[1]W3C [2]XML Encryption WG [1] http://www.w3.org/ [2] http://www.w3.org/Encryption/2001/Overview.html 2001-October-1 Chair: Joseph Reagle Note Taker: Joseph Reagle [3]text] [3] http://www.w3.org/Encryption/2001/Minutes/011001-tele.html,text Participants * Joseph Reagle, W3C * Blair Dillaway, Microsoft * Donald Eastlake 3rd, Motorola * Ed Simon, XMLsec * Merlin Hughes, Baltimore News Status of documents * Will do formal last call on the week of October 15th. Reviewing [4]Previous Items [4] http://www.w3.org/Encryption/2001/Minutes/010917-tele.html 1. Eastlake: add real life examples in section 5.5 to illustrate. Pending: Due by the 12th. 2. Action Hughes: ([5] XML Encryption Processing Model) Will investigate and send an email on Xerces implementation using XNI, or DOM when processing Element or Element Content. Pending. 3. Action Reagle: [6]Add text on the creation of nonce and integrity in the processing rules. Will complete when last issue is resolved. 4. Action Reagle: Update charter. [5] http://lists.w3.org/Archives/Public/xml-encryption/2001Aug/0031.html [6] http://lists.w3.org/Archives/Public/xml-encryption/2001Sep/0002.html Requirements ... Draft * [7]Scenario for Plaintext Integrity Reagle: What do we want to do? On the list Merlin and Ed said they preferred option 1: remove Digest{Method,Value}. Reagle: Is this because people don't find the requirement for this functionality that compelling, or they do and they think option 1 is the best way. Dillaway: I prefer option 1.. I don't think many folks will have the requirement for partial revelation, if they do, they can specify it, and it could be an informational document. It's not something every toolkit should have to implement. Eastlake: Option 1: there's no requirement that xmldsig can't meet. The sign/encrypt and being able to change keys is tricky, but that's a fairly unique requirement. Simon: unconvinced of the requirement. Merlin: seems like a special case, haven't found that immediate need amongst his users. Action Reagle: Remove Digest{Method,Value}. Reagle: To confirm, with respect to Schaad's proposal for a checksum of the plaintext that is encrypted as part of the CipherValue, if people want to do this, they can create a new algorithm. Call: Agree. * [8]Serialization Hint Reagle: from Simon's email, "does it make sense to allow the application to provide a hint in how the the serialization was done?" Simon/Dillaway: Last word was agreement to [9]Reagle's two sentence of text. Simon: Don't need new syntax for a hint yet, will think about that more. * Plan Blair Dillaway: what's the expectation for going to last call? Reagle: I think I can reflect all the changes I need to do today, but then I will be on Holiday from Oct 4-11. So if Don can send his examples on section 5 to the list while I'm gone, when I get back I can integrate them in and do the formal last call (week of 15th-19th) [7] http://lists.w3.org/Archives/Public/xml-encryption/2001Sep/0021.html [8] http://lists.w3.org/Archives/Public/xml-encryption/2001Sep/0038.html [9] http://lists.w3.org/Archives/Public/xml-encryption/2001Sep/0046.html Misc. * Next call on October 15, 2001.