See also: IRC log
<wseltzer> trackbot, prepare teleconf
<trackbot> Date: 07 January 2013
<rbarnes> hello world!
<rbarnes> asad: zakim almost got your name right!
<virginie> agenda F2F meeting date and location
<karen> aagg is Karen
I can scribe
<scribe> scribenick: rsleevi
<virginie> minutes http://www.w3.org/2012/12/17-crypto-minutes.html
RESOLUTION: Minutes from previous call are accepted
virginie: Status of documents in
...: Our decision was reached on Dec 17. However, that was when publication of specifications were frozen.
<hhalpin> Everything is fine
except the use-cases
...: current drafts are working through publication. WebCrypto & Key Discovery were PubRules clean, so will be published tomorrow
<hhalpin> Worse case,
use-cases can come out a bit later...
...: use cases still needs a few editorial tweaks for pubrules
mountie Question about origin and why definition was removed
rsleevi: Not sure I understand the question
mountie: Differences make note about multi-origin support
rsleevi: There was some discussion about multi-origin related to key discovery, that was removed during the key discovery separation. Not fully sure I understand the question, but that may have been the reason for removal
hhalpin: Multi-origin may have a use case. Should send the use case. It may be possible to do things for the Korean banking use case while respecting the same-origin policy
<hhalpin> i.e. by using digital signatures
<hhalpin> i.e. a certificate (token) can be given and have its signature verified
<hhalpin> even if the user is not currently "visiting" the site with a key from the same-origin as the origin that signed the token.
<zooko> Zakim: aajj is zooko
virginie: Status of high level API - ddahl, markw, et al need more time to work on it
virginie: Question is "When are
we going to have implementations" and "When are we going to get
feedback about the API and the issues highlighted"
... Question impacts timing of LC and schedule of WG
<hhalpin> Yes, I was just going to note we need to tell W3C when we hope to go to Last Call.
<hhalpin> +1 rbarnes!!!
rbarnes: Has just this afternoon pushed a polyfill out to github
rbarnes: This version implements
several different algorithms, most of the API.
... missing some of export key
... Test cases driven by test vectors
... Grep through the source for XXX spec for spec issues
<rbarnes> grep -R "XXX-SPEC" *
rbarnes: While implementing, came
across a few inconsistencies (eg: key usage vs key usageS
... will be providing feedback on the spec, and looking for feedback on the implementation
ddahl: Ongoing work, mostly infrastructural. Still trying to work out resources and timelines, not sure when he'll have details
<hhalpin> we'll need info on updating the charter within 2 weeks, BTW
selfissued: No implementation to report at this time
<hhalpin> we want to make the roadmap realistic for all parties!
virginie: Any information we should request of Microsoft before we establish our roadmap?
selfissued: Ask that question again in two weeks
rsleevi: Not sure I can comment on timing. Have portions of the API (such as random) implemented in WK already, still working on resources and timing
markw: We have an implementation of a subset of the API, in the form of a plugin at the moment. Question about when we plan to have this aligned with the API, will get back
hhalpin: Not asking for anyone to
reveal anything confidential.
... Mostly trying to get an idea of the WG and when we as a WG expect to enter LC with all of our issues closed
... when we chartered, we set a timeframe. We can realistically ask for one extension of timing
... we have ourselves entering LC in February
<selfissued> I can respond if I do it now, but I have to go in about 2 minutes
rsleevi: An area of concern is
key import/export and key wrap/unwrap and the timing and
deliverables of those
... Options include 1) Drop the feature 2) Do our own thing 3) Do the JOSE thing if it's ready
selfissued: JOSE has taken it up, and has progressed on something based on JWE, and is being responsive
markw: Sense was use JOSE as the
base, but if for any reason it wasn't ready, we cut & paste
into our own
... What are the next steps for key wrapping / unwrapping?
virginie: We will need to make a
decision and better understand the timing of decision. We can't
delay it past LC
... Regarding key wrapping / unwrapping, have it as an item for the next call
markw: Ideally we could have some progress before then
<hhalpin> I'm trying to remember what open issues were with MarkW's key wrapping proposal.
virginie: We can't force people to work on that part of the spec. By adding it to the agenda we can discuss it
<hhalpin> I think we still wanted the feature...
