- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Wed, 11 Mar 2009 16:00:44 -0400
- To: XMLSec WG Public List <public-xmlsec@w3.org>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
Agenda: W3C XML Security WG (XMLSec) (resend)
Teleconference 17 March 2009
Distributed Meeting #24
10-12:00 am Eastern Time
Information on meeting times in various time zones:
http://www.w3.org/2008/xmlsec/Group/Overview.html#phone
Warning:
This week's call (and through 29 March) 1 hour earlier outside the US:
http://lists.w3.org/Archives/Member/member-xmlsec/2009Mar/0000.html
Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
<http://cgi.w3.org/member-bin/irc/irc.cgi>
Please note that attendance of XMLSEC WG teleconferences is restricted
to registered WG participants and persons invited by the chair.
Draft deliverables (both editors drafts and latest publications) are
available at
http://www.w3.org/2008/xmlsec/wiki/PublicationStatus
Chair: Frederick Hirsch
Regrets:
see http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings
1) Administrivia: scribe confirmation, next meeting, other
1a) Magnus Nyström is scheduled to scribe
The current scribe list is at the end of this message, will rotate
through this list.
Scribe Instructions:
http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html
1b) Meeting planning: weekly meetings
This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is
cancelled.
Upcoming meeting information is available on the WG Administrative page:
http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings
Next meeting 24 March, TBD is scheduled to scribe.
1c) Liaisons and Coordination
See status at members page
http://www.w3.org/2008/xmlsec/Group/Overview.html#coordination
1d) Announcements
RFC 5480 Elliptic Curve Cryptography Subject Public Key Information
http://lists.w3.org/Archives/Public/public-xmlsec/2009Mar/0021.html
(see 1.1 agenda item for ECC Keys in KeyInfo discussion)
2) Minutes Approval
Note - minutes on home page and administrative page up to date
http://lists.w3.org/Archives/Member/member-xmlsec/2009Mar/0011.html
2a) Minutes from 10 March 2009, for approval:
http://www.w3.org/2009/03/10-xmlsec-minutes.html
3) Editorial updates
3a) Best Practices
Change text to 2.7 as agreed on last call
http://lists.w3.org/Archives/Public/public-xmlsec/2009Mar/0020.html
3b) Signature Properties
Update Created property, add editorial section on RFC2119, RFC2119
reference, update RFC2119 term formatting.
http://lists.w3.org/Archives/Public/public-xmlsec/2009Mar/0024.html
(Frederick)
Please review identifier and created properties:
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-properties/Overview.html#identifier-property
3c) Derived Keys
Updated RFC 2119 term formatting
http://lists.w3.org/Archives/Public/public-xmlsec/2009Mar/0024.html
(Frederick)
4) 1.1 Interop Planning
Review WG members ability to participate, planning for interop.
http://lists.w3.org/Archives/Public/public-xmlsec/2009Mar/0019.html
(Sean)
5) 1.1 Topics
5a) Additional higher-level ECC Curves in Signature 1.1
Awaiting actions:
ACTION-225, Kelvin
http://www.w3.org/2008/xmlsec/track/actions/225
"adding a note or paragraph that highlight P384 and P512 and reference
the appropriate NIST doc (SP 800-57 Part 1) which also includes
recommendation about the hash alg that should be used for a specific
security level" 24 February minutes
5b) Mandatory Elliptic Curve in XML Encryption 1.1
Awaiting action
ACTION-227, Brian
http://www.w3.org/2008/xmlsec/track/actions/227
5c) EC Point Type
awaiting ACTION-229
http://www.w3.org/2008/xmlsec/track/actions/229
5d) Require Exclusive C14N as mandatory algorithm in XML Signature 1.1?
http://lists.w3.org/Archives/Public/public-xmlsec/2009Mar/0008.html
(Sean)
ISSUE-108
5e) ECC keys in KeyInfo?
