DRAFT 1st October 2002 XKMS Teleconference Minutes
Chairs: Stephen Farrell, Shivaram Mysore
Note Takers: Joseph Reagle and Stephen Farrell
Last revised by $Author: smysore $ $Date: 2002/10/04 21:14:52 $
Participants
- Shivaram Mysore, Sun Microsystems
- Stephen Farrell, Baltimore
- Mike Just, Entrust
- Phill Hallam-Baker, Verisign
- Yassir Elley, Sun Microsystems
- Joseph Reagle, W3C
- Peter Rostin, RSA Security
- Brian LaMacchia, Microsoft
- Frederick Hirsch
Regrets
- Ed Simon, XMLsec Inc
Status Update
- Charter update done and sent to W3C Domain Leader. Changes include new
timelines for deliverables and inclusion of new boiler plate for IPR +
minor cosmetic changes.
- [11:34:19] Mysore: new charter has gone to W3C Domain Leader, should go
to AC next.
- Specification has been split into 2 parts and info regarding WSS has
been removed from part II
- Mike Just/Phill - could you please send updated issues list to be
posted on the web - once a week or 15 days with a new version of the spec
atleast for the next 3-4 weeks so that we can wrap this up.
- Clarification from Phill needed regarding Action item 2 of the F2F
minutes about what exactly needs to be sent to WSS TC from XKMS
group.
- [11:34:42] Phil: nothing has been sent to ws-sec yet, we should get the
protocol doc more in shape before we do anything
XKMS Specification V2.0 DRAFT
(Sept 26, 2002) - Phill Hallam-Baker
- [11:37:53] ISSUE 20: what to do with status element?
- [11:39:34] Phil: overall status needs to be invalid if any of the
constituents are.
- [11:40:11] reason codes are informational.
- [11:41:43] status value is required, and the normative information
- [11:42:03] stephen: what happens if one processes them, and another
doesn't, and they get different results.
- [11:42:42] phil: the reason code sets an upper bound on what you can
return in the status value
- [11:43:24] stephen: not sure if that's approriate...
- [11:45:49] peter: how do you combine the returns from different
services?
- [11:47:25] stephen: ACTION phil: phil will rewrite the text for
the client status processing algorithm
- [11:48:10] stephen: we need the algorithm to be implementable and
determinent (consistent answers)
- [11:49:15] ISSUE 22: calling multiple requests a compound
requests.
- [11:50:30] stephen: are we merging xbulk functionality...
- [11:50:54] phil: we agreed at the F2F that we would merge their
schemas, and create a profile for smartcard sort of operations
- [11:51:10] stephen: but a xkms specification doesn't have to support
bulk operations?
- [11:51:31] phil: yes, not every service would have to support this.
- [11:54:42] phil: section 2.1 needs some text that makes it clear that
compound request is not supported
- [11:57:45] brian: we do want multiple requests, though we presumed that
multiple requests would come along without a extra ancestor element.
- [11:58:13] phil: probably useful to have a new root with a whole
message body, in ws-sec.
- [12:01:20] how to show correlation between the requests and
responses?
- [12:02:05] reagle: if multiple requests with multiple optional feature,
and you get a response of "feature not supported" do you know which one
it corresponds to
- [12:02:34] stephen: sounds similar to existing technology in which I've
seen very little interop on this point.
- [12:06:18] stephen: in pkix this was all included and eventually they
had to write appendix C to profile it all.
- [12:09:05] brian: will you ban asynchronous on the compound, and
synchronous on the individual requests?
- [12:12:53] reagle: I'm concerned that the asynchronous multiple
requests will be complex and hairy
- [12:13:21] reagle: in which case, what requires us to take all of these
things on together? can the scary stuff be isolated?/
- [12:13:46] phil: more specs fail by punting, look at dns-sec
- [12:14:47] yassir: with the id and nonces, do you plan to protect
against compound replay attacks and the singular ones?
- [12:15:23] phil: that's an argument for keeping it together, because
the protocol document is going to have to address these issues.
- [12:17:26] (discussion: how often would someoen have to use the same
private key once over multiple proof's of posession)
- [12:17:52] brian: each one of these requests need to be processed as if
they are distinct, one proof of posession can't work over all of
them.
- [12:19:13] yassir: what is the meaning of multiple service URIs within
their compound then.
- [12:20:02] phil: the service URI of the compound corresponds to the
compound service
- [12:20:44] ACTION phil: will generate some text on this, but I
need an answer to the question of when we are compounding requests, do we
want to support 3 of one kind, and 4 of another.
- [12:21:34] reagle: are these things, locates, validates?
- [12:21:42] phil: also XKISS and KRSS, register, etc.
- [12:22:34] reagle: try to keep these things simple
- [12:24:56] stephen: no argument against all of the same type.
- [12:25:03] brian: i would argue against that.
- [12:25:09] stephen: use case?
- [12:25:41] brian: why add complexity to to the parse rules. doesn't
make the server's job easier.
- [12:25:57] brian: i can image use cases with multiple register and a
validate together.
- [12:26:47] stephen: we have two use cases of doing multiple locates
(for decrypting email) or multiple registries.
- [12:27:11] stephen: my experience with CMP and CMC shows this can get
complex.
- [12:29:55] brian: we need to think about network connections, i might
be a large company that is going to batch a whole slew of requests
- [12:31:20] frederick: we need to be clear that there's no ordinality
within the constituent requests.
- [12:31:48] stephen: i've never seen interop on this.
- [12:35:27] phil: let me propose the text and then we can take pot shots
at it
- [12:37:53] ISSUE 30: Policy URI.
- [12:38:21] phil: tweaks to the schema: can be on a locate or validate,
can also occur on any prototypes and queries.
- [12:38:37] phil: what happens if you specify more than one policy
URI?
- [12:44:31] stephen: are URIs sufficient, or does it need to be more
extensible.
- [12:51:12] phil: I'll propose some text and if we can't get agreement
will go with restricting it to 1
- [12:51:21] ISSUE 31: redesign of ANY
- [12:52:42] no comments.
- [12:53:52] ISSUE32: RespondWith, does someone have a
better idea for the names fo the elements.
- [12:53:57] Phil: will send back out to the list.
- [12:54:32] ISSUE32: proposal to querykeybinding, to
keybindingquery, phil doesn't want to do this because most of the name
are little endian
- [12:55:02] ISSUE51: X509 attributes, where to put them
in?
- [12:55:26] how does someone reply with extended key usage
- [12:56:07] earlier we said we wanted to avoid leaks from x509
- [12:56:49] call agrees: we don't want specific x509 data structures we
want leaking over.
- [13:03:14] Another call in two weeks.
- [13:03:28] Mike will process the issues list with what's been done.
- ISSUE 61: Should be put a "Do not" in front of the
proposed resolution (ACTION SF to send mail to Blake)
- ACTION Phill: send another draft of the spec in a week's
time.
Next Telecon
- Probable Dates: October 17 or 18, 2002; Probable Time: 12:30 - 14:00
UTC