IRC log of xmlsec on 2007-05-02

Timestamps are in UTC.

12:44:28 [RRSAgent]
RRSAgent has joined #xmlsec
12:44:28 [RRSAgent]
logging to http://www.w3.org/2007/05/02-xmlsec-irc
12:44:31 [tlr]
rrsagent, make this log public
12:44:39 [tlr]
Meeting: XML Security Spec Maint WG face-to-face
12:44:42 [tlr]
Date: 2007-05-02
12:44:59 [tlr]
Chair: Frederick
12:45:09 [GregB]
GregB has joined #xmlsec
12:45:13 [rdmiller]
rdmiller has joined #xmlsec
12:45:28 [tlr]
Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Apr/0014.html
12:46:13 [fjh]
fjh has joined #xmlsec
12:47:49 [tlr]
zakim, this will be xmlsec
12:47:49 [Zakim]
ok, tlr; I see T&S_XMLSEC()8:00AM scheduled to start 47 minutes ago
12:47:54 [tlr]
zakim, who is on the phone?
12:47:54 [Zakim]
T&S_XMLSEC()8:00AM has not yet started, tlr
12:47:55 [Zakim]
On IRC I see fjh, rdmiller, GregB, RRSAgent, Zakim, tlr, trackbot-ng
12:48:23 [tlr]
zakim, code?
12:48:23 [Zakim]
the conference code is 965732 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), tlr
12:48:50 [Zakim]
T&S_XMLSEC()8:00AM has now started
12:48:57 [Zakim]
+[NRCC]
12:48:58 [gregwhitehead]
gregwhitehead has joined #xmlsec
12:49:25 [klanz2]
klanz2 has joined #xmlsec
12:49:31 [klanz2]
I'm here
12:49:59 [tlr]
ScribeNick: GregB
12:50:30 [tlr]
http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html
12:52:29 [Zakim]
+ +1.613.726.aaaa
12:52:45 [tlr]
zakim, aaaa is EdSimon
12:52:45 [Zakim]
+EdSimon; got it
12:52:53 [grw]
grw has joined #xmlsec
12:53:44 [tlr]
ScribeNick: grw
12:54:25 [tlr]
zakim, NRCC has fjh, GregB grw, klanz2, rdmiller, tlr
12:54:25 [Zakim]
+fjh, GregB, grw, klanz2, rdmiller, tlr; got it
12:54:29 [tlr]
zaki, who is on the phone?
12:54:47 [tlr]
zakim, who is on the phone?
12:54:47 [Zakim]
On the phone I see [NRCC], EdSimon
12:54:48 [Zakim]
[NRCC] has fjh, GregB, grw, klanz2, rdmiller, tlr
13:00:54 [grw]
grw: it would be great to automate the scribe function with forms for each of the functions
13:01:58 [grw]
TOPIC: Administrative
13:02:09 [Ed]
Ed has joined #xmlsec
13:02:29 [tlr]
zakim, nick Ed is EdSimon
13:02:29 [Zakim]
ok, tlr, I now associate ed with EdSimon
13:02:56 [Ed]
Yes, Ed is Ed Simon
13:03:53 [jcc]
jcc has joined #xmlsec
13:06:53 [sean]
sean has joined #xmlsec
13:08:37 [hal]
hal has joined #xmlsec
13:09:21 [PHB]
PHB has joined #xmlsec
13:13:23 [fjh]
Members of the group introduced themselves
13:14:12 [fjh]
Regrets: Tony Nadalin
13:16:53 [tlr]
Present+ FrederickHirsch
13:17:01 [tlr]
Present+ KonradLanz
13:17:05 [tlr]
Present+ JuanCarlosCruellas
13:17:10 [tlr]
Present+ Phill Hallam-Baker
13:17:14 [tlr]
Present+ Greg Whitehead
13:17:21 [tlr]
Present+ Greg Berezowski
13:17:31 [tlr]
Present+ SeanMullen
13:17:34 [tlr]
Present+ DonEastlake
13:17:38 [tlr]
Present+ HalLokchart
13:17:41 [tlr]
Present+ RobMiller
13:17:44 [tlr]
Present+ ThomasRoessler
13:17:53 [tlr]
Present+ EdSimon
13:18:53 [tlr]
zakim, who is on the phone?
