19:20:19 <RRSAgent> RRSAgent has joined #crypto
19:20:19 <RRSAgent> logging to http://www.w3.org/2014/10/20-crypto-irc
19:20:21 <trackbot> RRSAgent, make logs public
19:20:21 <Zakim> Zakim has joined #crypto
19:20:23 <trackbot> Zakim, this will be CRYPT
19:20:23 <Zakim> ok, trackbot; I see SEC_WebCryp()3:00PM scheduled to start 20 minutes ago
19:20:24 <trackbot> Meeting: Web Cryptography Working Group Teleconference
19:20:24 <trackbot> Date: 20 October 2014
19:22:41 <w3> w3 has joined #crypto
19:48:29 <virginie> virginie has joined #crypto
19:48:34 <virginie> agenda?
19:48:46 <virginie> agenda+ Welcome
19:49:01 <virginie> agenda+ Status of Web Crypto API bugs
19:49:27 <virginie> agenda+ Resolution on extensibility/patchability bug
19:49:50 <virginie> agenda+ Resolution on exit from Last Call for the Web Crypto API (if relevant)
19:50:12 <virginie> agenda+ Web Crypto API milestones
19:50:44 <virginie> agenda+ TPAC F2F meeting on 30th of October (discussing agenda)
19:50:47 <virginie> agenda?
19:58:04 <rsleevi> rsleevi has joined #crypto
19:59:09 <Zakim> SEC_WebCryp()3:00PM has now started
19:59:16 <Zakim> + +1.415.373.aaaa
19:59:19 <harry> Zakim, what's the code?
19:59:19 <Zakim> the conference code is 27978 (tel:+1.617.761.6200 sip:zakim@voip.w3.org), harry
19:59:55 <Zakim> + +1.650.275.aabb
20:00:09 <Karen_> Karen_ has joined #crypto
20:00:12 <kodonog> kodonog has joined #crypto
20:00:19 <Zakim> +??P5
20:00:20 <Zakim> +[IPcaller]
20:00:25 <harry> Zakim, IPcaller is hhalpin
20:00:25 <Zakim> +hhalpin; got it
20:00:39 <Zakim> +[Microsoft]
20:00:47 <selfissued> selfissued has joined #crypto
20:01:10 <Zakim> +Karen
20:01:23 <harry> Zakim, pick a scribe
20:01:23 <Zakim> Not knowing who is chairing or who scribed recently, I propose rsleevi
20:01:29 <selfissued> It was me - I'm muted now
20:01:32 <harry> Zakim, pick a scribe
20:01:32 <Zakim> Not knowing who is chairing or who scribed recently, I propose Karen
20:01:34 <Zakim> +karen_oDonoghue
20:01:58 <Zakim> +Virginie_Galindo
20:01:59 <rbarnes_> rbarnes_ has joined #crypto
20:02:02 <rbarnes_> rbarnes_ has left #crypto
20:02:13 <Zakim> +[Microsoft.a]
20:02:14 <rbarnes> rbarnes has joined #crypto
20:02:15 <harry> chair: Virgine Galindo
20:02:20 <virginie> zakim, who is on the phone?
20:02:20 <Zakim> On the phone I see +1.415.373.aaaa, rsleevi, ??P5, hhalpin, [Microsoft], Karen, karen_oDonoghue, Virginie_Galindo, [Microsoft.a]
20:02:21 <harry> scribe: Karen
20:03:00 <harry> Zakim, P5 is rbarnes
20:03:01 <Zakim> sorry, harry, I do not recognize a party named 'P5'
20:03:15 <selfissued> And Mike
20:03:18 <bal> bal has joined #crypto
20:03:23 <Zakim> +Wendy
20:03:43 <rbarnes> and all i know about IETF errata is that i always mark them "rejected" :)
20:03:44 <virginie> zakim, who is on the phone?
20:03:44 <Zakim> On the phone I see +1.415.373.aaaa, rsleevi, rbarnes, hhalpin, selfissued, Karen, karen_oDonoghue, Virginie_Galindo, bal, Wendy
20:04:06 <wseltzer> zakim, who is here?