markw: Will update the proposal based on the new API, will go from there
<virginie> acl rsleevi
<markw> @hhalpin: yes ... I can't remember what the issues were either ;-) But at least the proposal needs to be updated for the API changes. There were also two versions: overloading import/export vs explicit wrap/unwrap & I think the group feeling was towards the latter
rsleevi: Reminder to think about cloning cryptographic operations and whether we accept or drop the feature
<virginie> March 26/27/28
Most favourable dates were the end of March - 26/27/28
virginie: Question raised was
"End of March - will we have enough feedback to sustain a
... As a chair, feeling is meeting is always good, but people have budgets and timing concerns
... Was thinking two F2F - one in march and one some time in summer
hhalpin: Some feeling from the
editors was that delaying it may help
... delaying a month or a little more won't hurt
... options for a meeting in Korea was raised. W3C meeting is having a fall meeting in China. Spec may still be in LC or CR phase
... not sure if the China location would be suitably proximate
<hhalpin> TPAC 2013 is in china
virginie: For me, because we only have a few members in the WG in Korea, but we have many in the US, it may make more sense to have this meeting in the US
<hhalpin> and in the fall we could arrange a visit to Korea as well after or before TPAC
virginie: Very likely that the next meeting is in the US
mountie: Want to have the next meeting in Korea in order to show why there is interest in this API
hhalpin: Mentioning of China was
to explore the possibility to have meeting in Korea
... We may still have time for flexibility in the API at that time
... we may be better served by waiting for the spec to be more mature
<hhalpin> but would that be too late to influence stuff in Korea?
<hhalpin> That's why I'm thinking the overlap will be clearer by the fall in 2013
rsleevi: As an implementor, while
we value the problem, it's not a high point for us or our
users. We've studied this problem for quite a bit of time, and
with quite a bit of depth, and think this problem is much
... as an editor, fully happy to reflect the consensus from the WG, but it's not likely something we'd rush to implement
... would recommend this problem be postponed until we've furthered the current work
hhalpin: If we do it at TPAC, we'll have more contributors available
virginie: Other possibilities
include a "roadshow" to demonstrate the API and how it fits in
with the use case
... back to the topic of dates
<hhalpin> There is a distinct lack of proposals (except from Netflix!!)
rsleevi: Main concern is making we have enough issues and agenda for discussion
virginie: We have lots of specs at the moment - we have use cases, key discovery, and (hopefully soon) high level API
<hhalpin> I'd say we could also aim for April 2nd.
<hhalpin> That would give us more time.
<hhalpin> That is in the Doodle.
virginie: goal is to make sure we have people willing to travel and discuss the issues for these related specs
mountie: My expectation of the
next F2F meeting was that we could begin setting priorities for
the list of secondary features
... our preferences are for secondary features. We should set priorities for secondary features
<hhalpin> I agree with Mountie re prioritizing secondary features
virginie: Some of the secondary
features may have dependencies on the primary dependency
... we really have to balance on making sure we don't focus on our secondary features before focusing on our primary features
<rbarnes> i am willing to travel, especially in US
<karen> +1 in US
virginie: Question is who is
willing and has the budget to travel
... Reminder: Another F2F possibly in the summer
virginie: Within the next two
weeks, proposals for WHERE and WHEN the next F2F will be. As
mentioned, will be US based
... Possibility of Boston or DC as one options
ddahl: Possibility of Mountain View/Vancouver/Toronto
<zooko> Thanks folks!
<hhalpin> zooko - I'll look into the disposition of comments point I brought up.
<zooko> I'm going to the Stanford Real World Crypto workshop!
<hhalpin> If folks can go and present the API at that workshop, that would be great!!
<zooko> Can we have a WebCrypto dinner/lunch/beer ?
<zooko> Who is it that *might* be presenting something related to WebCrypto there?
@hhalpin: No presentation
@zooko: ben adida. ddahl was supposed to figure out the details ;)
<zooko> I see: https://crypto.stanford.edu/RealWorldCrypto/program.php
rsleevi: Mentioned the Stanford Real World Crypto Workshop, opportunity to get feedback and discuss with crypto community
virginie: Next call topic will include getting feedback from more companies and communities
<ddahl> rsleevi: you should just ping ben, he will let you know what is going on
<zooko> Okay! Let's discuss it on this IRC channel after the call?
<hhalpin> Get Terrence to look at it.
This is scribe.perl Revision: 1.137 of Date: 2012/09/20 20:19:01 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/??/mountie/ Found ScribeNick: rsleevi Inferring Scribes: rsleevi Default Present: +1.720.357.aaaa, +184.108.40.206.aabb, +1.410.290.aacc, +1.512.257.aadd, +1.408.540.aaee, markw, rbarnes, asad, +1.512.257.aaff, +1.512.257.aagg, virginie, ddahl, +1.408.458.aahh, Wendy, hhalpin, rsleevi, mountie, Zooko, Karen, Mike_Jones, +1.303.661.aaii, sdurbha, +1.303.543.aajj Present: +1.720.357.aaaa +220.127.116.11.aabb +1.410.290.aacc +1.512.257.aadd +1.408.540.aaee markw rbarnes asad +1.512.257.aaff +1.512.257.aagg virginie ddahl +1.408.458.aahh Wendy hhalpin rsleevi mountie Zooko Karen Mike_Jones +1.303.661.aaii sdurbha +1.303.543.aajj WARNING: No meeting chair found! You should specify the meeting chair like this: <dbooth> Chair: dbooth Found Date: 07 Jan 2013 Guessing minutes URL: http://www.w3.org/2013/01/07-crypto-minutes.html People with action items:[End of scribe.perl diagnostic output]