13:18:53 [Zakim]
On the phone I see [NRCC], EdSimon
13:18:55 [Zakim]
[NRCC] has fjh, GregB, grw, klanz2, rdmiller, tlr
13:22:25 [hal]
s/HalLokchart/Hal Lockhart/
13:22:52 [tlr]
Topic: approval of last meeting's minutes
13:22:59 [grw]
TOPIC: Approval of 2007-04-17 telecon minutes
13:23:16 [tlr]
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Apr/0008.html
13:23:19 [tlr]
approved
13:24:09 [grw]
RESOLUTION: 2007-04-17 telecon minutes approved
13:24:23 [grw]
TOPIC: Teleconference schedule
13:25:11 [grw]
fjh: weekly Tuesdays 9-10 am Eastern, 6-7 am PT, 3pm
13:25:37 [grw]
... European
13:25:44 [grw]
fjh: no call next week
13:26:35 [grw]
TOPIC: F2F plans
13:27:01 [grw]
fjh: will want to do a workshop at some point to solicit additional input for future work
13:27:25 [grw]
fjh: also Joint Technical Plenary and AC Meetings Week, 5-10 November 2007, Cambridge MA
13:28:36 [grw]
tlr: first two days working meetings, third day plenary, followed by more working meetings
13:29:15 [grw]
tlr: we could plan on 1.5 days thu-fri
13:30:31 [grw]
fjh: need a decision this week
13:31:06 [grw]
fjh: this group chartered through the end of the year. ideally our work is done by november
13:31:40 [tlr]
http://www.w3.org/2002/09/wbs/34786/TPAC07/
13:32:10 [deastlak]
deastlak has joined #xmlsec
13:33:52 [grw]
tlr: one of the outputs of this group will be a proposal for a charter for continued work
13:35:38 [grw]
tlr: in preparation for second f2f need: call for participation, prepare agenda
13:35:58 [grw]
tlr: second f2f = workshop
13:36:07 [tlr]
s/second f2f need/workshop/
13:36:12 [Ed]
I agree with the November plans.
13:38:51 [grw]
TOPIC: Agenda review
13:41:43 [grw]
TOPIC: Introduction to W3C, W3C process and Tools [Thomas Roessler]
13:43:27 [grw]
tlr: slides at http://www.w3.org/2007/xmlsec/w3c101
13:55:16 [fjh]
q+ to test this
13:55:34 [fjh]
q?
13:55:38 [fjh]
ack
13:55:45 [fjh]
ack fjh
13:55:45 [Zakim]
fjh, you wanted to test this
13:56:50 [fjh]
if you are on the queue and muted, when acked are unmuted
14:03:26 [Ed]
On break now.
14:05:35 [Zakim]
-EdSimon
14:18:00 [Ed]
test
14:22:17 [Zakim]
+EdSimon
14:26:03 [tlr]
tlr has joined #xmlsec
14:32:10 [grw]
fjh: starting again
14:35:11 [grw]
ACTION: Frederick to update scribe instructions
14:35:12 [trackbot-ng]
Created ACTION-3 - Update scribe instructions [on Frederick Hirsch - due 2007-05-09].
14:36:08 [klanz2]
Tracker, actions?
14:37:53 [klnaz2]
klnaz2 has joined #xmlsec
14:41:35 [fjh]
Tracker for xmlsec is member-only visible
14:42:57 [Ed]
I'm not familiar with bugzilla
14:46:14 [grw]
ACTION: fjh to provide instructions on using bugzilla
14:46:14 [trackbot-ng]
Sorry, couldn't find user - fjh
14:46:30 [grw]
ACTION: Frederick to provide instructions on using bugzilla
14:46:30 [trackbot-ng]
Created ACTION-4 - Provide instructions on using bugzilla [on Frederick Hirsch - due 2007-05-09].
14:46:41 [tlr]
ACTION: Thomas to teach tracker about common aliases
14:46:41 [trackbot-ng]
Created ACTION-5 - Teach tracker about common aliases [on Thomas Roessler - due 2007-05-09].
14:48:47 [grw]
TOPIC: Consensus
14:49:21 [fjh]
We would like to avoid reaching need for formal objection
14:53:11 [fjh]
Consensus is for "in the set", i.e. people in good standing.
14:54:00 [fjh]
Good standing based on attendance and delivering on deadlines. See Thomas slides.
14:55:00 [PHB]
PHB has joined #xmlsec
14:55:46 [tlr]
http://www.w3.org/2005/10/Process-20051014/policies.html#coi
14:56:14 [fjh]
please review conflict of interest policy, noted in the link above
14:56:28 [grw]
grw: what is conflict of interest in the context of this group?
14:56:36 [grw]
tlr: see process document for explanation of conflict of interest
14:57:29 [grw]
TOPIC: Patent Policy
14:58:08 [fjh]
current patent practice link - http://www.w3.org/TR/2002/NOTE-patent-practice-20020124
14:58:30 [grw]
tlr: XML Signature predates current patent policy
14:58:45 [grw]
tlr: see patent policy transition procedure
14:59:50 [fjh]
Transition procedure link - http://www.w3.org/2004/02/05-pp-transition.html
15:00:44 [rsalz]
rsalz has joined #xmlsec
15:03:00 [grw]
TOPIC: Presentation: Overview of Canonical XML 1.1 and XPath essentials [Konrad Lanz]
15:06:31 [Ed]
No, I do not have the slides.
