IRC log of crypto on 2013-02-04

Timestamps are in UTC.

19:57:07 [RRSAgent]

RRSAgent has joined #crypto

19:57:07 [RRSAgent]

logging to http://www.w3.org/2013/02/04-crypto-irc

19:57:09 [trackbot]

RRSAgent, make logs public

19:57:11 [trackbot]

Zakim, this will be SEC_WebCryp

19:57:11 [Zakim]

ok, trackbot, I see SEC_WebCryp()3:00PM already started

19:57:12 [trackbot]

Meeting: Web Cryptography Working Group Teleconference

19:57:12 [trackbot]

Date: 04 February 2013

19:57:39 [wseltzer]

Chair: Virginie_Galindo

19:57:49 [Zakim]

+jyates

19:58:26 [rsleevi]

Zakim, whats the number?

19:58:26 [Zakim]

I don't understand your question, rsleevi.

19:58:27 [virginie]

agenda ?

19:58:30 [wseltzer]

zakim, code?

19:58:30 [Zakim]

the conference code is 27978 (tel:+1.617.761.6200 sip:zakim@voip.w3.org), wseltzer

19:58:48 [Zakim]

+??P2

19:58:59 [Zakim]

+??P3

19:59:03 [nvdbleek]

zakim, i am ??P2

19:59:03 [Zakim]

+nvdbleek; got it

19:59:05 [Zakim]

+ +1.408.540.aaaa

19:59:29 [wseltzer]

zakim, aaaa is Scott_Kelly

19:59:29 [Zakim]

+Scott_Kelly; got it

19:59:35 [Zakim]

+virginie

19:59:57 [virginie]

who is on the call ?

19:59:59 [nvdbleek]

zakim, who is here?

19:59:59 [Zakim]

On the phone I see Wendy, jyates, nvdbleek, Google, Scott_Kelly, virginie

20:00:01 [Zakim]

Google has rsleevi

20:00:01 [Zakim]

On IRC I see RRSAgent, emily, virginie, tantek, nvdbleek, jyates, ddahl, rsleevi, trackbot, tobie, timeless, slightlyoff, Zakim, wseltzer

20:00:13 [selfissued]

selfissued has joined #crypto

20:00:18 [tantek]

greetings

20:00:21 [Zakim]

+ddahl

20:00:22 [Zakim]

+emily

20:00:28 [tantek]

(from AZ CSSWG mtg)

20:00:37 [ddahl]

hi tantek

20:00:46 [rbarnes]

rbarnes has joined #crypto

20:00:53 [Zakim]

+ +1.617.873.aabb

20:01:07 [rbarnes]

zakim, i am aabb

20:01:07 [Zakim]

+rbarnes; got it

20:01:16 [nvdbleek]

zakim, mute me

20:01:16 [Zakim]

nvdbleek should now be muted

20:01:35 [virginie]

agenda?

20:02:05 [wseltzer]

agenda+ welcome

20:02:10 [wseltzer]

agenda+ Web Crypto API - 30'

20:02:24 [wseltzer]

agenda+ High Level API - 10'

20:02:39 [hhalpin]

hhalpin has joined #crypto

20:02:49 [hhalpin]

Zakim, what's the code?

20:02:49 [Zakim]

the conference code is 27978 (tel:+1.617.761.6200 sip:zakim@voip.w3.org), hhalpin

20:02:53 [Zakim]

+[Microsoft]

20:03:03 [wseltzer]

agenda+ secondary feature discussion – 5’

20:03:17 [wseltzer]

agenda+ group life

20:03:21 [wseltzer]

agenda+ AOB

20:03:36 [virginie]

who is on the call ?

20:03:56 [wseltzer]

[agenda: http://lists.w3.org/Archives/Public/public-webcrypto/2013Feb/0009.html ]

20:03:59 [Zakim]

+[IPcaller]

20:04:08 [karen_]

karen_ has joined #crypto

20:04:36 [hhalpin]

its a very exciting telecon today, closing issues and a new draft document!

20:05:06 [hhalpin]

Zakim, pick a scribe

20:05:06 [Zakim]

Not knowing who is chairing or who scribed recently, I propose emily

20:05:09 [hhalpin]

emily?

20:05:11 [wseltzer]

zakim, mute hhalpin

20:05:11 [Zakim]

hhalpin should now be muted

20:05:13 [emily]

ok!

