Agenda: Distributed Meeting 2009-06-02 v2

• From: Frederick Hirsch <frederick.hirsch@nokia.com>
• Date: Fri, 29 May 2009 11:56:44 -0400
• To: XMLSec WG Public List <public-xmlsec@w3.org>
• Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
• Message-Id: <1554A4EA-4A11-41E7-9D4E-43496CBFD949@nokia.com>

Agenda: W3C XML Security WG (XMLSec) v2
Teleconference 2 June 2009
Distributed Meeting #31

v2 update with announcements, liaison information, new proposals and  
discussion on list, updated minutes for approval

10-12:00 am Eastern Time
Information on meeting times in various time zones:
http://www.w3.org/2008/xmlsec/Group/Overview.html#phone

Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
<http://cgi.w3.org/member-bin/irc/irc.cgi>

Please note that attendance of XMLSEC WG teleconferences is   
restricted  to registered WG participants and persons invited by the   
chair.

Publication Status available at
http://www.w3.org/2008/xmlsec/wiki/PublicationStatus

Chair: Frederick Hirsch

Regrets:

see http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

1) Administrivia: scribe confirmation, next meeting, other

1a)  Magnus Nyström  is scheduled to scribe

The current scribe list is at the end of this message, will rotate  
through this list.

Scribe Instructions:
http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html

1b)   Meeting planning: upcoming meetings

This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is   
cancelled.

Upcoming meeting information is available on the WG Administrative page:
http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

Next meeting:  9 June, scribe TBD

TPAC confirmation
http://lists.w3.org/Archives/Member/member-xmlsec/2009May/0010.html

Joint meeting planning.

1c) Liaisons and Coordination

See status at members page
http://www.w3.org/2008/xmlsec/Group/Overview.html#coordination

Last Call of Widget Signature end 1 June - pls send comments before 1  
June
http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0050.html

XACML 3.0 public review, ending 20 July
http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0049.html

1d) Announcements

OASIS DSS-X TC profile for visible signatures committee draft,   
request for comment

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0036.html

Call for Exclusions (Update): XML Signature 1.1, XML Encryption 1.1,  
XML Security Derived Keys
http://lists.w3.org/Archives/Member/member-xmlsec/2009May/0012.html

2) Minutes Approval

Please review and indicate corrections in attendance list.

Minutes from F2F, for approval:

day 1 f2f
http://www.w3.org/2009/05/12-xmlsec-minutes.html

day 2 F2F
http://www.w3.org/2009/05/13-xmlsec-minutes.html

3) New issues and Editorial update status (Completed and pending)

Please remember to send note to public list when completing editing,  
indicating what has changed and associated action. Please mark action  
as pending as well.

3a) Best Practice update (BP 1 refers to 2)

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0038.html

3b) Best Practice sample file update

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0037.html  
(Pratik)

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0044.html  
(follow-up, Sean)

3c) DTD removal

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0045.html  
(Scott)

4) Resolution of Elliptic Curve

new discussion on list

http://lists.w3.org/Archives/Member/member-xmlsec/2009May/0011.html  
(member list, Bruce)

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0058.html  
(Cynthia)

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0060.html  
(Gerald)

Alternative proposals:
i. Remove notes in XML Signature section 6.1 and   XML Encryption 5.1  
regarding elliptic curve algorithms and key value,  retain elliptic  
curve as mandatory to implement as currently specified  in those  
documents. Retain current text regarding KeyValue for  elliptic curve.

iii. When we publish new WD retain notes, while continuing review of  
concerns

iii. Change to SHOULD

iv other?

5) Key Encapsulation proposal / Key Transport (XML Encryption)

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0043.html  
(Magnus)

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0048.html  
(Pratik)

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0056.html  
(Magnus)
Can't we do ECC encryption that is analogous to the plain RSA v1.5  
which doesn't do any KeyEncapsulation:
http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0057.html  
(Pratik)

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0059.html  
(Magnus)

6) Signature 1.1 Serialization proposal

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0039.html   
(Frederick)

7) r and s in ECDSA in XML Signature 1.1

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0053.html  
(Pratik)

8) Aligning Signature 1.1 and Encryption 1.1

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0054.html  
(Magnus)

9) X.962 vs SEC 1 version 2.0 reference in XML Signature 1.1

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0055.html  
(Magnus)

