Agenda: Distributed Meeting 2009-07-14 v2 from Frederick Hirsch on 2009-07-14 (public-xmlsec@w3.org from July 2009)

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Tue, 14 Jul 2009 09:34:10 -0400
To: XMLSec WG Public List <public-xmlsec@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
Message-Id: <21AAA617-4A8B-428C-8064-319801CFF59D@nokia.com>
Agenda: W3C XML Security WG (XMLSec) v2
Teleconference 14 July 2009
Distributed Meeting #36

re-order, add recent completed edits and discussions.

10-12:00 am Eastern Time
Information on meeting times in various time zones:
http://www.w3.org/2008/xmlsec/Group/Overview.html#phone

Zakim Bridge:
+1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
<http://cgi.w3.org/member-bin/irc/irc.cgi>

Please note that attendance of XMLSEC WG teleconferences is   
restricted  to registered WG participants and persons invited by the   
chair.

Publication Status available at
http://www.w3.org/2008/xmlsec/wiki/PublicationStatus

Chair: Frederick Hirsch

Regrets: Brian LaMacchia, Ed Simon

see http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

1) Administrivia: scribe confirmation, next meeting, other

1a)  Brad Hill is scheduled to scribe

The current scribe list is at the end of this message, will rotate
through this list.

Scribe Instructions:
http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html

1b)   Meeting planning: upcoming meetings

This WG meets weekly on Tuesdays 10-12 Eastern unless a meeting is   
cancelled.

Upcoming meeting information is available on the WG Administrative page:
http://www.w3.org/2008/xmlsec/Group/Overview.html#upcoming-meetings

Next meeting:  21 July, scribe TBD

TPAC registration open
TPAC Overview: http://www.w3.org/2009/11/TPAC/overview.html

Please register: http://www.w3.org/2002/09/wbs/35125/TPAC09/
Note registration fee increases after 21 September 2009.

XML Security Thursday and Friday 5-6 November as originally planned.

1c) Liaisons and Coordination

See status at members page
http://www.w3.org/2008/xmlsec/Group/Overview.html#coordination

1d) Announcements

None

2) Minutes Approval

Please review minutes, also please indicate corrections in attendance.

7 July 2009 teleconference
http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0022.html

3) KDF and KDF3

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0012.html    
(Kelvin)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0027.html    
(Magnus)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0031.html  
(Kelvin)

ACTION-323
http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0033.html  
(Magnus)
updated XMLEnc 1.1 text for the KDF3 AlgorithmID parameter. At the  
same time, I also drafted some provisional text for the PartyUIInfo  
and the PartyVIInfo parameters since what we had would not allow for  
interoperability. This is all checked in.
accept changes, additional changes needed?
4) Generic Hybrid Ciphers First Public Working Draft publication?

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0021.html   
(Frederick)

Separate document or incorporate into XML Encryption 1.1

http://www.w3.org/2008/xmlsec/Drafts/key-encapsulation/key-encapsulation.html

5) XMLEnc editorial comments

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0034.html  
(Magnus)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0035.html  
(Brian - ok)

accept changes, editorial action?

6) Editorial update status

Please remember to send note to public list when completing editing,   
indicating what has changed and associated action. Please mark action   
as pending as well and update the explain.html document for XML   
Signature 1.1 or XML Encryption 1.1.

6a) Updated XML Signature 1.1 DSS security considerations, ACTION-327

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0016.html   
(Frederick)

6b) Updated XML Encryption 1.1 references, ACTION-328

Incorporated update to references provided by Peter, as well as   
additional changes from Cynthia (Frederick)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0019.html

Please review the section references to RFC 3447

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jun/0047.html
status of ietf draft, ISSUE-137

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0024.html   
(peter)

6c) Update XML Encryption 1.1 with explicit URIs for DH choices
http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0025.html   
(Brian)

added a new URI for DH ephemeral-static with new KDFs, moved the   
identifiers for both legacy and new into their respective  
subsections,  and removed the language that I had in earlier that did  
the  distinguishing based on absence or presence of <KA-Nonce>

6d) Superseding Derived Keys document

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0028.html   
(Thomas)
Resolution to accept for publication replacement?

6e) XML Encryption cleanup

http://lists.w3.org/Archives/Member/member-xmlsec-commits/2009Jul/0028.html 
  (Magnus)

xenc-schema-11.xsd:
For clarity, changed name of CarriedKeyName child element of  
DerivedKeyType to DerivedKeyName.

Overview.htm:

Section 3.5.2:
- Corrected description of DerivedKeyName (CarriedKeyName) and  
MasterKeyName (only DerivedKeyName
  may be present in a ds:KeyInfo KeyName value)
- For clarity, changed name of CarriedKeyName child element of  
DerivedKeyType to DerivedKeyName.