15:07:04 [tlr]
http://www.w3.org/2007/xmlsec/20070502-klanz-c14n.pdf
15:09:48 [fjh]
see also http://www.w3.org/TR/DSig-usage/
15:10:22 [fjh]
XPointer used in URI, XPath Filter in Transform both allow getting document subset
15:15:32 [fjh]
fjh has joined #xmlsec
15:15:54 [tlr]
q+ to ask about syntactic vs semantic definition of same-doc reference
15:19:59 [tlr]
ACTION: konrad to share example for transform that depends on information beyond the transform input nodeset
15:19:59 [trackbot-ng]
Created ACTION-6 - Share example for transform that depends on information beyond the transform input nodeset [on Konrad Lanz - due 2007-05-09].
15:23:54 [grw]
slide 7
15:24:00 [grw]
slide 8
15:24:43 [grw]
slide 9
15:25:10 [tlr]
http://lists.w3.org/Archives/Public/public-xml-core-wg/2007Feb/att-0013/C14N-diff.html
15:28:53 [grw]
slide 10
15:30:11 [grw]
slide 11
15:32:10 [tlr]
q-
15:33:50 [fjh]
grw: Is C14N11 needed for SIgnedInfo?
15:33:56 [deastlak]
deastlak has joined #xmlsec
15:34:31 [grw]
slide 12 (end)
15:34:39 [fjh]
Konrad: could use id on signed Info other than schema
15:35:01 [PHB]
q+
15:37:03 [fjh]
juan-carlos: focus on current xml in current namespace
15:37:16 [fjh]
s/xml/xml attributes
15:37:21 [fjh]
s/xml/
15:37:28 [fjh]
s/current/xml
15:38:22 [grw]
old behavior is to inherit all xml: attributes
15:38:41 [grw]
proposal to change that to not inherit by default
15:40:18 [grw]
fjh: can we ask xml core to specify inheritance rules when new attributes defined?
15:40:48 [grw]
hal: no, we can't count on that
15:41:35 [fjh]
ISSUE: C14N11 does not clearly define how new attributes in xml namespace are to be handled (as inheritable, non-inheritable, undefined)
15:42:43 [grw]
klnaz2: raised this issue with xml core, but not solved there
15:43:08 [tlr]
+1 to Frederick
15:43:12 [tlr]
q?
15:43:36 [tlr]
PROPOSED: up on groups that define XML namespace attributes to tell whether simply inheritable or not
15:43:42 [tlr]
(by juan Carlos)
15:43:58 [fjh]
proposal is to propose sentence and give to XML Core, other attributes in xml namespace are non-inheritable by default
15:44:04 [grw]
jcc: should be up to group defining xml attributes whether inheritable
15:44:11 [tlr]
q+
15:44:27 [fjh]
q+
15:44:28 [grw]
jcc: should have a registry of attributes
15:44:46 [grw]
klnaz2: maybe this is better for future work
15:44:56 [deastlak]
q+
15:45:08 [tlr]
q- phb
15:45:18 [tlr]
q+ hal
15:45:25 [PHB]
q+ to raise the issue of qname mess
15:45:40 [grw]
q+
15:46:31 [grw]
hal: c14 doc should be explicit, don't include implict rules
15:47:16 [tlr]
q?
15:52:45 [grw]
tlr: how is conformance affected by future additions that break a current algorithm
15:54:35 [grw]
fjh: if c14 1.1 is to be compatible with 1.0 can we change the rules around xml: attribute inheritance
15:55:29 [hal]
hal has joined #xmlsec
15:55:39 [grw]
php: not relevant since you will never mix 1.0 and 1.1 (eg sign with 1.0 and verify with 1.1)
15:55:45 [hal]
q+
15:56:04 [fjh]
ie clear because you explicitly specify canonicalization method
15:56:22 [grw]
deastlak: default should be not inheritable since you can always work around that, but not the reverse
15:57:17 [fjh]
deastlak: desireable not to have to rev canonicalization
15:57:22 [grw]
deastlak: would be nice if inheritably could be determined syntactically
15:57:42 [fjh]
q?
15:57:45 [fjh]
ack tlr
15:57:53 [grw]
deastlak: alternatively, could have some explicit indication of inheritability
15:58:03 [fjh]
ack fjh
15:58:07 [fjh]
ack deastlak
15:58:11 [fjh]
ack hal
15:58:23 [grw]
hal: no way to anticipate future special cases
16:00:22 [grw]
klanz2: could have an extensibility parameter but not a big fan of that
16:00:41 [grw]
php: just ask xml core what default they prefer: inheritable or not
16:00:59 [tlr]
q+
16:01:06 [tlr]
q+ hal
16:01:25 [fjh]
ack PHB
16:01:25 [Zakim]
PHB, you wanted to raise the issue of qname mess
16:01:33 [fjh]
ack grw
16:02:41 [fjh]
greg whitehead: need to change from default of inheriting for xml namespace attributes
16:02:59 [hal]
q+
16:03:16 [fjh]
... perhaps extensibiilty to indicate how handled as input to canon algorithm
16:03:17 [fjh]
... perhaps extensibiilty to indicate how handled as input to canon algorithm
16:03:20 [fjh]
... perhaps uri
16:03:55 [fjh]
... diminishing returns depending on how far this goes
16:05:39 [tlr]
q?