20:04:08 <bal> FYI, I will only be able to stay on the call for the first 30 minutes
20:04:08 <Zakim> On the phone I see trevp, rsleevi, rbarnes, hhalpin, selfissued, Karen, karen_oDonoghue, Virginie_Galindo, bal, Wendy
20:04:08 <Zakim> On IRC I see bal, rbarnes, selfissued, kodonog, Karen_, rsleevi, virginie, w3, Zakim, RRSAgent, harry, tantek, tobie, schuki, timeless, Karen, slightlyoff, terri, wseltzer,
20:04:08 <Zakim> ... trackbot
20:04:20 <virginie> agenda?
20:05:06 <rbarnes> harry: my proposal was just for a box where you would link to the updates.  i don't care if you put stuff in the box with errata, full WG process, or an IANA registry
20:05:34 <markw> markw has joined #crypto
20:06:00 <vgb> vgb has joined #crypto
20:06:08 <Karen_> virginie: one bug left: extensibility
20:06:18 <harry> there's still some debate going on re the mailing list
20:06:33 <Zakim> +[Microsoft]
20:06:41 <vgb> zakim, [microsoft] is me
20:06:41 <Zakim> +vgb; got it
20:06:44 <harry> but I think rbarnes has a proposal, Microsoft has some concerns, and then the CFRG might end up wrapping up with a decision before we get out of Last Call.
20:07:29 <Karen_> virginie: status of web crypto API
20:07:50 <Zakim> +markw
20:07:50 <harry> we could go for extensibility bug first for the fun of it
20:08:20 <Karen_> ... we made status of the bugs
20:09:14 <harry> Note re the infamous "Rich Salz security considerations bug" Graham should ship a doc to CFRG quite shortly.
20:09:37 <Karen_> mark: extensibility, implemented proposal from Richard
20:09:50 <harry> If he doesn't do it, I'll do it on his behalf. It will just be an Informational Note that is basically his blog post with some padding for everyone on CFRG to discuss.
20:09:52 <virginie> Note : the list of bug is available here : https://www.w3.org/Bugs/Public/buglist.cgi?quicksearch=web%20crypto&list_id=45901
20:10:09 <Karen_> ... implemented a couple of proposals
20:11:05 <Karen_> virginie: 15 bugs open, most of them have been discussed
20:11:07 <markw> Zakim, who is on the phone ?
20:11:07 <Zakim> On the phone I see trevp, rsleevi, rbarnes, hhalpin, selfissued, Karen, karen_oDonoghue, Virginie_Galindo, bal, Wendy, vgb, markw
20:11:53 <Karen_> richard: algorithm alias - string name map to object name
20:12:16 <rsleevi> 24878
20:12:17 <rbarnes> https://www.w3.org/Bugs/Public/show_bug.cgi?id=24878
20:12:59 <MichaelH> MichaelH has joined #crypto
20:13:09 <Zakim> +Michael_Hutchinson
20:13:10 <Karen_> mark: should be easy to implement, just have to make a decision
20:13:13 <rsleevi> there was consensus on the list previously
20:13:15 <rbarnes> actually, i think it was ryan's proposal :)
20:13:27 <kodonog> kodonog has joined #crypto
20:13:48 <Karen_> virginie: no objection.
20:14:12 <harry> The rest of them seemed sensible - I think Ryan is right re HMAC key length being larger than block size
20:14:29 <harry> so that should just be closed as a "WONTFIX"
20:15:09 <harry> https://www.w3.org/Bugs/Public/show_bug.cgi?id=26950
20:15:45 <virginie> q?
20:15:48 <Karen_> ... any bug that deserves attention?
20:15:57 <harry> Yeah, that one should be closed - no reason to restrict key length to output length
20:15:57 <harry> q+
20:16:09 <wseltzer> https://www.w3.org/Bugs/Public/show_bug.cgi?id=25815
20:16:26 <rbarnes> without looking up the references, i can live with closing that one
20:16:30 <rbarnes> ryan looks right enough :)
20:16:32 <Karen_> 26950
20:16:46 <rbarnes> where "that one" == 26950
20:16:48 <Karen_> mark: 25815
20:17:44 <harry> I'm no expert there but it seems that if one had plaintext and one wanted key, keeping key longer than output of hash seems sensible.
