See also: IRC log
<trackbot> Date: 26 January 2010
<tlr> ScribeNick: tlr
<scribe> ScribeNick: csolc
<tlr> Scribe: ChrisSolc
<fjh> Note on testable conformance clauses
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0104.html
<fjh> Approve 19 January minutes
<fjh> http://www.w3.org/2010/01/19-xmlsec-minutes.html
RESOLUTION: Approve 19 January minutes approved
<fjh> XML Signature 1.1, XML Signature Properties, XML Encryption 1.1
<fjh> Moved RNG schema material to separate draft, reference that draft
<fjh> "XML Security RELAXNG Schemas"
http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0122.html
<fjh> http://www.w3.org/2008/xmlsec/Drafts/xmlsec-rngschema/Overview.html
<fjh> Non-normative RELAXNG schema [RELAXNG-SCHEMA] information is
<fjh> available in a separate document [XMLSEC-RELAXNG]
<fjh> Proposed Resolution: Agree to moving RNG schema to separate draft for
<fjh> all documents
<Cynthia> Agree, move to separate draft
RESOLUTION: Agreed to moving RNG schema to separate draft for all documents
http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0115.html
<fjh> Makoto updated RNC schema, http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0115.html
<fjh> scott noted that one issue was whether elements could be reused, suggested they could
<fjh> scott noted some schema had lax some strict
<fjh> scott noted process contents
<tlr> indeed, it's obvious for KeyInfo
bal: you can reuse elements in other contexts.
scott: can I reuse the xpath element in other context
bal: yes
fjh: thinks the lax vs strict issues was just an oversite
<fjh> bal asks if strict/lax issue was introduced with 2nd edition
scott: prossess contents doesn't have the same interop issues
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0120.html
<fjh> how should we deal with this, if at all
scott: can we do anything because it already in the schema
<fjh> issue: Why isn't processContents="lax" specified for <xsd:any>
<trackbot> Created ISSUE-185 - Why isn't processContents="lax" specified for <xsd:any> ; please complete additional details at http://www.w3.org/2008/xmlsec/track/issues/185/edit .
<fjh> within the dcl of CanonicalizationMethodType and that of SignatureMethodType?
scott: if we make things less
strick means existing signatures will continue to
validate
... however the converse is also true, may produce signatures
that may not validate in older processors.
<Zakim> Thomas, you wanted to wonder whether there's a real problem ehre
tlr: are we allowed to make
changes to the 1.0 schema?
... if we want to change it, do we know of test cases that
wouldn't validate
... may have signatures that actually sign the xml signature
schema
<fjh> scott notes should be using local schema copy, modified locally if needed
scott: don't know if it has any impact on the RNG schema.
tlr: would lean to leaving the xsd schema alone and change the RNG schema
fjh: should we put a not in the doc that lax is ok
<tlr> +1 to punting this issue to the other note
<fjh> could put note in RNG schema note
tlr: not sure if anything is actually broken, the change in the schema may make some groups easier yet harder for others.
<fjh> proposed resolution: Resolve ISSUE-185 with no change to XSD schema or XML Signature 1.1, but possible explanation in RNG Schemas docuemnt
RESOLUTION: Resolve ISSUE-185 with no change to XSD schema or XML Signature 1.1, but possible explanation in RNG Schemas document
<fjh> XML Encryption 1.1 and XML Signature 2.0 editorial updates noted in agenda
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0123.html
Call for Consensus: http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0123.html
<fjh> issue-91?
<trackbot> ISSUE-91 -- ECC can't be REQUIRED -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/91
<fjh> Can flag ECC mandatory as at risk entering CR, could go to Optional at end of CR.
<fjh> Definition of CR exit criteria can include number of objections by implementors for example
<tlr> > This Last Call Working Draft includes the ECDSAwithSHA256 signature algorithm, which is ECDSA over the P-256 prime curve specified in Section D.2.3 of FIPS 186-3 [[FIPS186-3]] (and using the SHA-256 hash algorithm) as a mandatory to implement algorithm. The Working Group may request <a href="http://www.w3.org/2005/10/Process-20051014/tr.html#cfi">transition to Candidate Recommendation</a> with this feature marked as "at risk". If issues about deployment of this
<tlr> feature are raised during Candidate Recommendation, the group would likely make this feature optional.