16:05:48 [fjh]
ack
16:06:08 [fjh]
tlr: undefined behaviour leads to both security and interoperability issue
16:06:57 [grw]
tlr: inheritance issued could be handled by a prefilter using existing extensibility points
16:07:06 [grw]
s/issued/issue/
16:07:35 [fjh]
q+
16:07:40 [fjh]
q?
16:07:48 [fjh]
ack tlr
16:09:17 [grw]
tlr: if you define a attribute that requires special processing, define a transform to do that processing
16:11:56 [grw]
klnaz2: this won't work because transforms always refer back to the original document, changes apply to original
16:12:34 [grw]
klnaz2: could do this only if we change the transform processing model to output a copy of input
16:16:03 [fjh]
ack tlr
16:19:48 [grw]
proposal - for attributes in xml namespace, no listed in c14n 1.1, there will be no special processing
16:20:17 [fjh]
s/no listed/not listed
16:20:53 [grw]
rationale - exceptional processing for future xml attributes can be handled by some mechanism without revving c14n (such as pre-processing)
16:23:03 [grw]
fjh: proposes to propose this to xml core
16:23:26 [grw]
fjh: also convey security concerns
16:24:16 [grw]
security concern - with this proposal, security may be compromised if new attributes are defined that require special processing
16:24:33 [deastlak]
for clarity suggest "no special processing' -> "no special process, that is, they will be treated as not inheritable"
16:24:41 [fjh]
q?
16:24:41 [fjh]
q?
16:24:42 [fjh]
q?
16:24:43 [fjh]
q?
16:24:43 [fjh]
q?
16:25:48 [grw]
hal: alternative is to stop with an error if an unknown xml attribute is found
16:26:54 [fjh]
ack hal
16:26:56 [fjh]
ack fjh
16:26:58 [grw]
tlr: this would prevent using existing extension points to handle special processing
16:27:09 [grw]
tlr: c14n would have to revved in all cases
16:31:30 [grw]
tlr: error proposal is safer, but has higher deployment cost
16:33:19 [grw]
deastlak: fixed behavior best, not inherited a better default since you can always copy attributes as a workaround
16:33:34 [grw]
deastlak: not desireable to keep revving c14n
16:35:44 [klnaz2]
http://www.w3.org/TR/C14N-issues/#S3
16:35:45 [grw]
ed: prefers inherited to be default
16:38:39 [Ed]
Ed prefers inheritance, but wants to study this issue more, and also see examples of the arguments against inheritance
16:39:46 [grw]
break
16:40:08 [fjh]
return at !:15 ET, about 1/2 hour
16:40:13 [fjh]
s/!/1
17:13:31 [deastlak]
deastlak has joined #xmlsec
17:17:09 [Ed]
I'm back
17:18:40 [fjh]
Resuming meeting
17:21:22 [tlr]
ScribeNick: rdmiller
17:21:26 [tlr]
Scribe: RobMiller
17:21:50 [sean]
sean has joined #xmlsec
17:22:40 [rdmiller]
TOPIC: XML 1.1 and C14N
17:22:56 [rdmiller]
slide 14
17:23:20 [Ed]
q+
17:23:31 [fjh]
konrad: this means cannot sign xml 1.1 at all
17:23:42 [fjh]
q?
17:24:20 [fjh]
... suggests looking an xml core archives
17:24:40 [rdmiller]
s/an/at
17:25:29 [fjh]
ack Ed
17:25:53 [rdmiller]
Ed: wondering about XPATH 2.0
17:27:14 [rdmiller]
klnaz2: Canonical XML is currently defined for XPath 1.0 and not XPath 2.0
17:29:27 [Ed]
Ed's point was whether XPath 2.0, though not defined in Canonical XML, might address or be of help in the issues re XPath 1.0 and XML 1.1
17:29:57 [fjh]
klanz2: canonization need not generate valid XML, is this a good decision.
17:30:56 [rdmiller]
slide 15
17:31:00 [rdmiller]
slide 16
17:31:06 [rdmiller]
slide 17
17:33:10 [rdmiller]
slide 19
17:34:21 [rdmiller]
slide 20
17:35:32 [fjh]
klanz2: namespace undelarations in xml 1.1 can cause issues in canonicalization
17:36:22 [fjh]
q+
17:38:47 [rdmiller]
fjh: where is this applicable?