20:17:51 <harry> ack harry
20:18:38 <Karen_> sorry I cannot follow this :(
20:18:54 <harry> Basically, Markw is normalizing the error codes
20:18:58 <virginie> q?
20:19:01 <wseltzer> mark: Should we say import/export will always report Data Error
20:19:07 <Karen_> mark, can you briefly enter your comments?
20:19:14 <wseltzer> s/Data Error/DataError/
20:19:33 <harry> As long as we don't have separate padding errors :)
20:19:46 <Karen_> mark: can implement change
20:19:55 <wseltzer> Virginie: No objection
20:20:17 <rsleevi> https://www.w3.org/Bugs/Public/show_bug.cgi?id=26950
20:20:19 <Karen_> harry: may be Ryan can explan on 26950
20:20:24 <rbarnes> q+
20:20:28 <markw> The objective of the bog was to ensure that validation errors on import/export all return the same error so that there is no requirement on UAs to distinguish error cases themselves - they are free to delegate checking to libraries
20:20:41 <rbarnes> ack
20:20:42 <markw> s/big/bug (25815)/
20:20:48 <markw> s/bog/bug (25815)/
20:21:01 <harry> Does everyone agree with Ryan this should be a WONTFIX?
20:21:05 <wseltzer> q- rbarnes
20:21:28 <markw> Almost all cases for import/export are already normalized to DataError, so my proposal is to standardize on that, rather then OperationError for import/output
20:21:31 <Karen_> Ryan: comment 3 was intentional text
20:21:43 <Karen_> ... to generalize hmac construct
20:22:03 <Karen_> ... to have max security strength
20:22:46 <Karen_> Richard: no point that the extra security going over the hmac length
20:23:57 <Zakim> + +1.703.948.aacc
20:24:02 <Karen_> Ryan: if you to generate a hmac key of L,it will not be the max security. see reference
20:25:18 <Karen_> virginie: this bug is not a problem?
20:25:31 <Karen_> Richard: no
20:25:51 <harry> So just chime in on Bugzilla and it will be a WONTFIX
20:25:54 <Karen_> virginie: you read the document and we have it resolved.
20:25:57 <rbarnes> of course, i have no idea what the process requirement is for exiting LC. but i'm not going to object.
20:26:36 <Karen_> virginie: mark - can you give a short description on where we are on making a agreement?
20:26:57 <virginie> https://www.w3.org/Bugs/Public/show_bug.cgi?id=25618
20:27:07 <Karen_> mark: where need extensibility
20:27:42 <Karen_> ... add note saying so and reference
20:27:56 <virginie> zakim, who is on the phone?
20:27:56 <Zakim> On the phone I see trevp, rsleevi, rbarnes, hhalpin, selfissued, Karen, karen_oDonoghue, Virginie_Galindo, bal, Wendy, vgb, markw, Michael_Hutchinson, +1.703.948.aacc
20:28:42 <Karen_> mark: cleanup exten for EC
20:29:16 <Karen_> ... need - format of the private key
20:29:59 <Karen_> virginie: everyone agree with Mark?
20:30:37 <Karen_> ... let's do a formal vote
20:31:06 <markw> Changes based on Richard's proposal have been implemented. Extension specifications will be explicitly listed in the specification - list to be updated with Errata. No longer possible to completely override existing algorithms. New hash algorithms can be added. EC curve extensisbility inteneded to allow a variety of new curves, not just those that align with NIST ones.
20:31:15 <Karen_> ... for extensibility
20:31:20 <wseltzer> PROPOSED RESOLUTION: If you're happy with Mark's proposal, +1, if not, -1
20:31:33 <harry> I think the idea is to avoid "monkey patching"
20:31:39 <rsleevi> q+
20:31:59 <wseltzer> trevp: does this resolution make it more difficult to add new algorithms as a new spec?
20:32:10 <wseltzer> markw: you can still add new algorithms
20:32:21 <Karen_> Mark: we can still add new algorithms
20:33:10 <harry> bal, before you leave could you type in IRC whether or not you agree with Richard's "forward reference" solution re errata updating?
