<ddahl> ddahl waves
<tl> Oh hey, Zakim remembers me this time.
<tl> I am unable to speak for several minutes at least.
<melvster> hi all, just lurking ... good luck with the group! :)
<rbarnes> how do i tell which Zakim person i am?
<ddahl> Zakim: aabb is ddahl
<tl> Zakim can't be "Zakim: thing"'d, only "Zakim, think"'d
<christopherkula> me = Chris Kula, Oakland, CA. Web Developer working on browser crypto issues for auth and publication/signature purposes: still on a techie high after IIW last week... : )
<zooko> I've joined.
<zooko> I've muted my mic to prevent others from hearing echo back from me.
<scribe> scribenick: wseltzer
<harry> scribe: wseltzer
<harry> scribenick: wseltzer
<harry> Public Meeting W3C WebCrypto convened
<rbarnes> hm, i might be misidentified
<zooko> +1.303.543.aaff is me.
<smc> +1.619.200.aaaa is me.
<w3C> Hi, this is Craig Heath, also on the voice bridge
<w3C> (I need to change my nick!)
<christopherkula> I'm on the phone but muted.
<tl> I'm Tom Lowenthal, Mozilla [but must remain silent for a few minutes]
<tl> I'm in 609.
<w3C> Craig Heath back in
<w3C> (dammit nick didn't change)
<christopherkula> 510-387-xxxx is me
<bryan> grrr
<bryan> thx
<CraigH> Aha, that's better. No idea what my area code will show as, I'm coming in from Skype.
Virginie: Welcome to the
WebCrypto public meeting.
... Agenda review.
... Updates on W3C process and current status of
deliverables.
... Questions.
... No decisions will be made here. No IP commitments or
endorsements.
... Just brief exposure to the WG's work, use cases,
questions.
... Please "q+" if you want to speak, and are on IRC.
... Please introduce yourself briefly (name, organization) when
speaking.
Virginie: Gemalto joined W3C 6 months ago; lots of discussion about identity.
<rbarnes> likewise, rbarnes is not me, i'm rbarnes.a
Virginie: ID discussions led to
discussions of crypto, what minimum crypto would help
... Charter approved last month.
http://www.w3.org/2011/11/webcryptography-charter.html
<rbarnes> thanks harry
Virginie: WG's first official
conference call will take place next week
... So you still have time to join.
<harry> people may also want to see the workshop report from the "Identity in the Browser" workshop: http://www.w3.org/2011/identity-ws/
<harry> that this work came from
<rbarnes> how do i get in the queue to ask a question?
<Suresh> Virginie: this is a public call and therefore no IP commitments of any type
harry: Points to Identity in the
Browser workshop
... IEs, we have applications and hope for approvals by end of
week.
<harry> rbarnes, yes - we will announce the calls over the public list
<harry> 24 hours ahead of time at least
<harry> and the calls should be regular
<rbarnes> ok, thanks
Virginie: Use cases described in
charter; authentication, integrity-checking
... on-the-fly encryption
... Editors: Arun (Mozilla), Jarred Nichols (Webkit/Sencha),
Wan-Teh Chang (Google)
<virginie_galindo> http://www.w3.org/2012/webcrypto/WebCryptoAPI/
Virginie: Starting from this draft.
<harry> rough estimate is a public version for comments in a few month
Virginie: Charter gives us a year time-line
Netflix: do we still expect a FPWD in June?
Virginie: Weekly conference calls, collect comments during summer
<davidsarah> hello. just lurking
<davidsarah> where will the version for comments be published?
harry: We asked editors, and given DomCrypt and others examples, thought we could have a rough draft straw-man
<davidsarah> is there a way to sign up for notification of that?
harry: FPWD doesn't mean implemented or won't change; expect it will be just primary features
ddahl: I think we can get something rough around the edges by June
<harry> davidsarah, version for comments (First Public Working Draft) will always be linked from working group homepage
NASA: If we have to ask for
secondary features to be moved to primary, how?
... using login/logout heavily, and would want that
primary.
Virginie: Primary were those we
had consensus and thought we could reach quickly.
... Secondary features, need use cases, talk through
further.
<Suresh> Where can we find the listing of 'Primary' and 'Secondary' features?
Virginie: Second deliverable, use cases and secondary features.
<harry> in other words, join the WG, write down the use-case and email it the mailing list, and if group gets consensus then we move it into API (if time permits)
<bryan> Will the secondary features be developed in a second spec?