10) XML Encryption 5.6 revision proposal

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0046.html  
(Thomas)

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0047.html  
(Sean)

11) XML Enc and Derived Keys

http://lists.w3.org/Archives/Member/member-xmlsec/2009May/0009.html  
(Magnus)

12) Roadmap Review

Please review update

http://lists.w3.org/Archives/Member/member-xmlsec/2009May/0005.html

http://lists.w3.org/Archives/Member/member-xmlsec/2009May/0008.html  
(Scott)

13) Working Draft readiness

Review and readiness of 1.1 WD for publication

XML Signature 1.1, XML Encryption 1.1,  Derived Keys, Algorithm
Reference
(Signature Properties has no changes since last publication but should
it be included)

14) Publication decision for 1.1

Decide to publish WD of 1.1 documents, or to wait for additional changes

XML Signature 1.1, XML Encryption 1.1,  Derived Keys, Algorithm   
Reference, Signature Properties

Also publish XML Signature Best Practices

15) Interop Status

Updated wiki

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0052.html  
(Pratik)

16) Use cases and requirements

16a) Missing byte range use case and requirements?

http://lists.w3.org/Archives/Public/public-xmlsec/2008Nov/0023.html
(Chris)

17) RetrievalMethod and Reference in v2

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0034.html
(Thomas)

http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0035.html
(Scott)

18) Action Item and Issue Review

18a) Close Pending actions

[pending review] ACTION-286: Scott Cantor to Remove references to DTDs  
from the specification - due 2009-05-19 [on Sig11 (XML Signature 1.1)]
http://www.w3.org/2008/xmlsec/track/actions/286

[pending review] ACTION-289: Frederick Hirsch to Propose text on
serialization issue for xml signature 1.1 - due 2009-05-20 [on ]
http://www.w3.org/2008/xmlsec/track/actions/289

[pending review] ACTION-293: Frederick Hirsch to Update Associate
product list in Open Actions tracker to include all docs - due
2009-05-20 [on ]
http://www.w3.org/2008/xmlsec/track/actions/293

[pending review] ACTION-295: Frederick Hirsch to Update best practices
to update best practice 1 to refer to best practice 2 - due 2009-05-20
[on ]
http://www.w3.org/2008/xmlsec/track/actions/295

[pending review] ACTION-296: Frederick Hirsch to Send email about
roadmap - due 2009-05-20 [on ]
http://www.w3.org/2008/xmlsec/track/actions/296

18b) Open Action Review

Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open

Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions

Please review open action list and update your actions appropriately:

http://www.w3.org/2008/xmlsec/actions-open.html

19) Issues review

http://www.w3.org/2008/xmlsec/track/issues/open

20) Other Business

21) Adjourn

Scribing  list
----------------
Cynthia Martin, MITRE ()
Bruce Rich, IBM (17 July F2F am, 21 October 2008 F2F am)
Hal Lockhart, Oracle (9 December 2008)
Shivaram Mysore, Invited Expert ( F2F 14 January 2009, pm)\
Bradley Hill, Invited Expert (27 January 2009)
Konrad Lanz, IAIK (24 February 2009, 16 July F2F am)
Juan Carlos Cruellas, Universitat Politècnica de Catalunya (17
February 2009, 16 September 2008)
Chris Solc, Adobe (3 March 2009, 20 October 2008 F2F am)
Robert Miller, MITRE (10 March 2009, 20 October 2008 F2F pm)
Magnus Nyström, EMC (17 March 2009, 11 November 2008)
Scott Cantor, invited expert (24 March 2009, 29 July 2008, 2 December
2008)
Ed Simon, Invited Expert (31 March 2009, 18 November 2008)
John Wray, IBM (21 April 2009, 16 December 2008)
Kelvin Yiu, Microsoft (28 April 2009, 21 October 2008 F2F, pm)
Sean Mullan, Sun (12 May 2009 F2F am, 3 February 2009)
Gerald Edgar, Boeing (12 May 2009 F2F pm, 7 April 2009, F2F 13 January
2009, pm)
Brian LaMacchia, Microsoft (13 May 2009 F2F am, F2F 14 January 2009, pm)
Pratik Datta, Oracle (14 May 2009 F2F pm, F2F 14 January 2009, pm, 10
February 2009)

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG

Received on Friday, 29 May 2009 15:57:39 UTC