See also: IRC log
<trackbot> Date: 02 June 2009
<fjh> Scribe: Magnus Nyström
<tlr> ScribeNick: magnus
<fjh> Agenda: http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0062.html
fjh: Sent out update to
minutes
... for f2f, resolutions, typos
<shivaram> FYI: Conferees can mute themselves by dialing 61#. In that case, unmute is 60#.
fjh:Next conference call June 9,
Cynthia will be scribing.
fjh:Bruce scheduled to scribe on the 16th
brich:Cannot scribe that day.
fjh:Will need to sort out on next week's call.
fjh:F2F in November in
California; TPAC. Dates may still change within the given
week.
... Issues if date changes?
<Cynthia> No problem here
<Gerald-e> no problem here
<shivaram> no problem here
tlr: We should know the dates within 8 weeks. Should be the same week.
<fjh> date may change from thur/fri 5-6 to mon-tue 2-3 Nov
<fjh> Last Call of Widget Signature end 1 June
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0050.html
<fjh> XACML 3.0 public review, ending 20 July
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0049.html
<fjh> addition of delegated policy model, plus other changtes
hal: XACML 3.0 has an extended policy model + a host of other important features.
<fjh> OASIS DSS-X TC profile for visible signatures committee draft
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0036.html
<fjh> Call for Exclusions (Update): XML Signature 1.1, XML Encryption 1.1, XML Security Derived Keys
<fjh> http://lists.w3.org/Archives/Member/member-xmlsec/2009May/0012.html
<fjh> topic for the AC reps
fjh: Made minor edits so all resolutions from f2f show up properly.
<fjh> http://lists.w3.org/Archives/Member/member-xmlsec/2009Jun/0000.html
fjh: Can we approve the minutes?
<Cynthia> I don't need more time
RESOLUTION: Minutes from F2F as distributed by fjh approved
<fjh> Best Practice update (BP 1 refers to 2)
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0038.html
<fjh> Best Practice sample file update
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0037.html
<fjh> DTD removal
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0045.html
<fjh> see explain for detailed changes
See full member-confidental minutes.
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0043.html
<fjh> ScribeNick: fjh
magnus: made proposal for
ACTION-290, then revised to correspond to S/MIME and ISO
18033.
..: pratik asked if something closer to RSA could be
achieved.
http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0048.html
http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0059.html
http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0056.html
proposal in message 56
http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0057.html
bal notes derived key then used as shared secret for content key protection
<klanz2> Bye, I need to leave now ... talk to you next week
<kyiu> The use of the KDF is required by NIST Special Publication 800-56
<kyiu> ACTION: kyiu create sample to illustrate ECDH-ES with AES key wrap [recorded in http://www.w3.org/2009/06/02-xmlsec-minutes.html#action01]
<trackbot> Created ACTION-300 - Create sample to illustrate ECDH-ES with AES key wrap [on Kelvin Yiu - due 2009-06-09].
magnus: Notes that we may have two ways of wrapping
<magnus> ACTION: magnus to provide example of KEM message with the steps to get to the message. [recorded in http://www.w3.org/2009/06/02-xmlsec-minutes.html#action02]
<trackbot> Created ACTION-301 - Provide example of KEM message with the steps to get to the message. [on Magnus Nyström - due 2009-06-09].
pratik: this information will
help understanding the two approaches, when used, and add
clarification to the spec
... would like to understand whether to include one or both
approaches
magnus: need key encapsulation beyond RSA only
<scribe> ScribeNick: magnus
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0039.html
fjh: This is the serialization topic from the F2f. Can we add to the document?
<Cynthia> Agreed to add
<fjh> ACTION: fjh to add note re ACTION-289 to document [recorded in http://www.w3.org/2009/06/02-xmlsec-minutes.html#action03]
<trackbot> Created ACTION-302 - Add note re ACTION-289 to document [on Frederick Hirsch - due 2009-06-09].
RESOLUTION: Accept signature serialization proposal as suggested in Frederick's posting (0039)
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0053.html
<fjh> size of r and s not based on digest but elliptic curve field
kyiu: Observation is correct, needs to be fixed in spec.
<scribe> ACTION: kyiu to correct doc on length of r and s [recorded in http://www.w3.org/2009/06/02-xmlsec-minutes.html#action04]
<trackbot> Created ACTION-303 - Correct doc on length of r and s [on Kelvin Yiu - due 2009-06-09].
<fjh> http://lists.w3.org/Archives/Public/public-xmlsec/2009May/0054.html
<fjh> magnus notes RIPEMD-160 listed as optional in xml enc, not in signature
<fjh> kelvin notes german government phasing out RIPEMD-160 in next year, security around strength of SHA-1
<fjh> ACTION: kyiu to share information on status of RIPEMD-160 and strength to mailing list [recorded in http://www.w3.org/2009/06/02-xmlsec-minutes.html#action05]
<trackbot> Created ACTION-304 - Share information on status of RIPEMD-160 and strength to mailing list [on Kelvin Yiu - due 2009-06-09].
<fjh> magnus also noted XMLEnc just refers to XMLDsig for message authentication algorithms
<fjh> 5.1 and 5.8
<fjh> magnus: recommendation is to remove Section 5.8 (and the corresponding entry in 5.1)
<scribe> ACTION: Magnus to remove 5.8 (and corresponding text in 5.1) from XMLEnc. [recorded in http://www.w3.org/2009/06/02-xmlsec-minutes.html#action06]
<trackbot> Created ACTION-305 - Remove 5.8 (and corresponding text in 5.1) from XMLEnc. [on Magnus Nyström - due 2009-06-09].
<fjh> RESOLUTION: remove Section 5.8 and corresponding entry in 5.1 in xenc
<fjh> magnus notes All canonicalization is optional in XMLEnc
<fjh> is this ok?
<fjh> magnus notes
<fjh> magnus: XMLEnc does not mention transform algorithms, but maybe should with CipherReference
<fjh> or maybe we can disallow transforms and remove the material since no algorithms are specified?
<fjh> cannot we limit this more for cipherdata?
<fjh> ed notes he has used transforms for encryption
<fjh> ed notes that detail not needed in xenc since they are described in dsig
<pdatta> WSS SWA Profile has an Attachment CipherText Transform, that goes into CipherReference
<fjh> bal notes that encrypting stream could require transform for cipherdata
<fjh> issue: keep 2.0 xenc transform feature in sync with signature 2.0
<trackbot> Created ISSUE-132 - Keep 2.0 xenc transform feature in sync with signature 2.0 ; please complete additional details at http://www.w3.org/2008/xmlsec/track/issues/132/edit .
<fjh> bal notes not mandatory to implement for xenc, hence not interop issue
<fjh> bal notes benefit of code reuse for xenc and dsig
<fjh> magnus asks if optional transform algs should be listed in xenc
<esimon2> Ed supports keeping the <xenc:Transforms> element in XML Encryption, supports not mandating (within XML Encryption) any existing XML Signature transforms, though thinks it *might* make sense to mandate the XSLT-replacement transfrom being developed.
fjh: Cannot decide on new
documents for publication today.
... Will have our next call next week.
<Cynthia> By for now, I will be scribing next week