Section 4:
- Updated processing instructions to take into account possibility of  
derived keys

Section 5.4.1:
- Added text explaining the AlgorithmID, PartyUIInfo and PartyVIInfo  
attributes and what values
  they may take in this version of the specification.

Section 5.6.2:
- Corrected reference (from 5.6.1.1 to 5.6.2.1).

6f) XML Signature reference correction

http://lists.w3.org/Archives/Member/member-xmlsec-commits/2009Jul/0029.html 
  (Magnus)
Corrected reference to RFC 3447.
6g) add dsa-SHA256 and various formatting cleanup to Algorithms document

http://lists.w3.org/Archives/Member/member-xmlsec-commits/2009Jul/0030.html 
  (Thomas)

6h) New XML Signature 2.0 draft (later in agenda)

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0032.html  
(Pratik)

7) Proposed XML Signature 1.1 References update

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0029.html   
(Cynthia)

8) Conclusion of ACTION-320

Action completed, accept.

9) Updated 1.1 Working Draft Publication

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0021.html
(Frederick)

9a) XML Signature 1.1
- reference updates
- explain update still needed.

9b) XML Encryption 1.1
- explain update still  needed.

9c) XML Security Algorithms Note
- algorithm update still needed (Thomas action)

9d) Best Practices XML Signature
ready?

9e) Transform Simplification: Requirements and Design
ready?

9f) Derived Keys
- Draft with status noting superseded

10) 2.0 Draft Discussion

10a) Additional comment on C14N 2.0 draft?
http://www.w3.org/2008/xmlsec/Drafts/c14n-20/Overview.html (Pratik)

10b) XML Signature 2.0

http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/Overview.html  
(Pratik)

11) Exclusive C14N errata

review completed, ready to publish (discussed generally on last
teleconference)

11a) Proposed revision to E02, DTD/Schema issue

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jun/0075.html
(Scott)

11b) Proposed New E07 for ISSUE110, "visibly utilizes"

http://lists.w3.org/Archives/Public/public-xmlsec/2009Jun/0076.html
(Scott)

12) Action Item and Issue Review

12a) Close Pending actions

These will be closed after the meeting unless concern raised before   
or  during meeting. Please review in advance of meeting.

ACTION-158: Frederick Hirsch to Take pass through references in Dsig  
Core - update, split into normative/informative -  due 2009-03-30  
[on ] http://www.w3.org/2008/xmlsec/track/actions/158

ACTION-323 Write a proposal for use of Alg IDs for KDF key Magnus  
Nyström

ACTION-326: Brian LaMacchia to Update ACTION 319 for  explicit URI -  
due 2009-07-14 [on ]http://www.w3.org/2008/xmlsec/track/actions/326

ACTION-327: Frederick Hirsch to Update DSS security  warning - due  
2009-07-14 [on ]
http://www.w3.org/2008/xmlsec/track/actions/327

ACTION-330 Update algorithms doc per http://lists.w3.org/Archives/Public/public-xmlsec/2009Jul/0013.html 
  Thomas Roessler

ACTION-333: Thomas Roessler to Draft one-pager that  says "derived key  
stuff has been folded into encryption - due  2009-07-16 [on ] http://www.w3.org/2008/xmlsec/track/actions/333

12b) Open Action Review

Open actions are listed in Tracker at http://www.w3.org/2008/xmlsec/track/actions/open

Procedure for closing actions: http://www.w3.org/2007/xmlsec/Group/Overview.html#closing-actions

Please review open action list and update your actions appropriately:

http://www.w3.org/2008/xmlsec/actions-open.html

13) Issues review

http://www.w3.org/2008/xmlsec/track/issues/open

14) Other Business

15) Adjourn

Scribing  list
----------------

Bradley Hill, Invited Expert (27 January 2009)
Konrad Lanz, IAIK (24 February 2009, 16 July F2F am)
Chris Solc, Adobe (3 March 2009, 20 October 2008 F2F am)
Scott Cantor, invited expert (24 March 2009)
Ed Simon, Invited Expert (31 March 2009)
John Wray, IBM (21 April 2009)
Kelvin Yiu, Microsoft (28 April 2009)
Bruce Rich, IBM (5 May 2009)
Sean Mullan, Sun (12 May 2009 F2F am)
Gerald Edgar, Boeing (12 May 2009 F2F pm, 7 April 2009)
Brian LaMacchia, Microsoft (13 May 2009 F2F am)
Pratik Datta, Oracle (13 May 2009 F2F pm)
Magnus Nyström, EMC (2 June, 2009, 24 March 2009)
Hal Lockhart, Oracle (16 June 2009, 9 December 2008)
Shivaram Mysore, Invited Expert (23 June 2009,  F2F 14 January 2009, pm)
Cynthia Martin, MITRE (7 July 2009, 9 June 2009)

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG
Received on Tuesday, 14 July 2009 13:34:56 UTC