<fhirsch> http://lists.w3.org/Archives/Member/member-xmlsec/2010Jan/0008.html
<fjh> text above for sotd
<fjh> also change ECC note to say "Feature is at Risk when entering CR, if issues about deployment of this eature are raised during Candidate Recommendation, the group would likely make this feature optional."
brich: normally this is reserved for things that there is lack of implementation experience
<Gerald-E> it may be that not many people have this implementation - because of IPR issues
<Gerald-E> only commercial companies with licences would have implementations, limiting the implementations available
tlr: can go from CR back to last call.
<fjh> tlr notes or could go from last call to another last call
fjh: whe should have more info when we exit last call.
<fjh> we say in sotd what we plan so we should be ok with this now
<fjh> issue-179?
<trackbot> ISSUE-179 -- Update ECC warning for last call -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/179
<Cynthia> I believe marking it "at risk" gives us the time we need, go forward with recommendation from Thomda
<fhirsch> http://lists.w3.org/Archives/Member/member-xmlsec/2010Jan/0008.html
<Gerald-E> +1
<fhirsch> proposed resolution: resolve ISSUE-179 with text proposed in http://lists.w3.org/Archives/Member/member-xmlsec/2010Jan/0008.html, adding to note in body of document that if issues about deployment of this eature are raised during Candidate Recommendation, the group would likely make this ffeature optional.
<fjh> proposal - change "would likely" to "might elect to"
<bal> i like this wording change
<Cynthia> I like it also, use the new wording
RESOLUTION: resolve ISSUE-179 with text proposed in http://lists.w3.org/Archives/Member/member-xmlsec/2010Jan/0008.html, adding to note in body of document that if issues about deployment of this feature are raised during Candidate Recommendation, the group may elect to make this feature optional.
<fhirsch> same sentence changed in sotd as well
<bal> adding to note in body of document that if issues about deployment of this eature are raised during Candidate Recommendation, the group may elect to make this feature optional.
<Gerald-E> for RIM to join woujld make this much easier
<fhirsch> ACTION: tlr to update sotd and note in document with change for ISSUE-179 [recorded in http://www.w3.org/2010/01/26-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-506 - Update sotd and note in document with change for ISSUE-179 [on Thomas Roessler - due 2010-02-02].
fjh: when are we going to publish
<fhirsch> issue-172?
<trackbot> ISSUE-172 -- Acknowledge WG in Signature Properties -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/172
<fhirsch> plan to adopt text from signature re 1.1 WG
Proposed resolution: The XML Security WG agrees that XML Signature 1.1 and XML Signature Properties should enter Last Call for a six week last call period. The WG believes the only open issue is ISSUE-91, a non-technical issue that should not delay entering Last Call.
<tlr> The remaining open issue is ISSUE-91. The WG has outlined a process to handle this issue during Candidate Recommendation, and therefore does not wish to delay entering Last Call for it.
RESOLUTION: The XML Security WG agrees that XML Signature 1.1 and XML Signature Properties should enter Last Call for a six week last call period. The remaining open issue is ISSUE-91. The WG has outlined a process to handle this issue during Candidate Recommendation, and therefore does not wish to delay entering Last Call for it.
Proposed Resolution: The WG agrees to publish a FPWD of XML Security RELAXNG Schemas draft" http://www.w3.org/2008/xmlsec/Drafts/xmlsec-rngschema/Overview.html
RESOLUTION: The WG agrees to publish a FPWD of XML Security RELAXNG Schemas draft" http://www.w3.org/2008/xmlsec/Drafts/xmlsec-rngschema/Overview.html
<fjh> issue-171?
