XML Encryption WG

2001-March-19
Chair: Joseph Reagle
Note Taker: Joseph Reagle [text]

Participants

• Joseph Reagle, W3C
• Ed Simon, Entrust
• Shivaram Mysore, Sun Microsystems
• David Solo, Citigroup
• Yongge Wang, Certicom
• Frederick Hirsch, Zolera
• Maryann Honelo, IBM
• Katherine Betz, IBM
• Eric E. Cohen, PricewaterhouseCoopers LLP
• Daniel Toth, Ford
• Donald Eastlake 3rd, Motorola
• (regrets) Raghavan N. Srinivas, Sun

Status of documents < 5 minutes

• Requirements - want to publish as a W3C TR

  Anyone have any comments they know they'll want to make?

  None stated, though Blair has mentioned he has a bunch, but we should proceed with publishing ASAP.

• Syntax and Processing - lots of editings, hopefully something decent by end of week.

Reviewing Boston W3C XML-Encryption Action Items

1. Reagle: reflect discussions in minutes in Requirements Document.

   Done.

2. Reagle and Dillaway: reflect discussion in a new specification draft including schema structures, EncryptedKey as child of KeyInfo, and adding a "hint" attribute for when there's multiple recipients.

   Done (see new issues in spec.)

3. Eastlake: draft a more complete algorithm section include algorithm profiles and IV checksum cipher text values.

   Pending. At this week, won't be able to post anything until after return.

4. Maruyama: update the Encryption/Signature Transform. Update Security Considerations, add a scenario or two (and maybe borrow "enc:DataRef" instead of using "EncryptedReference").

   Pending (returning to Japan this week.)

5. Maruyama: an email exploring the question of our processing model and the relationship between DOM, Infoset, and serialization and the issue related to using current parsers to get a pointer to a byte where element starting "<" is.

   Pending (returning to Japan this week.)

6. Reagle: "Review the use of a URI versus an ID and NameKey in an EncryptedKey element?"

   Pending

7. Reagle: Write an email describing options with respect to reuse of dsig KeyInfo.

   Pending

8. Reagle: Inform Don Davis of new requirements document when complete and that issue 6.2 was dropped.

   Pending

Requirements

Reagle: can the requirement over streaming media be further specified, hard to understand what it means technically.

Simon: xenc should meet the requirements of a streaming application.

Action Reagle: since this seems more of a coordination issues, lets most this to the coordination section.

Draft

We need some explicit schema that indicates an EncryptedKey is valid as either a standalone element or a child of a KeyInfo. -- Dillaway. Ed Simon is willing to help Reagle with this.

Shivaram. missing sections and spellcheck.