20:05:21 [hhalpin]

Zakim, unmute hhalpin

20:05:21 [Zakim]

hhalpin should no longer be muted

20:05:25 [arunranga]

arunranga has joined #crypto

20:05:29 [hhalpin]

Zakim, who's making noise?

20:05:36 [virginie]

http://www.w3.org/2013/01/21-crypto-minutes.html

20:05:40 [Zakim]

hhalpin, listening for 10 seconds I heard sound from the following: Wendy (8%), [Microsoft] (5%)

20:06:16 [emily]

virginie: progress on low-level API thanks to ryan...

20:06:33 [emily]

... closing a bunch of issues, also some discussion about high-level presented by David

20:07:02 [emily]

... any objection to approving minutes?

20:07:07 [Zakim]

+arunranga

20:07:18 [Zakim]

+karen

20:07:23 [hhalpin]

RESOLUTION: approve minutes of last meeting http://www.w3.org/2013/01/21-crypto-minutes.html

20:07:56 [emily]

virginie: now we go through different proposals made by ryan

20:08:10 [selfissued]

q+

20:08:26 [wseltzer]

[Issues are collected at http://lists.w3.org/Archives/Public/public-webcrypto/2013Feb/0009.html ]

20:09:11 [hhalpin]

q+

20:09:17 [emily]

virginie: can mark issues to be addressed in next version or different revision

20:09:26 [hhalpin]

there's also the "product" way of closing issues.

20:09:47 [emily]

mike: request from 3 different people at microsoft to defer decisions on closing issues until adequate time to review them

20:09:54 [emily]

... proposal made only 2 business days ago

20:11:00 [emily]

harry: want some time limit to how long reviews go on for but it should be reasonable

20:11:10 [emily]

... can still go through ryan's suggestions today

20:11:24 [cjkula]

cjkula has joined #crypto

20:11:33 [emily]

... can associate issues with specs in bugzilla

20:11:43 [selfissued]

Thanks. I think that giving people until the next call to review the issues being proposed for closure is reasonable.

20:12:08 [Zakim]

+ +1.510.387.aacc

20:12:30 [emily]

ryan: was not intending for this to be agenda of call

20:12:59 [hhalpin]

Features that are unimplemented won't go to Rec status :)

20:13:12 [ddahl]

ddahl has joined #crypto

20:13:12 [emily]

... intending to get us focused on making forward progress

20:13:21 [emily]

... identify serious gaps that need to be resolved in this version

20:13:43 [emily]

... as opposed to "I want a pony" issues

20:14:10 [virginie]

q?

20:14:21 [hhalpin]

ack hhalpin

20:14:23 [hhalpin]

ack selfissued

20:14:51 [cjkula]

Zakim, aacc is cjkula

20:14:51 [Zakim]

+cjkula; got it

20:14:53 [hhalpin]

I think a quick walk-through would be great

20:16:32 [wseltzer]

q+

20:16:45 [emily]

rsleevi: open issues with no progress for 6+ months is no good

20:17:09 [emily]

wseltzer: tracker has "postponed" status as well as closed

20:17:29 [mountie]

mountie has joined #crypto

20:17:32 [wseltzer]

ack ws

20:17:56 [emily]

virginie: can postpone or allocate issues to another product

20:18:09 [karen1]

karen1 has joined #crypto

20:18:10 [cjkula_]

cjkula_ has joined #crypto

20:18:25 [emily]

... discuss proposals on next call in 2 weeks

20:18:35 [rsleevi]

Right: I want to make a distinction between "What we are working on", "what we need to work on", "what we plan to work on", and "what we want to work on" (since they may all be different)

20:18:37 [hhalpin]

The difference is a CLOSED issue is generally not talked about any more, and attempts to revisit it can be replied with "we already closed that" while POSTPONED is less strong and allows re-visiting.

