatta: Authentication tag is a new item, should it be at the beginning or end 15:19:56 q+ to ask about crypto review 15:20:00 http://lists.w3.org/Archives/Public/public-xmlsec/2009Nov/0037.html 15:20:21 fhirsch: how mature and stable is this? How long has it been around? 15:20:33 pdatta: Not sure how mature it is 15:20:39 ack brian 15:20:41 unmute bal 15:20:45 ack bal 15:21:24 bal: This has been around a few years, NIST listed it for AES, MS implements it for IPsec, recommended for v1.2 15:22:05 bal: mature enough to be written into the IPsec RFC, I am not sure we would loose anything if we didn't implement this as mandatory, no concern for optional 15:22:35 fhirsch: would we be able to test for interop, is there an issue with the authentication tag location? 15:22:50 bal: not sure about the tag location- will have to check with specification 15:23:02 ack fhirsch 15:23:02 bal: not in the position to do any interop testing now 15:23:11 ack thomas 15:23:12 Thomas, you wanted to ask about crypto review 15:23:14 -bal 15:23:57 Thomas: May need to build a new markup 15:24:30 zakim, drop thomas 15:24:30 Thomas is being disconnected 15:24:31 -Thomas 15:24:33 zakim, call thomas-zskype 15:24:33 I am sorry, tlr; I do not know a number for thomas-zskype 15:24:35 zakim, call thomas-skype 15:24:35 ok, tlr; the call is being made 15:24:37 +Thomas 15:25:20 Thomas: Are we getting the necessary review of the new markup with regard to padding? 15:25:42 s/Thomas: May need to build a new markup// 15:26:02 fhirsch: Pratik needs to explain some of the text and authentication tag 15:26:15 tag disussion email from Pratik - http://lists.w3.org/Archives/Public/public-xmlsec/2009Nov/0041.html 15:26:41 anil has joined #xmlsec 15:26:49 pdatta: When you decrypt you compare it to the authentication tag to verify that it was not changed 15:27:07 anil has left #xmlsec 15:27:12 +[Microsoft] 15:27:51 pdatta: if the tag is after the IV, could be done after the cypher text, you can encrypt and dont' have to put in the authentication tag at the end 15:28:00 q+ 15:28:24 fhirsch: what is the motivation for this? May not have another version of the spec, requirement? 15:28:57 It would be conformant to Suite B IPsec implementations, but doesn't need to be optional 15:29:13 reason to add would be to support Suite B 15:29:23 we need to check 15:29:31 Specificall for IPsec though, not just SUite B 15:29:44 who is speaking 15:29:58 ACTION: bal Check on Suite B AES-GSM 15:29:58 Created ACTION-450 - Check on Suite B AES-GSM [on Brian LaMacchia - due 2009-11-24]. 15:30:36 bal: try to get an answer by next call- looking at the NSA page now, it mentions AES-GSM, but not a requirement specifically 15:30:40 s/GSM/GCM 15:30:55 action-450? 15:30:55 ACTION-450 -- Brian LaMacchia to check on Suite B AES-GSM -- due 2009-11-24 -- OPEN 15:30:55 http://www.w3.org/2008/xmlsec/track/actions/450 15:31:12 action-450? 15:31:12 ACTION-450 -- Brian LaMacchia to check on Suite B AES-GCM -- due 2009-11-24 -- OPEN 15:31:12 http://www.w3.org/2008/xmlsec/track/actions/450 15:31:37 fhirsch: If it is helpful, how do we structure it? need to discuss it on the list, take a look at the message sent on Dec 16, also tag size and location 15:32:04 fhirsch: can anyone review this proposal for AES-GCM 15:32:24 ACTION: bal Review the Pratik AES-GCM proposal with Magnus 15:32:25 Created ACTION-451 - Review the Pratik AES-GCM proposal with Magnus [on Brian LaMacchia - due 2009-11-24]. 15:32:45 fhrisch: do not want to delay v1.1 last call too much longer 15:33:18 fhirsch: Close to last call on DSIG v1.1, but not ENC v1.1 15:34:08 fhirsch: Need to add and review the reference- action to Pratik 15:34:15 issue-147? 