20:33:23 <Zakim> -Michael_Hutchinson
20:33:25 <Zakim> -Karen
20:33:44 <harry> bal: They are assuming an uncompresssed for same IPR reasons everyone else does
20:33:49 <Karen_> sorry, the line is off for me...
20:33:53 <harry> ... for PKCS#8, that's already taken care of
20:33:54 <markw> One remaining change is necessary to make the format of private EC keys defined by the extensions specification (currently it is asymmetrical: import assumed ECPrivateKey but export does not - or vice versa. Needs to be symmetrical, without the assumption).
20:33:59 <Zakim> +Michael_Hutchinson
20:34:23 <selfissued> q+
20:34:40 <Karen_> can some scribe?
20:35:03 <Zakim> -rbarnes
20:35:06 <Zakim> -bal
20:35:11 <virginie> q?
20:35:26 <wseltzer> [bal and rbarnes leave, after saying this solution is fine with them]
20:35:33 <rbarnes> +1
20:35:35 <Zakim> +Karen.a
20:35:45 <harry> self-issued: Is this an explicit decision to not use compressed curves?
20:35:57 <harry> trevorp: It's just unclear where you put it - would you put it in x co-ordinate
20:36:01 <harry> ... but yeah, we can deal with that later
20:36:06 <harry> scribe: hhalpin
20:36:15 <Karen_> I am back
20:36:16 <harry> virginie: Would your common be objection?
20:36:31 <harry> trevor: I think some details need to be fleshed out
20:36:32 <harry> q+
20:36:44 <harry> ... but we can anticipate a lot of things
20:36:51 <harry> ... but dont want to preclude ourselves
20:37:32 <harry> selfissued: discussions here won't change that
20:37:39 <Karen_> mike: you should review JOSE draft 35
20:37:40 <harry> selfissued, please type up your point
20:37:45 <vgb> zakim, who is making noise?
20:37:57 <Zakim> vgb, listening for 10 seconds I heard sound from the following: Michael_Hutchinson (49%), Virginie_Galindo (49%)
20:37:58 <selfissued> If you have concerns about the JWK langauge, you shoudl review the -35 draft
20:38:08 <selfissued> And send comments to jose@ietf.org
20:38:11 <virginie> q?
20:38:18 <selfissued> Disussinos here won't change JWK
20:38:28 <Karen_> harry: don't think it is a blocking bug
20:38:33 <selfissued> But I don't think there's anything blocking WebCrypto from proceeding in JWK
20:38:38 <Karen_> ... can fix in JWK in future
20:39:01 <harry> i.e. we can specify that in the extension spec
20:39:08 <harry> and that we should clarify this with JWK
20:39:27 <Karen_> Travor: I am not rejecting anything, just want to make sure extension is possible
20:39:29 <harry> so I don't think its blocking exiting Last Call per se
20:40:06 <selfissued> There was an explicit JOSE working group decision not to use compressed point representations
20:40:07 <Karen_> ryan: compressed point is not supported in the spec
20:40:31 <Karen_> ... the spec is going to be a living one
20:41:06 <Karen_> ... if is need for compressed curve, we consider
20:41:11 <virginie> https://www.w3.org/Bugs/Public/show_bug.cgi?id=25618
20:41:28 <Karen_> Virginie: any objection to mark's proposal?
20:41:59 <Karen_> ... Ryan and Richard agree
20:42:06 <markw> +1 (on the basis that we fix the one remaining change to make the format of private EC keys defined by the extensions specification.)
20:42:08 <selfissued> +1
20:42:08 <vgb> +1 to closing with Mark's proposal (regarding one more small change he needs to make)
20:42:09 <kodonog> +1
20:42:13 <Karen_> +1
20:42:17 <MichaelH> =1
20:42:19 <MichaelH> +1
20:42:34 <Karen_> Travor: +1
20:42:36 <wseltzer> [+1 is "no objection"]
20:42:45 <harry> Trevorp: 0 (abstain)
20:42:53 <wseltzer> s/Travor: +1//
20:43:07 <vgb> i believe bal and rbarnes expressed +1 before leaving
20:43:32 <Karen_> Virginie: agree to exit last call?