20:19:07 [hhalpin]

q+

20:19:14 [hhalpin]

Zakim, mute Microsoft

20:19:14 [Zakim]

[Microsoft] should now be muted

20:20:14 [emily]

hhalpin: w3c typically doesn't run registries, it might be better to have IANA run the registry

20:20:44 [emily]

... WG runs registry during lifetime, but don't want it left hanging after close of WG

20:20:53 [emily]

... IANA ok with running it

20:21:08 [Zakim]

+mountie

20:21:41 [emily]

... separate discussion about modifying registration process to make it harder or easier

20:21:51 [rbarnes]

q+

20:22:00 [virginie]

q+

20:22:17 [emily]

rsleevi: registry is bad for web

20:22:37 [emily]

... registry notion only comes up b/c of string identifiers

20:23:20 [hhalpin]

Which requires re-opening the Working Group :)

20:23:24 [emily]

... requires active collaboration of multiple user agents

20:23:48 [emily]

... need specs that require consensus to have interoperable web

20:25:51 [emily]

rbarnes: not going to have universally implemented set of algorithms

20:26:00 [emily]

... devs are going to have to deal with algorithms being absent

20:26:17 [emily]

... can separate availability/implementation from naming

20:26:38 [emily]

... useful to have a common set of names

20:27:11 [rsleevi]

q+

20:27:19 [hhalpin]

q+

20:27:21 [rsleevi]

q+

20:27:23 [rbarnes]

ack

20:27:30 [wseltzer]

ack next

20:27:34 [emily]

virginie: we'll have to make our own list of identifiers anyway

20:27:42 [emily]

... might reuse other identifiers that are used elsewhere

20:28:41 [emily]

... can defer the decision

20:29:00 [emily]

... richard had volunteered to maintain document of different identifiers

20:29:23 [emily]

rbarnes: can pull out names from current spec into separate document

20:29:33 [hhalpin]

I'd like to clarify the registry concept :)

20:29:39 [emily]

rsleevi: concern is about process associated with document

20:29:57 [hhalpin]

No, the algorithms remain in the current spec.

20:30:17 [rbarnes]

hhalpin: oh, maybe i misunderstood the concept

20:30:47 [emily]

hhalpin: not as concerned about registry maintenance, because algorithms dont change very often, more concerned about process of defining algorithms than exact ownership

20:31:00 [rbarnes]

q+

20:31:24 [rbarnes]

rsleevi: any IANA registry comes with an admission policy

20:31:25 [emily]

hhalpin: wasnt suggesting that current algorithms get removed from spec

20:31:39 [emily]

... have to demonstrate interoperability to go through w3c process

20:32:16 [emily]

... keep algorithms that we have and do test cases for them

20:33:10 [emily]

... difficult once spec has gone through process to change it without reopening WG

20:35:15 [emily]

... algorithms in registry would not go through rigorous review process, but wouldn't have to reopen WG for minor changes

20:35:45 [wseltzer]

ack hh

20:35:50 [wseltzer]

ack rs

20:36:15 [emily]

rsleevi: doesn't require review or IPR agreement, dangerous to open web

20:36:34 [tantek]

(delayed) hi ddahl and wseltzer!

20:36:44 [emily]

... different user agents might define algorithms differently

20:36:52 [emily]

... patent and IPR concerns associated with algorithms

20:37:16 [emily]

... don't want to see crypto enforcing vendor lock-in

20:37:53 [hhalpin]

q+

20:38:34 [virginie]

zakim, close the queue

20:38:34 [Zakim]

ok, virginie, the speaker queue is closed

20:38:50 [hhalpin]

Yes, but we need to make progress on this issue Virginie.

20:38:57 [wseltzer]

ack rbarnes

20:39:05 [hhalpin]

So I request I make a quick modification based on rsleevi's point.

20:39:13 [hhalpin]

which I generally agree with.

20:39:14 [emily]

rbarnes: strong consensus at f2f that no mandatory-to-implement algorithms

20:39:24 [hhalpin]

Well, IANA takes a while :)

20:39:56 [hhalpin]

I think my point would be

20:40:04 [emily]

... can address IPR concerns within IANA

20:40:07 [hhalpin]

that we *can* update test-suites continually

20:40:11 [hhalpin]

after lifetime

20:40:19 [emily]

... can set policy at registry creation

20:40:28 [emily]

... policies can require levels of consensus

20:40:35 [hhalpin]

of Working Group, so thus we could do require test-cases to be maintained for new algorithms.