15:34:15 ISSUE-147 -- XML Encryption 1.1 table of contents incomplete, some headings not numbered correctly in document -- OPEN 15:34:15 http://www.w3.org/2008/xmlsec/track/issues/147 15:34:15 issue-147? 15:34:15 ISSUE-147 -- XML Encryption 1.1 table of contents incomplete, some headings not numbered correctly in document -- OPEN 15:34:17 http://www.w3.org/2008/xmlsec/track/issues/147 15:34:32 action-437? 15:34:32 ACTION-437 -- Frederick Hirsch to move sig/enc core 1.1 specs to respec; resolve ISSUE-147 as side effect -- due 2009-11-13 -- OPEN 15:34:32 http://www.w3.org/2008/xmlsec/track/actions/437 15:34:35 fhrisch: Working on this action 15:34:36 still in progress 15:34:42 bal has joined #xmlsec 15:34:45 issue-150? 15:34:45 ISSUE-150 -- Use of XML encryption type encoding in EXI -- OPEN 15:34:45 http://www.w3.org/2008/xmlsec/track/issues/150 15:34:53 q+ 15:34:56 ack tlr 15:34:56 Present+ Brian_LaMacchia 15:35:01 fhirsch: THomas was working on this issue 15:35:09 action-439? 15:35:09 ACTION-439 -- Thomas Roessler to draft text for xml encryption 1.1 for handing EXI -- due 2009-11-24 -- OPEN 15:35:09 http://www.w3.org/2008/xmlsec/track/actions/439 15:35:13 q? 15:35:18 ack fhirsch 15:36:15 Thomas: reviewing section 4 of ENC v1.1, format specifications (parameter defintions) and client/application specific information 15:36:18 Thomas will send email regarding this action and associated encryption concerns 15:36:49 zakim, drop thomas 15:36:49 Thomas is being disconnected 15:36:51 -Thomas 15:37:12 fhirsch: need a more through review of XML ENC v1.1 15:37:21 zakim, call thomas-mobile 15:37:21 ok, tlr; the call is being made 15:37:22 I agree, it needs additional review 15:37:22 +Thomas 15:38:24 Thomas: basic point 4.1 and 4.2 processing model leads to difficult conformance tags 15:38:55 gets confusing when you mix in exi 15:39:23 Thomas: Section 4.3 has text regarding non-normative descriptions and is unclear 15:39:38 tlr asks whether we should remove 4.3 15:40:16 Thomas: EXI issue, processing model, need to refactor 15:40:34 Thomas: will send out an email with additional information and clarification 15:40:59 fhirsch: The spec needs more review- any volunteers? 15:41:44 bal: I was involved with the initial implementation, but it was along time ago 15:41:53 Thomas: Does anyone remember implementing this? 15:42:01 I was there in the original XML Enc group, but, I don't remember :-( 15:42:50 We can ask Sean Mullan as he did the implementation for XML Enc 15:43:34 ACTION: scott review the XML ENC v1.1 document 15:43:34 Created ACTION-452 - Review the XML ENC v1.1 document [on Scott Cantor - due 2009-11-24]. 15:44:08 fhirsch: Need to be thorough in review before last call 15:44:21 issue-154 15:44:22 issue-154? 15:44:22 ISSUE-154 -- Links to references need to be updated -- OPEN 15:44:22 http://www.w3.org/2008/xmlsec/track/issues/154 15:44:45 best practice http://lists.w3.org/Archives/Public/public-xmlsec/2009Nov/0038.html 15:45:06 Wrt Frederick's question, Brian and I co-created the first strawman proposal of XML Encryption: http://lists.w3.org/Archives/Public/xml-encryption/2000Aug/0001.html 15:45:17 issue-82? 15:45:17 ISSUE-82 -- Should 1.1 spec mandate support for range of RSA key sizes (and DSA)? -- OPEN 15:45:17 http://www.w3.org/2008/xmlsec/track/issues/82 15:46:28 ACTION: aldrin Review XML ENC v1.1 15:46:28 Created ACTION-453 - Review XML ENC v1.1 [on Aldrin J D'Souza - due 2009-11-24]. 15:47:08 action-453? 