<Zakim> fjh, you wanted to ask about identity management use cases
<harry> but yes, we will need a use-case document to collect them, but for now email to mailing list is fine!
fjh: Is there more detail on the use cases? in particular re signing, and in particular linkage to identity management?
Virginie: At the moment, light, in charter.
http://www.w3.org/2011/11/webcryptography-charter.html
<bryan> Suresh, 'Primary' and 'Secondary' features are in the charter
<davidsarah> harry: thanks, got it
Netflix: we provided a detailed use case
<harry> ah good call, we should link that to the homepage
Netflix: [on mailing list]
<harry> and we can add that to the first use-case of the use-case document if we can find an editor for that doc :)
Virginie: We should link existing discussions, better describe use cases.
ddahl: Left the symmetric crypto piece in the spec empty to talk with [Netflix]
CableLabs: Are you saying there's not much work on Secondary API features?
Virginie: Plan is to develop
use-cases for 2dary features in parallel to developing API for
primary
... To submit, join the group; regular item on the agenda will
include secondary features, use cases
wtc: Assuming login/logout is
related to TLS session, that can be specified independent of
what's in the spec now; should be straightforward to
propose
... Submitting use case will make it more likely to be
accepted.
harry: we need an editor to collate use cases
<harry> http://www.w3.org/TR/grddl-scenarios/
<harry> http://www.w3.org/TR/xquery-use-cases/
bryan: timing Q. does FPWD indicate consensus on scope of API?
Virginie: June deliverable is primary API features, the basics.
<harry> http://www.w3.org/egov/wiki/Use_Cases
harry: We expect secondary
features to become part of the single spec, just on a longer
time-frame
... consensus in the WG, time permitting.
... Secondary features by Last Call, 2013.
<bryan> How will regional requirements such as FIPS be addressed?
<tl> +q
harry: W3C is a global body, you could use API to implement, e.g., FIPS-compliance
bryan: What about localization of capabilities, e.g. regional limitations (export controls on crypto)
harry: bring requirements to the WG
bryan: parallel to TPWG, global spec compatible with local regulatory requirements
tl: TPWG not building regulatory framework; building to users' requirements
bryan: have you considered Community Group for collection of use cases?
harry: CG opened a month ago, we will monitor it
http://www.w3.org/community/webcryptoapi/
harry: Meeting times
tl: I do not like this time
<tl> -q
<Nat> This time is not good for me as it is 4:00am
harry: take it to email
Virginie: we'll start a doodle among the WG participants
<harry> we'll make a formal decision in the WG with the participants in the meeting next week
karen: suggests 10AM Texas time as good from other WGs
<Suresh> Agreed,,,AM in US makes sense e.g. 9/10am EST
<harry> however, for next week we're keeping this time and then discussing depending on exactly who is in WG
<harry> http://www.w3.org/2005/10/Process-20051014/
Virginie: any process questions? See the process doc (or ask)
Public participants list: https://www.w3.org/2000/09/dbwg/details?group=54174&public=1
<harry> 24 participants
<harry> with currently 9 invited expert applications
<harry> we are going through IE applications now
harry: some companies are still in the process of IPR review
Virginie: we'll do all our work on public mailing list, so even non-members can follow
harry: only WG members can post
to list; we'll also have a public comment list where anyone can
post
... comments to the spec; use-cases in the CG
Virginie: Questions?
Virginie: Any editor want to discuss draft API?
ddahl: Draft on the website
already has a couple tweaks not yet updated
... This is just a starting point; please read and comment.
wtc: Will be working with David on example JS and spec; make sure it's accurate, flexible enough
Virginie: Any further questions?
Virginie: Next week, same time,
first WG conference call.
... Contact any of us with questions.
... Will find means to collect use cases for secondary
features.
harry: Send use cases to mailing list (if you're in the WG) or CG
@@: Are use cases for primary features documented?
<harry> great sample use-case from Netflix:
<harry> http://www.w3.org/wiki/NetflixWebCryptoUseCase
Virginie: listed in the charter
and draft
... Thanks all! Look forward to working with you.
<zooko> Thanks, everyone!
<Nat> Thanks!
harry: If you're a member, talk with your AC rep if you're not yet in the WG
<jmdacruz> Thanks!
harry: if you want to be an invited expert, fill out the forms.
<harry> Meeting adjourned