20:40:49 [rsleevi]

@rbarnes: There's a distinction between the UA (correctly) gluing up with the OS/crypto lib and between having multiple definitions ("aes-gcm", "aes-gcm1", "aes-gcm-like-the-others-but-different")

20:41:12 [rsleevi]

@rbarnes: I view it as a separate issue from MTI

20:41:50 [emily]

hhalpin: with no IANA registry, would have to keep WG open forever or reopen for every change

20:42:05 [hhalpin]

That's a fairly important point.

20:43:16 [hhalpin]

We also do need to take a decision as regards extension to the charter

20:43:32 [ddahl]

https://dvcs.w3.org/hg/webcrypto-highlevel/raw-file/tip/Overview.html

20:43:33 [virginie]

https://dvcs.w3.org/hg/webcrypto-highlevel/raw-file/tip/Overview.html

20:44:00 [emily]

ddahl: still feel pretty strongly about having a high-level API

20:44:19 [emily]

... want it to be very simple, allows for public-key and symmetric encryption

20:45:28 [hhalpin]

We need to discuss the extension to charter issue today.

20:45:29 [emily]

What's the rationale for removing sign/verify?

20:46:09 [emily]

ddahl: redundant with encryptAndSign

20:46:48 [rsleevi]

@ddahl: It seems like the primitives are (secret key) encrypt/decrypt, (private key) sign/verify and (private key) encrypt/decrypt [which implies sign/verify]

20:46:58 [rsleevi]

@emily: ^ sound right?

20:47:19 [emily]

@rsleevi, @ddahl: but there's no way to sign using the high-level API without also encrypting?

20:47:57 [hhalpin]

@everyoneabove, it seems useful to have the ability to sign without encrypting

20:47:59 [emily]

virginie: proposal to switch milestone for finishing low-level api by 6 months

20:48:01 [rbarnes]

@emily: as i understand it, all high-level API calls effectively send a message from a key pair to a public key

20:48:04 [ddahl]

emily: that is a possible drawback as it may be confsuing

20:48:26 [hhalpin]

The suggestions were 6 month, 8 month, or 12 month extension

20:48:30 [hhalpin]

but we have to file before end of Feb.

20:48:33 [wseltzer]

Any objection to a 6-month extension of charter and dates?

20:48:35 [arunranga]

+1 ddahl, I was muddled up by that.

20:48:47 [rbarnes]

i would be fine with 6, 8, or 12

20:49:50 [ddahl]

arunranga: yeah, i removed sign/verify based on some feedback from Adam Langley

20:49:52 [rbarnes]

rsleevi: yeah, either way

20:50:30 [emily]

rsleevi: want small extension and a burndown of current issues with spec

20:50:39 [hhalpin]

+1 6 months, I'd live with 8 months, 12 months makes me worried.

20:52:03 [selfissued]

+1 for 8

20:52:14 [emily]

rsleevi: don't understand motivation for 8

20:52:21 [virginie]

q?

20:52:28 [emily]

... advancing to candidate rec is where netflix feels comfortable implementing

20:52:31 [hhalpin]

q- hhalpin

20:53:07 [hhalpin]

We can always go to CR *before* schedule.

20:53:25 [hhalpin]

i.e. if we close all our issues ahead of schedule, we're fine.

20:53:31 [rsleevi]

If we can't advance within 6 months, I think we'll have failed as a WG :)

20:53:58 [rbarnes]

no objection here

20:54:00 [emily]

virginie: any objection to 6 month extension?

20:54:07 [virginie]

+1

20:54:08 [rsleevi]

PROPOSAL: 6 month extension

20:54:09 [rbarnes]

+1

20:54:09 [rsleevi]

+1

20:54:10 [ddahl]

+1

20:54:12 [emily]

+1

20:54:12 [cjkula]

+1

20:54:12 [hhalpin]

PROPOSAL: 6 month extension to charter

20:54:17 [hhalpin]

+1

20:54:19 [nvdbleek]

+1

20:54:20 [selfissued]

+1

20:54:21 [mountie]

+1

20:54:58 [rsleevi]

RESOLUTION: 6 months extension will be pursued

20:56:18 [emily]

hhalpin: april 23-24, paypal headquarters in silicon valley

20:56:30 [jyates]

In San Jose?