http://lists.w3.org/Archives/Public/public-xmlsec/2009Mar/0023.html
(Scott)
6) Continue C14N vNext ideas discussion: Design
http://www.w3.org/2008/xmlsec/Drafts/transform-note/
Overview.html#design (Pratik)
7) Issue review
a) Compatibility and versioning
http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0120.html
(Konrad)
b) Namespace undeclarations
http://lists.w3.org/Archives/Public/public-xmlsec/2009Feb/0114.html
(Konrad)
c-i) Requirements as Issues
http://lists.w3.org/Archives/Public/public-xmlsec/2009Mar/0016.html
(Gerald)
c) ISSUE-31 Role for XML processing instruction, if any
http://www.w3.org/2008/xmlsec/track/issues/31
d) ISSUE-32 Define metadata that needs to be conveyed with signature,
e.g. profile information
http://www.w3.org/2008/xmlsec/track/issues/32
e) ISSUE-34 Versioning and compatibility requirements, namespace
versioning policy
http://www.w3.org/2008/xmlsec/track/issues/34
f) ISSUE-37 Simplified c14n for signing versus more general c14n, e.g.
not produce compliant xml document
http://www.w3.org/2008/xmlsec/track/issues/37
g) ISSUE-38 Profile for signature processing for non-XML or for
constrained XML requirements
http://www.w3.org/2008/xmlsec/track/issues/38
h) ISSUE-45 Signing with multiple intended receivers, and/or long
lived signatures
http://www.w3.org/2008/xmlsec/track/issues/45
i) ISSUE-51 Effects of schema normalization on signature verification
http://www.w3.org/2008/xmlsec/track/issues/51
8) Best Practices
8a) Earlier comments from Juan Carlos
http://www.w3.org/2008/xmlsec/Drafts/best-practices/comments-bhill-jcc.html
(Edited document)
http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0020.html
(Frederick)
http://lists.w3.org/Archives/Public/public-xmlsec/2008Oct/0030.html
(Juan Carlos)
9) Action Item and Issue Review
9a) Close Pending actions
[pending review] ACTION-222: Konrad Lanz to Make proposal RIPE
algorithms - due 2009-03-03 [on ISSUE-83]
http://www.w3.org/2008/xmlsec/track/actions/222
[pending review] ACTION-223: Magnus Nystrom and Frederick to check on
hosting - due 2009-03-03 [on ]
http://www.w3.org/2008/xmlsec/track/actions/223
9b) Open Action Review
Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open
Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions
Please review open action list and update your actions appropriately:
http://www.w3.org/2008/xmlsec/actions-open.html
10) Other Business
11) Adjourn
Scribing list
----------------
Bruce Rich, IBM (17 July F2F am, 21 October 2008 F2F am)
Kelvin Yiu, Microsoft (21 October 2008 F2F, pm)
Magnus Nyström, EMC (11 November 2008)
Ed Simon, Invited Expert (18 November 2008)
Scott Cantor, invited expert (29 July 2008, 2 December 2008)
Hal Lockhart, Oracle (9 December 2008)
John Wray, IBM (16 December 2008)
Phillip Hallam-Baker, Verisign (F2F 13 January 2009, am)
Gerald Edgar, Boeing (F2F 13 January 2009, pm)
Shivaram Mysore, Invited Expert ( F2F 14 January 2009, pm)
Brian LaMacchia, Microsoft ( F2F 14 January 2009, pm)
Bradley Hill, Invited Expert (27 January 2009)
Sean Mullan, Sun (3 February 2009)
Pratik Datta, Oracle ( F2F 14 January 2009, pm, 10 February 2009)
Konrad Lanz, IAIK (24 February 2009, 16 July F2F am)
Juan Carlos Cruellas, Universitat Politècnica de Catalunya (17
February 2009, 16 September 2008)
Chris Solc, Adobe (3 March 2009, 20 October 2008 F2F am)
Robert Miller, MITRE (10 March 2009, 20 October 2008 F2F pm)
regards, Frederick
Frederick Hirsch, Nokia
Chair XML Security WG
Received on Wednesday, 11 March 2009 20:01:39 UTC