17:39:16 [rdmiller]
klnaz2: this applies to XML 1.1 and canonicalization
17:46:14 [rdmiller]
fjh: what are we trying to accomplish with this conversation right now? this is a discussion for future charterting.
17:48:38 [rdmiller]
fjh: will submit a comment to propose wording be added to C14N11 that C14N11 is applicable only to XML 1.0 and XPath 1.0
17:49:16 [rdmiller]
slide 23
17:51:14 [tlr]
don, http://www.w3.org/2007/xmlsec/20070502-klanz-c14n.pdf
17:51:42 [klnaz2]
q+
17:53:09 [rdmiller]
fjh: did we address the qnamr issue properly?
17:53:29 [rdmiller]
s/qnamr/qname
17:53:29 [hlockhar]
hlockhar has joined #xmlsec
17:54:05 [rdmiller]
tlr: not using qnames is a good topic for best practices.
17:58:00 [rdmiller]
ACTION: PHB to propose a change to C14N11 to handle the qname issue due 5/3/2007
17:58:00 [trackbot-ng]
Sorry, couldn't find user - PHB
17:59:52 [rdmiller]
ACTION: Phil to propose a change to C14N11 to handle the qname issue due 5/3/2007
17:59:52 [trackbot-ng]
Sorry, couldn't find user - Phil
18:00:45 [rdmiller]
TOPIC: XML Signature Syntax and Processing - Overview and Proposed Changes [Thomas Roessler]
18:05:01 [Ed]
are there slides?
18:05:03 [fjh]
q?
18:06:02 [rdmiller]
tlr: The reference processing model should use C14N 1.0 as a default.
18:08:24 [rdmiller]
tlr: the transform used for signing should be explicitly defined.
18:09:38 [tlr]
http://www.w3.org/2007/xmlsec/20070502-tlr-dsigchange.pdf
18:09:43 [sean]
q
18:09:47 [sean]
q+
18:09:59 [GregB]
GregB has joined #xmlsec
18:10:54 [fjh]
ack
18:11:06 [fjh]
ack fjh
18:11:21 [fjh]
ack klnaz
18:13:38 [fjh]
ack sean
18:14:36 [rdmiller]
sean: RetrievalMethod has a sequence of transforms.
18:19:41 [fjh]
Dsig proposal has three parts
18:20:00 [fjh]
a. receivers must assume c14n10
18:20:14 [fjh]
b generators must put explicit transforms to be clear on c14 version
18:20:34 [rdmiller]
fjh: if you use xml:base with exclusive canonicalization there may be issues, but it is something that can be addressed.
18:20:37 [fjh]
c mandatory algs c14n1.0 and c14n11 (both)
18:22:07 [Zakim]
-EdSimon
18:22:34 [rdmiller]
ACTION: Thomas to provide precise wording for issues with exclusive canonicalization and xml:base
18:22:36 [trackbot-ng]
Created ACTION-7 - Provide precise wording for issues with exclusive canonicalization and xml:base [on Thomas Roessler - due 2007-05-09].
18:23:12 [tlr]
ACTION: Thomas to propose spec wording for conformance-affecting changes
18:23:12 [trackbot-ng]
Created ACTION-8 - Propose spec wording for conformance-affecting changes [on Thomas Roessler - due 2007-05-09].
18:23:31 [Zakim]
+EdSimon
18:24:27 [tlr]
ACTION-7 closed
18:24:27 [trackbot-ng]
Sorry... I don't know how to close ACTION yet
18:25:08 [rdmiller]
TOPIC: Review of XML Signature errata
18:25:56 [Ed]
Is there a link to errata slides?
18:26:32 [tlr]
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core
18:26:42 [tlr]
http://www.w3.org/2001/10/xmldsig-errata
18:33:16 [rdmiller]
ACTION: Sean to review E01
18:33:16 [trackbot-ng]
Created ACTION-9 - Review E01 [on Sean Mullan - due 2007-05-09].
18:36:41 [tlr]
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002JanMar/0039.html
18:37:44 [tlr]
ACTION-9 also covers reviewing the old material -- "what was meant by it"
18:39:02 [rdmiller]
fjh: E01 was meant to be editorial
18:41:27 [rdmiller]
fjh: added a note addressing E02 stating that Exclusive XML Canonicalization may be used
18:43:18 [rdmiller]
E02 accepted
18:46:49 [tlr]
http://www.w3.org/TR/xmldsig-filter2/#sec-Algorithm-Identifier
18:47:59 [rdmiller]
E03 edits accepted
18:48:37 [Zakim]
-[NRCC]
18:49:04 [Ed]
I was cut off again; will call back shortly
18:49:18 [Zakim]
-EdSimon
18:49:19 [Zakim]
T&S_XMLSEC()8:00AM has ended
18:49:21 [Zakim]
Attendees were +1.613.726.aaaa, EdSimon, fjh, GregB, grw, klanz2, rdmiller, tlr
18:49:30 [tlr]
ed, we were cut off
18:49:34 [tlr]
zakim, code?