15:47:09 ACTION-453 -- Aldrin J D'Souza to review XML ENC v1.1 -- due 2009-11-24 -- OPEN 15:47:09 http://www.w3.org/2008/xmlsec/track/actions/453 15:47:23 action-453? 15:47:23 ACTION-453 -- Ed Simon to review XML ENC v1.1 -- due 2009-11-24 -- OPEN 15:47:23 http://www.w3.org/2008/xmlsec/track/actions/453 15:47:33 issue-82? 15:47:33 ISSUE-82 -- Should 1.1 spec mandate support for range of RSA key sizes (and DSA)? -- OPEN 15:47:33 http://www.w3.org/2008/xmlsec/track/issues/82 15:47:46 fhirsch: Back to Brian on this 15:47:49 action-422? 15:47:49 ACTION-422 -- Cynthia Martin to propose wording to improve KEYINFO explanation -- due 2009-11-12 -- CLOSED 15:47:49 http://www.w3.org/2008/xmlsec/track/actions/422 15:48:04 action-442? 15:48:04 ACTION-442 -- Brian LaMacchia to propose text for RSA for Issue-82 (DSA already done) -- due 2009-11-14 -- OPEN 15:48:04 http://www.w3.org/2008/xmlsec/track/actions/442 15:48:28 fhrisch: leave action 422 open for now 15:48:30 issue-115? 15:48:30 ISSUE-115 -- XPath Filter Transform and Namespace Declarations for Qualified Nodes, see http://lists.w3.org/Archives/Public/public-xmlsec/2009Apr/0025.html -- OPEN 15:48:30 http://www.w3.org/2008/xmlsec/track/issues/115 15:48:45 action-412? 15:48:45 ACTION-412 -- Ed Simon to review ISSUE-115 -- due 2009-10-27 -- OPEN 15:48:45 http://www.w3.org/2008/xmlsec/track/actions/412 15:49:16 ed notes namespaces are not signed as part of SignedInfo 15:49:25 issue 115 is difficult- wrapping attack, complex issue 15:50:32 ed: was not able to produce the attack yet, the information to ID elements that is not signed, able to change the information and could be an attack, some work on this, time consuming to track down 15:51:14 fhirsch: attack is a difficult one, can we close this? Not sure if this is an issue against DSIG v1.1 and delay last call 15:51:25 csolc has joined #xmlsec 15:51:36 s/, can we close this?// 15:51:52 ed: It should be fixed before DSIG v1.1 last call if this is a real attack vector 15:52:06 q+ 15:52:09 zakim, call thomas-skype 15:52:09 ok, tlr; the call is being made 15:52:11 +Thomas 15:52:18 -Thomas 15:52:33 fhirsch: Can this be fixed in v2.0? 15:53:15 ed: required that the namespace be declared in the findinfo element, but it might break current applications because they use namespaces from elsewhere 15:53:23 what is the possible attack? 15:54:15 ed: you have an xpath you want to sign, may specify an element with a namespace, the namespace is not necesarily signed information, could substitue another namespace, making the signature invalid 15:54:50 ed: This still concerns me, not sure if it is an issue 15:55:16 scott notes could be issue for 1.1, 2.0 selection syntax and xpath filter 15:55:29 scott notes this, if it is an issue 15:55:57 ed: General concern: using information that is not signed, could have a wrapping attack, would require alot of effort 15:56:23 fhrisch: cannot hold this indefinitely, need to go to last call 15:56:24 ACTION: thomas to introduce Ed Simon and joerg Schwenk 15:56:24 Created ACTION-454 - Introduce Ed Simon and joerg Schwenk [on Thomas Roessler - due 2009-11-24]. 15:56:59 q+ 15:57:18 scott: If this were an attack, there would be others regarding namespace and what you sign and don't sign 15:57:34 +Gerald-E 15:57:41 scott: This is harder to attack based on what you choose to sign 15:58:06 fhirsch: Need to focus on v2.0 selection items also 15:58:17 ack fhirsch 15:58:21 ack tlr 15:58:31 zakim, I am thomas 15:58:31 ok, tlr, I now associate you with Thomas 15:58:33 zakim, who is muted? 