Agenda: distributed meeting 2007-06-12

Agenda: W3C XML Security Specifications Maintenance WG (XMLSec)
Teleconference 12 June 2007
Distributed Meeting #6

6 June, 9-10am Eastern Time
(6-7am Pacific, 1400-1500 Dublin, 1500-1600 CET, 1600-1700 Crete)

See <http://www.w3.org/2007/xmlsec/Group/Overview.html> for time in  
other time zones.

Zakim Bridge:
       +1.617.761.6200 conference code 965732# ('XMLSEC')
IRC Chat:
     irc.w3.org (port 6665), #xmlsec
Web-based IRC (member-only):
     <http://cgi.w3.org/member-bin/irc/irc.cgi>

Please note that attendance of XMLSEC WG telecons is restricted to  
registered WG participants and persons invited by the chair.

Chair:
    Frederick Hirsch

Regrets:
    none

1) Administrivia: scribe confirmation, next meeting

    ?? is scheduled to scribe.  The current scribe list is at the end  
of this message.

    Scribe Instructions:
    http://www.w3.org/2007/xmlsec/Group/Scribe-Instructions.html

    Next meeting: Tuesday 19 June. Scribe: ??

2) Review and approval of last meeting's minutes
    http://www.w3.org/2007/06/05-xmlsec-minutes

3) Action item review

    Open actions are listed in Tracker at http://www.w3.org/2007/ 
xmlsec/Group/track/actions/open

    Note, action items should only be closed in Tracker during WG  
meeting as they are agreed as closed. When completing an action, the  
owner should send an email to the public xmlsec mailing list stating  
the resolution of the action and that it should be closed, and should  
refer to "ACTION-<number>" in the message so the message is linked to  
the tracker notes for that action. The owner should NOT close the  
issue in tracker at that time.

Action 26 : draft CG note draft for submission to XML CG, Thomas  
Roessler

Action 35: Review Konrad's message re xml:base by next call, Rich Salz
Agenda item 6a.

Action 36 Review Konrad's message re xml:base by next call, Juan  
Carlos Cruellas
Agenda item 6a.

Action 37 Review Konrad's message re xml:base by next call, Sean Mullan
Agenda item 6a.

Action 38 Review Konrad's message re xml:base by next call, Ed Simon
Agenda item 6a.

Action 41, Check his implementation wrt DNAME erratum, Sean Mullan
Agenda item 8a.

Action 42, Produce example for breakage due to current E01 language,  
Juan Carlos Cruellas
Agenda item 8a.
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/ 
0001.html

Action 43, to produce example for breakage due to current E01  
language, Konrad Lanz
Agenda item 8a.
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/ 
0041.html
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/ 
0004.html

ACTION-44  Update CFP draft as suggested in http://lists.w3.org/ 
Archives/Member/member-xmlsec-maintwg/2007Jun/0000.html ,Thomas Roessler
Done (Frederick)
Agenda 4a

ACTION-45 Give information on hosting to PHB, Thomas Roessler
Done

ACTION-46 Confirm hosting by end of the week, Phillip Hallam-Baker

ACTION-47 Thomas and Frederick to update Decryption Transform editors  
draft for Last Call, for next meeting,  Thomas Roessler
Agenda 5

ACTION-48 Make proposal to resolve issue on http://lists.w3.org/ 
Archives/Public/public-xmlsec-maintwg/2007Jun/0010.html, Juan Carlos  
Cruellas

ACTION-49, Illustrate proposed changes by example, Konrad Lanz

4) Workshop/CFP

    Updated CFP, including timeline:
    http://www.w3.org/2007/xmlsec/ws/cfp.html

4a) Comments on updated CFP?

4b) Confirm workshop logistics: 25 & 26 September, 9-5, Verisign,  
Mountainview.

Action to create logistics web page.

4c) Other workshop issues.

Plan for W3C review this week (Wednesday) before publication.

5) Decryption Transform to Last Call

Current (updated) draft:
    http://www.w3.org/2007/xmlsec/Drafts/xmlenc-decrypt.html

No review comments noted on mailing list.

Updated namespace URIs (member only):
http://lists.w3.org/Archives/Member/member-xmlsec-maintwg/2007May/ 
0036.html

5a) WG agree to bring this draft to Last Call?