18:49:34 [Zakim]
the conference code is 965732 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), tlr
18:49:43 [Zakim]
T&S_XMLSEC()8:00AM has now started
18:49:50 [Zakim]
+EdSimon
18:49:56 [Zakim]
-EdSimon
18:49:57 [Zakim]
T&S_XMLSEC()8:00AM has ended
18:49:58 [Zakim]
Attendees were EdSimon
18:50:22 [Zakim]
T&S_XMLSEC()8:00AM has now started
18:50:29 [Zakim]
+EdSimon
18:50:36 [Zakim]
+[NRCC]
18:52:07 [rdmiller]
E04 edits accepted, but will require wordsmithing to replace "since" with "because".
18:55:44 [tlr]
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0109.html
18:58:27 [rdmiller]
ACTION: Whitehead to review E05
18:58:27 [trackbot-ng]
Created ACTION-10 - Review E05 [on Greg Whitehead - due 2007-05-09].
18:59:03 [tlr]
ACTION: klanz2 to investigate Austrian eGov use case for Type attribute
18:59:03 [trackbot-ng]
Created ACTION-11 - Investigate Austrian eGov use case for Type attribute [on Konrad Lanz - due 2007-05-09].
18:59:27 [grw]
grw has joined #xmlsec
19:01:09 [fjh]
Greg W: consider changing "signed" to "referenced" in "type of object being signed"
19:01:33 [rdmiller]
jcc: In E05 propose changing the word "signed" to "processed".
19:01:59 [fjh]
sean: implementation may need Type for RetrievalMessage processing
19:04:15 [deastlak]
RFC 4051 section 3.2 defines many additional RetreivalMethhod types
19:05:58 [rdmiller]
fjh: action-10 is reassigned to Konrad
19:08:39 [rdmiller]
fjh: we think that E05 might be correct due to RFC 4051 section 3.2 and other language in that section may need to be adjusted.
19:11:58 [fjh]
General agreement to this
19:12:22 [fjh]
Topic: E06, base64 URI
19:12:40 [fjh]
question whether "base64" should be allowed or only URI allowed
19:12:54 [fjh]
Thomas suggests interop test for URI use for this
19:15:25 [rdmiller]
E06 edits accepted
19:19:20 [rdmiller]
klanz2: "#base64" is different than "base64"
19:19:51 [fjh]
Section 6.6.2 describes base64 URI for transform
19:20:46 [fjh]
see also 6.1
19:21:14 [fjh]
thomas: base64 encoding is manditory, URI declares the encoding in 6.1
19:21:31 [fjh]
... No section that lists encoding algorithms
19:22:42 [grw]
base64 transform URI not listed in 6.1 (only base64 encoding URI)
19:24:23 [fjh]
update to errata would be to complete the list of transforms in 6.1
19:25:52 [rdmiller]
tlr: explain what the base64 URI means in an encoding context
19:27:40 [GregB]
GregB has joined #xmlsec
19:31:51 [rdmiller]
q?
19:32:24 [fjh]
Konrad: "base64" is a URI
19:32:49 [fjh]
discussion whether this is an appropriate URI, issue of scheme
19:32:51 [Ed]
q+
19:33:26 [Ed]
q?
19:33:29 [fjh]
thomas: non normative change
19:36:42 [fjh]
juan carlos: usage of attribute is an application matter, so is it a concern here for platform
19:37:01 [rdmiller]
Ed: plain base64 is not defined anywhere in the spec, but the URI is
19:37:17 [fjh]
s/platform/platform?/
19:38:21 [rdmiller]
Ed: are we going to have a new namespace for dsig?
19:38:34 [deastlak]
Gak no....!
19:38:47 [tlr]
http://www.w3.org/Signature/2001/04/05-xmldsig-interop.html
19:39:05 [rdmiller]
tlr: our charter precludes us creating a new namespace for dsig
19:40:54 [rdmiller]
tlr: the base64 URI issue has been settled in previous attribute testing. base64 was only tested as a URI
19:41:39 [rdmiller]
Thomas proposed closing the discussion on E06 and accepting the edits
19:42:43 [rdmiller]
E07 accepted
19:43:25 [rdmiller]
deastlak: E08 looks correct to me
19:44:45 [rdmiller]
E08 accepted
19:46:02 [jcc]
q+
19:46:10 [rdmiller]
fjh: do we need to go through dsig errata line by line or can we review Thomas' proposed changes?