20:56:45 [emily]

hhalpin: could do joint WG session with webappsec

20:57:00 [rsleevi]

@jyates: yes

20:57:01 [emily]

... could also try to overlap and do 24-25 but some concern with paypal

20:57:23 [hhalpin]

The joint session would be the 25th in morning

20:57:49 [selfissued]

+1

20:57:49 [virginie]

+1

20:57:51 [emily]

virginie: proposal for f2f april 23-24, joint session on 25th

20:57:51 [rsleevi]

PROPOSAL: Face to face on 23/24 at PayPal HQ in San Jose

20:57:53 [rbarnes]

+1

20:57:56 [mountie]

+1

20:57:56 [ddahl]

+1

20:57:57 [emily]

+1

20:57:58 [rsleevi]

+1

20:57:59 [hhalpin]

+1

20:58:08 [jyates]

+1

20:58:21 [rsleevi]

RESOLUTION: Next f2f on April 23/24

20:58:25 [hhalpin]

It will also be good because we can have lots of f2f time with WebApps and HTML WGs over issues like test cases and even registries if needed.

21:00:38 [hhalpin]

2 weeks to read and discuss!

21:00:44 [wseltzer]

ACTION hhalpin and wseltzer to prepare extension request for 6 months

21:00:44 [trackbot]

Created ACTION-75 - And wseltzer to prepare extension request for 6 months [on Harry Halpin - due 2013-02-11].

21:01:04 [wseltzer]

ACTION all participants to review proposals to close issues

21:01:04 [trackbot]

Error finding 'all'. You can review and register nicknames at <http://www.w3.org/2012/webcrypto/track/users>.

21:01:11 [Zakim]

-Scott_Kelly

21:01:14 [Zakim]

-rbarnes

21:01:15 [Zakim]

-nvdbleek

21:01:16 [Zakim]

-Google

21:01:17 [Zakim]

-mountie

21:01:18 [Zakim]

-jyates

21:01:19 [Zakim]

-ddahl

21:01:19 [Zakim]

-karen

21:01:20 [Zakim]

-virginie

21:01:20 [mountie]

mountie has left #crypto

21:01:21 [Zakim]

-emily

21:01:22 [Zakim]

-hhalpin

21:01:23 [Zakim]

-arunranga

21:01:27 [Zakim]

-[Microsoft]

21:01:29 [Zakim]

-Wendy

21:01:30 [arunranga]

arunranga has left #crypto

21:01:38 [wseltzer]

zakim wseltzer_cpdp is really wseltzer

21:01:51 [wseltzer]

s/zakim wseltzer_cpdp is really wseltzer//

21:02:13 [wseltzer]

trackbot, end teleconf

21:02:13 [trackbot]

Zakim, list attendees

21:02:13 [Zakim]

As of this point the attendees have been Wendy, jyates, nvdbleek, +1.408.540.aaaa, rsleevi, Scott_Kelly, virginie, ddahl, emily, +1.617.873.aabb, rbarnes, selfissued, hhalpin,

21:02:16 [Zakim]

... arunranga, karen, +1.510.387.aacc, cjkula, mountie

21:02:21 [trackbot]

RRSAgent, please draft minutes

21:02:21 [RRSAgent]

I have made the request to generate http://www.w3.org/2013/02/04-crypto-minutes.html trackbot

21:02:22 [trackbot]

RRSAgent, bye

21:02:22 [RRSAgent]

I see no action items

21:03:17 [RRSAgent]

RRSAgent has joined #crypto

21:03:17 [RRSAgent]

logging to http://www.w3.org/2013/02/04-crypto-irc

21:03:39 [wseltzer]

rrsagent, make minutes

21:03:39 [RRSAgent]

I have made the request to generate http://www.w3.org/2013/02/04-crypto-minutes.html wseltzer

21:05:02 [wseltzer]

regrets+ Asad_Ali, Seetharama_Durbha, Mark_Watson

21:05:05 [wseltzer]

rrsagent, make minutes

21:05:05 [RRSAgent]

I have made the request to generate http://www.w3.org/2013/02/04-crypto-minutes.html wseltzer

21:06:39 [wseltzer]

rrsagent, bye

21:06:47 [wseltzer]

rrsagent, make minutes public

21:06:47 [RRSAgent]

I'm logging. I don't understand 'make minutes public', wseltzer. Try /msg RRSAgent help

21:06:54 [wseltzer]

rrsagent, make logs public

21:06:57 [wseltzer]

rrsagent, bye

21:06:57 [RRSAgent]

I see no action items