15:58:33 I see brich, shivaram, aldrin muted 15:58:41 ed: is it necessary to sign namespace declaration to prevent namespace wrapping attack? 15:58:56 fhirsch: Always a cost to protect everything 15:59:44 Thomas: Set up a meeting between Ed Simon and joerg Schwenk to discuss this attack 15:59:44 action-254 university group working on signature could review threat 16:00:23 fhirsch: We cannot keep this indefinitely, need to make decisions on v1.1 16:00:24 action-254 associated with issue-115 and action-412 16:01:02 zakim, mute me 16:01:02 Thomas should now be muted 16:01:22 fhirsch: Concerned that we have a generic issue, not a useful issue if it's too generic, need a more specific issue to work on 16:01:50 recommend closing issue-155 and create a new one with more details 16:02:04 ed: agree with closing the generic issue 16:02:30 fhirsch: Would like to close issue-115 and create a new one 16:02:49 x/- 155/- 115/ 16:02:54 issue: threat for signature from use of namespace prefixes with corresponding unsigned namespace declarations leading to wrapping like attacks 16:02:54 Created ISSUE-156 - Threat for signature from use of namespace prefixes with corresponding unsigned namespace declarations leading to wrapping like attacks ; please complete additional details at http://www.w3.org/2008/xmlsec/track/issues/156/edit . 16:03:05 issue-115 close 16:03:11 issue-115 closed 16:03:11 ISSUE-115 XPath Filter Transform and Namespace Declarations for Qualified Nodes, see http://lists.w3.org/Archives/Public/public-xmlsec/2009Apr/0025.html closed 16:03:13 ACTION-254 closed 16:03:13 ACTION-254 Add ISSUE-68 to agenda, follow up on bals proposal with editorial change to 1.1? closed 16:03:18 whooops 16:03:23 action-254? 16:03:23 ACTION-254 -- Frederick Hirsch to add ISSUE-68 to agenda, follow up on bals proposal with editorial change to 1.1? -- due 2009-04-13 -- CLOSED 16:03:23 http://www.w3.org/2008/xmlsec/track/actions/254 16:03:39 ignore me, I was confused 16:03:52 action-454 done 16:03:55 action-454 closed 16:03:55 ACTION-454 Introduce Ed Simon and joerg Schwenk closed 16:04:20 issue-156 see http://lists.w3.org/Archives/Public/public-xmlsec/2009Apr/0025.html 16:04:33 action-421? 16:04:33 ACTION-421 -- Ed Simon to look at the 1.1 schema -- due 2009-11-12 -- OPEN 16:04:33 http://www.w3.org/2008/xmlsec/track/actions/421 16:04:34 action-421? 16:04:34 ACTION-421 -- Ed Simon to look at the 1.1 schema -- due 2009-11-12 -- OPEN 16:04:34 http://www.w3.org/2008/xmlsec/track/actions/421 16:04:47 action-421 review 1.1 RNG changes 16:05:20 ed: Send email out and he is fixing the RNG schema 16:05:37 http://lists.w3.org/Archives/Public/public-xmlsec/2009Nov/0044.html 16:05:53 Makoto agreed that Ed's proposed change is correct and updated RNG schema 16:06:30 "official RELAX NG schemas for XML digital signature" 16:07:00 fhirsch: Need help from Thomas on versions and process 16:07:06 +1 to giving it some merit, but I'm pulling a blank on the versioning question 16:07:17 ack thom 16:07:49 fhrisch: Many people are trying to use RNG schema, may be valuable to have an RNG schema v1.1 16:08:13 Thomas: Can we just add it to the spec? 16:09:26 RESOLUTION: Add the RNG schema to the v1.1 spec 16:09:36 +q 16:09:44 ack shivaram 16:09:44 ack shiv 16:09:53 fhirsch: HOw do we do this properly (add the RNG schema)? 16:10:09 shivaram: Do we need to add the information to the requirements spec also? 16:10:13 q+ 16:10:24 ack Thomas 16:10:27 fhirsch: Yes, we need to add this to the requirements 16:10:28 q 16:10:29 q- 16:10:42 zakim, mute me 16:10:42 Thomas should now be muted 16:10:54 tlr: do we have a formal requirement for the xml schema? 16:11:17