19:47:37 [jcc]
q-
19:48:04 [Ed]
q-
19:48:09 [fjh]
ack
19:48:14 [fjh]
ack Ed
19:49:38 [rdmiller]
fjh: by default the usage of URI is optional and the DTD requires it
19:50:22 [rdmiller]
on break
19:50:31 [fjh]
return in 15 minutes
20:00:04 [PHB]
PHB has left #xmlsec
20:02:30 [Ed]
To clarify the XML DSig namespace question above -- my question was whether the current "xmlns="http://www.w3.org/2000/09/xmldsig#"" might be changed to indicate a later version, say "xmlns="http://www.w3.org/2007/12/xmldsig#"", based on this WG's activities. Answer: No, that implies changes beyond the scope of this WG.
20:15:01 [rdmiller]
TOPIC: Interop discussion and planning
20:15:44 [rdmiller]
tlr: immediate next step for Dsig is an updated editors draft.
20:17:32 [rdmiller]
tlr: is the inheritance issue something that will need to be in interop testing?
20:18:19 [rdmiller]
fjh: yes, and it may cause some schedule slip.
20:20:23 [rdmiller]
tlr: what are people expecting as timelines with regard to implementing and testing?
20:22:26 [rdmiller]
fjh: we should look at interop testing in the the June or July timeframe.
20:22:46 [rdmiller]
... July is probably too late
20:22:58 [fjh]
Konrad: how will xml:base interact with xml Signature
20:23:18 [fjh]
thomas: impact on meaning of URI in Reference and RetrievalMethod
20:26:24 [fjh]
thomas: is an XML Signature with xml:base within it schema conformant
20:27:02 [tlr]
http://www.w3.org/TR/xmlbase/
20:28:09 [fjh]
from the xml base spec - "The deployment of XML Base is through normative reference by new specifications, for example XLink and the XML Infoset. Applications and specifications built upon these new technologies will natively support XML Base. The behavior of xml:base attributes in applications based on specifications that do not have direct or indirect normative reference to XML Base is undefined."
20:28:25 [fjh]
q?
20:28:29 [jcc]
q+
20:28:31 [fjh]
zakim, who is on the phone?
20:28:31 [Zakim]
On the phone I see EdSimon, [NRCC]
20:28:46 [fjh]
ack jcc
20:29:10 [tlr]
q+
20:29:24 [fjh]
Juan Carlos: xml base for chartering activity
20:29:37 [fjh]
thomas: +1
20:30:44 [rdmiller]
... we ar not defining any behavior for xmlbase so let's dodge it.
20:30:54 [rdmiller]
s/ar/are
20:31:59 [Ed]
I expect xml:base, namespace canonicalization, and qnames will require chartering activity.
20:32:46 [rdmiller]
fjh: how are we going to deal with confidentiality and interop?
20:34:02 [rdmiller]
... we may need a private interop mailing list.
20:34:38 [rdmiller]
tlr: we will need to keep interop testing confidential, with a public report at the end.
20:36:38 [rdmiller]
fjh: i would like to keep a record of who says they can do interop and what state they are in.
20:37:13 [rdmiller]
... members can use the member list to report status.
20:38:59 [rdmiller]
tlr: technical work on test cases should be on the public list, all other interop communication should be on the member list.
20:44:06 [deastlak]
deastlak has joined #xmlsec
20:44:36 [tlr]
Topic: interop
20:45:17 [tlr]
ACTION: all to investigate interop testing capabilities
20:45:17 [trackbot-ng]
Sorry, couldn't find user - all
20:46:15 [tlr]
ACTION: frederick to contact participants in previous interop testing
20:46:15 [trackbot-ng]
Created ACTION-12 - Contact participants in previous interop testing [on Frederick Hirsch - due 2007-05-09].
20:49:41 [tlr]
interop testing logistics and availability to be discussed on the member list
20:50:22 [tlr]
ACTION: thomas to put up WBS form to ask about interop testing interest
20:50:22 [trackbot-ng]
Created ACTION-13 - Put up WBS form to ask about interop testing interest [on Thomas Roessler - due 2007-05-09].
20:54:56 [rdmiller]
tlr: I would like to get a timeframe, facility and next steps toward a workshop.
20:55:16 [rdmiller]
fjh: That will be the first thing on the agenda tomorrow.
20:58:08 [rdmiller]
grw: we can solicit information via email.
20:58:34 [rdmiller]
fjh: we may not even need a workshop
20:59:13 [rdmiller]
Thomas explained the workshop process.
21:00:25 [rdmiller]
klanz2: why cant we put everything into a wiki and decide later if we need to meet?
21:01:00 [rdmiller]
tlr: that would work well among the memnbers of the WG, but we are also targeting the public.
21:02:22 [rdmiller]
tlr: we are looking at the entire stack regarding dsig/decryption. What comes next?
21:05:13 [fjh]
Topic: Future work topics
21:05:23 [fjh]
xml base and xml:id support with xml sig
21:05:31 [fjh]
(reference processing)
21:05:40 [fjh]
C14N support for xml 1.1?