<trackbot> ISSUE-171 -- Review references in XML Security 1.1 requirements and XML Security 2.0 requirements -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/issues/171
Proposed Resolution: The WG agrees to publish an updated WD of XML Security 1.1 Requirements and Design Considerations http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs/Overview.html
RESOLUTION: The WG agrees to publish an updated WD of XML Security 1.1 Requirements and Design Considerations http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs/Overview.html
<fjh> shortname - xmlsec-reqs2
Proposed Resolution: The WG agrees to publish an updated WD of XML Security 2.0 Requirements and Design Considerations http://www.w3.org/2008/xmlsec/Drafts/transform-note/Overview.html
<fjh> Proposed Resolution: The WG agrees to publish a FPWD of XML
<fjh> Security 2.0 Requirements and Design Considerations, with shortname xmlsec-reqs2, noting in sotd that based on earlier transform simplification document
<tlr> +1
<fjh> Proposed Resolution: The WG agrees to publish an updated WD of the Algorithms Cross Reference
RESOLUTION: The WG agrees to publish a FPWD of XML Security 2.0 Requirements and Design Considerations, with shortname xmlsec-reqs2, noting in sotd that based on earlier transform simplification document
<fjh> Proposed Resolution: The WG agrees to publish an updated WD of the Algorithms Cross Reference after edited by TLR with call for objections on mailing list
<fjh> Proposed Resolution: The WG agrees to publish an updated WD of XML
<fjh> Signature Best Practices
RESOLUTION: The WG agrees to publish an updated WD of the Algorithms Cross Reference after edited by TLR with call for objections on mailing list15
<Cynthia> You are correct.
RESOLUTION: The WG agrees to publish an updated WD of XML Signature Best Practices http://www.w3.org/2007/xmlsec/Drafts/xmldsig-bestpractices/
<fjh> action-500?
<trackbot> ACTION-500 -- Thomas Roessler to update namespace section in Encryption 1.1 -- due 2010-01-26 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/500
<fjh> action-473?
<trackbot> ACTION-473 -- Thomas Roessler to update xml enc processing proposal with more detail and addressing wg concerns -- due 2010-01-31 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/473
<fjh> http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/Overview.htm#sec-Processing
<fjh> tlr notes not talk normatively about application in revision
<fhirsch> mtl from 4.5 has moved to 4.2
<fjh> scott will review the xml encryption 1.1 changes, already has action, ACTION-452
<fjh> ACTION-452?
<trackbot> ACTION-452 -- Scott Cantor to review the XML ENC v1.1 document -- due 2009-11-24 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/452
<fjh> ACTION-475?
<trackbot> ACTION-475 -- Frederick Hirsch to review xml encryption 1.1 -- due 2010-01-29 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/475
<fjh> ACTION-453?
<trackbot> ACTION-453 -- Ed Simon to review XML ENC v1.1 -- due 2009-11-24 -- OPEN
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/453
<fjh> ACTION: bal to review XML Encryption 1.1, including proposed processing model changes [recorded in http://www.w3.org/2010/01/26-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-507 - Review XML Encryption 1.1, including proposed processing model changes [on Brian LaMacchia - due 2010-02-02].
<fjh> ACTION: pdatta to review Encryption 1.1, including proposed processing model changes [recorded in http://www.w3.org/2010/01/26-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-508 - Review Encryption 1.1, including proposed processing model changes [on Pratik Datta - due 2010-02-02].
<fjh> Suggest we complete review before call on the 9th Feb, then decide whether to publish updated WD or to fix changes and then publish
<fjh> Prefer to have updated publication by mid-Feb.
http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0119.html
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2010Jan/0119.html
Patrick: examples have been updated
scantor; need to agree on terminology
<fjh> http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/Overview.src.html#sec-Processing
scribe: and styling
<fjh> ACTION: fjh to review bibliography issues [recorded in http://www.w3.org/2010/01/26-xmlsec-minutes.html#action04]
<trackbot> Created ACTION-509 - Review bibliography issues [on Frederick Hirsch - due 2010-02-02].
fjh: what are the next steps
<fjh> pratik planning to send out c14n 2.0 draft revision
<fjh> Pratik asks Scott to review, some changes to proposal
<fjh> Scott asks for revision of compatibility mode terms as early as possible
<fjh> action-481?
<trackbot> ACTION-481 -- Frederick Hirsch to check on follow-up status on WS-RA discussion -- due 2010-01-12 -- PENDINGREVIEW
<trackbot> http://www.w3.org/2008/xmlsec/track/actions/481
<fjh> in progress, no response yet
<fjh> common document would enable wider interop
<fjh> pratik also notes enable reuse without requiring normative reference to entire XML Signature
<fjh> pratik says we could have note comparing subsets - xml schema, ws-transfer and xml signature