20:43:37 <markw> +1
20:43:40 <markw> q+
20:43:44 <kodonog> +1
20:43:57 <Karen_> ... we can leave 2 weeks for people online
20:43:58 <harry> We should go over the errata discussion real quick
20:44:06 <wseltzer> PROPOSED: Exit last call
20:44:19 <Karen_> mark: let people on the call to vote or talk
20:44:25 <harry> Basically, the answer is "yes" we can update errata re forward references
20:44:30 <markw> +1
20:44:55 <harry> If people want to delve into errata management, I'm happy to do that.
20:45:00 <vgb> +1
20:45:00 <wseltzer> [with the understanding that this decision will go out on the mailing list, per usual WG practice]
20:45:05 <kodonog> +1
20:45:11 <Karen_> +1
20:45:16 <wseltzer> s/list,/list for the next two weeks,/
20:45:29 <MichaelH> +1
20:46:38 <wseltzer> RESOLVED: Exit last call, after confirming on mailing list
20:47:08 <harry> ACTION: hhalpin to create Last Call Exit request document
20:47:09 <trackbot> Created ACTION-148 - Create last call exit request document [on Harry Halpin - due 2014-10-27].
20:47:14 <wseltzer> q+
20:47:16 <Karen_> virginie: thank you everyone for making the efforts
20:48:38 <Karen_> ... F2F meeting on 10/30th
20:49:08 <Karen_> ... agenda: webcrypto roadmap, key discovery
20:49:26 <harry> q+
20:49:34 <Karen_> ... may be news of security recommendation from IETF
20:49:45 <wseltzer> q-
20:49:51 <Karen_> ... tools, respository
20:49:55 <harry> q-
20:49:59 <wseltzer> q+
20:50:13 <virginie> q?
20:50:14 <Karen_> ... debrief of the workshop in Sept and rechartering
20:50:15 <markw> q-
20:50:55 <Karen_> wendy: web app security WG is also re-chartering and interested what items will fit between groups
20:51:03 <Karen_> ... credential API
20:51:26 <Karen_> ... I will help to coordinate
20:51:41 <Karen_> virginie: anything else?
20:51:45 <wseltzer> q-
20:51:59 <virginie> q?
20:52:05 <virginie> agenda?
20:52:20 <wseltzer> q+
20:53:05 <Karen_> Wendy: thank you virginie and everyone! next step would be implementation and testing
20:53:10 <wseltzer> q-
20:53:39 <Karen_> mark: multiple implementations exit already
20:54:15 <Karen_> wendy: yes, we need to test them to get a uniform platform
20:54:21 <harry> thanks everyone!
20:54:31 <Zakim> -markw
20:54:34 <Zakim> -rsleevi
20:54:35 <Karen_> bye
20:54:35 <Zakim> - +1.703.948.aacc
20:54:36 <Zakim> -Michael_Hutchinson
20:54:36 <Zakim> -selfissued
20:54:37 <harry> trackbot, end meeting
20:54:37 <Zakim> -Virginie_Galindo
20:54:37 <trackbot> Zakim, list attendees
20:54:37 <Zakim> As of this point the attendees have been +1.415.373.aaaa, +1.650.275.aabb, rsleevi, hhalpin, Karen, karen_oDonoghue, Virginie_Galindo, rbarnes, selfissued, Wendy, bal, trevp, vgb,
20:54:40 <rsleevi> rsleevi has left #crypto
20:54:41 <Zakim> ... markw, Michael_Hutchinson, +1.703.948.aacc
20:54:41 <Zakim> -trevp
20:54:41 <Zakim> -Wendy
20:54:44 <Zakim> -vgb
20:54:45 <trackbot> RRSAgent, please draft minutes
20:54:45 <RRSAgent> I have made the request to generate http://www.w3.org/2014/10/20-crypto-minutes.html trackbot
20:54:46 <trackbot> RRSAgent, bye
20:54:46 <RRSAgent> I see 1 open action item saved in http://www.w3.org/2014/10/20-crypto-actions.rdf :
20:54:46 <RRSAgent> ACTION: hhalpin to create Last Call Exit request document [1]
20:54:46 <RRSAgent>   recorded in http://www.w3.org/2014/10/20-crypto-irc#T20-47-08
20:54:48 <Zakim> -Karen.a