21:06:02 [fjh]
XPath data model adjustments
21:06:19 [fjh]
Infoset data model
21:06:29 [fjh]
XPath 2.0
21:06:51 [fjh]
-- this material should go on the wiki
21:07:20 [fjh]
transform chaining referening original document, modification of original data
21:07:30 [fjh]
e.g. pass by value, not reference
21:09:27 [fjh]
canonicalization that throws out more "ruthless canonicalization"
21:09:44 [fjh]
additional algorithms (eg SHA-256)
21:10:49 [fjh]
performance bottlenecks
21:10:51 [fjh]
simplicity
21:11:05 [fjh]
issues related to protocol use
21:11:34 [fjh]
relationship with binary xml, combinations etc
21:12:04 [fjh]
(efficient xml)
21:12:26 [fjh]
discussion with efficient xml interchange group possibililty
21:12:39 [fjh]
implicit parsing that is not schema aware (in transform chain)
21:14:54 [fjh]
workshop item - what is canonicalization in sig context
21:16:35 [deastlak]
FIN
21:17:04 [Ed]
Thanks, I'm happy to stay and listen.
21:17:17 [fjh]
may wish to ask others that define XML languages to define canonicalization or canonicalization properties for them
21:17:54 [tlr]
zakim, list participants
21:17:54 [Zakim]
As of this point the attendees have been EdSimon, [NRCC]
21:18:31 [tlr]
rrsagent, please draft minutes
21:18:31 [RRSAgent]
I have made the request to generate http://www.w3.org/2007/05/02-xmlsec-minutes.html tlr
21:18:41 [Ed]
language-specific canonicalization has its limits; e.g. canonicalizing mixed language xml instances still requires core canonicalization
21:18:53 [tlr]
rrsagent, please draft minutes
21:18:53 [RRSAgent]
I have made the request to generate http://www.w3.org/2007/05/02-xmlsec-minutes.html tlr
21:20:43 [tlr]
rrsagent, bye
21:20:43 [RRSAgent]
I see 15 open action items saved in http://www.w3.org/2007/05/02-xmlsec-actions.rdf :
21:20:43 [RRSAgent]
ACTION: Frederick to update scribe instructions [1]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T14-35-11
21:20:43 [RRSAgent]
ACTION: fjh to provide instructions on using bugzilla [2]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T14-46-14
21:20:43 [RRSAgent]
ACTION: Frederick to provide instructions on using bugzilla [3]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T14-46-30
21:20:43 [RRSAgent]
ACTION: Thomas to teach tracker about common aliases [4]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T14-46-41
21:20:43 [RRSAgent]
ACTION: konrad to share example for transform that depends on information beyond the transform input nodeset [5]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T15-19-59
21:20:43 [RRSAgent]
ACTION: PHB to propose a change to C14N11 to handle the qname issue due 5/3/2007 [6]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T17-58-00
21:20:43 [RRSAgent]
ACTION: Phil to propose a change to C14N11 to handle the qname issue due 5/3/2007 [7]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T17-59-52
21:20:43 [RRSAgent]
ACTION: Thomas to provide precise wording for issues with exclusive canonicalization and xml:base [8]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T18-22-34
21:20:43 [RRSAgent]
ACTION: Thomas to propose spec wording for conformance-affecting changes [9]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T18-23-12
21:20:43 [RRSAgent]
ACTION: Sean to review E01 [10]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T18-33-16
21:20:43 [RRSAgent]
ACTION: Whitehead to review E05 [11]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T18-58-27
21:20:43 [RRSAgent]
ACTION: klanz2 to investigate Austrian eGov use case for Type attribute [12]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T18-59-03
21:20:43 [RRSAgent]
ACTION: all to investigate interop testing capabilities [13]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T20-45-17
21:20:43 [RRSAgent]
ACTION: frederick to contact participants in previous interop testing [14]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T20-46-15
21:20:43 [RRSAgent]
ACTION: thomas to put up WBS form to ask about interop testing interest [15]
21:20:43 [RRSAgent]
recorded in http://www.w3.org/2007/05/02-xmlsec-irc#T20-50-22
21:20:46 [tlr]
zakim, bye
21:20:46 [Zakim]
leaving. As of this point the attendees were EdSimon, [NRCC]
21:20:46 [Zakim]
Zakim has left #xmlsec
21:20:56 [Zakim]
Zakim has joined #xmlsec
21:20:58 [tlr]
zakim, this is xmlsec
21:20:58 [Zakim]
ok, tlr; that matches T&S_XMLSEC()8:00AM
21:21:07 [tlr]
zakim, who is on the phone?
21:21:07 [Zakim]
On the phone I see EdSimon, [NRCC]
21:21:28 [Zakim]
-[NRCC]
21:21:32 [Zakim]
-EdSimon
21:21:33 [Zakim]
T&S_XMLSEC()8:00AM has ended
21:21:34 [Zakim]
Attendees were EdSimon, [NRCC]