6) C14N11 Review

Draft : http://www.w3.org/XML/Group/2007/05/CR-xml-c14n11-20070509.htm

CR transition request: http://lists.w3.org/Archives/Public/public-xml- 
core-wg/2007May/0040

6a) merge path, C14N11 Appendix issue

http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/ 
0044.html , Konrad Lanz

Action 35: Review Konrad's message re xml:base by next call, Rich Salz

Action 36 Review Konrad's message re xml:base by next call, Juan  
Carlos Cruellas

Action 37 Review Konrad's message re xml:base by next call, Sean Mullan

Action 38 Review Konrad's message re xml:base by next call, Ed Simon

Next steps?

7) Changes to DSig-Usage note

See http://www.w3.org/TR/DSig-usage/

Update to reference CR version of C14N11 in note
   http://www.w3.org/TR/2006/WD-xml-c14n11-20061220/

See 8b

8) Editorial review - XML Signature

Current draft:
    http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/
    http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/changes.html

8a) Errata 01 (Distinguished Name) issue
http://www.w3.org/2001/10/xmldsig-errata#E01

Current edit to section 4.4.4
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-X509Data

Current proposal to section

Action 41, Check his implementation wrt DNAME erratum, Sean Mullan

Action 42, Produce example for breakage due to current E01 language,  
Juan Carlos Cruellas
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/ 
0001.html

Action 43, to produce example for breakage due to current E01  
language, Konrad Lanz
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007May/ 
0041.html
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/ 
0004.html, Konrad summary on escaping
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/ 
0005.html , Sean

8b) Algorithm identifiers

Incorporate algorithm identifiers defined in note (section 3) into  
XML Signature revision, as follows:

Identifiers
Canonical XML 1.1 (omits comments)
http://www.w3.org/2006/12/xml-c14n11
Canonical XML 1.1 with comments
http://www.w3.org/2006/12/xml-c14n11#WithComments

8c) ds:Reference type as URI versus ds:Object Mime Type
http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jun/ 
0000.html , Juan-Carlos

9) Interop testing, participation expectations

Some material in this agenda item might be member confidential.

    Review interop testing expectations:
    http://www.w3.org/2002/09/wbs/40279/interop-interest/results

10) Test cases

    i) Regression tests - original XML Signature and Decryption
    Transform cases Action to review and summarize?

    ii) test defined in new C14N11 example (as updated)
    <http://www.w3.org/XML/Group/2007/05/CR-xml-c14n11-20070509>

    iii) E01 - see ACTION-19 Agreed at F2F that no tests needed for
    E02-E05

    iv) Action to review and summarize test for E06, test for base64
    URI?  Test exists but not well-defined?

    v) Action to summarize dditional tests?

    greg: test case for 1.0 as default see if 1.1 by mistake
    <hal> test case which checks for correct sig when xml:base is
    present
    <hal> test case which checks for correct sig when xml:id is present
    <fjh> thomas: generate sig over doc subset, must include c14n11
    as  final transform
    <fjh> greg: new generators not rely on default c14n
    <klanz2> Test case for conversion NodeSetData to OctetStreamData:
    <klanz2> Use case: Generate a signature having a reference with
    some xpath transform selecting NodeSetData
    <klanz2> then we add a XSLT transform that clearly needs
    OctetStreamData
    <klanz2> Check on verification: if the resulting signature
    actually made the use of c14n 1.1 explicit in the chain of  
transforms

11) Any other business

12) Adjourn

Scribe list
-----------

Elisabetta Carrara
Donald Eastlake
Peter Lipp
Hal Lockhart
Ram Mohan
Anthony Nadalin
Chris Nautiyal
Rich Salz
Daniel Schutzer
Ed Simon
Andrew Sullivan
Panagiotis Trimintzios
Tarun Tyagi
Thomas Roessler (17 Apr 07)
Greg Whitehead (F2F 2 May 07 am)
Rob Miller  (F2F 2 May 07 pm)
Gregory Berezowsky (F2F 3 May 07 am)
Sean Mullan (F2F 3 May 07 pm)
Juan Carlos Cruellas (15 May 2007)
Phillip Hallam-Baker (22 May 2007)
Giles Hogben  (29 May 2007)
Konrad Lanz (6 June 2007)

regards, Frederick

Frederick Hirsch
Nokia

Received on Friday, 8 June 2007 17:03:50 UTC