12:16:46 RRSAgent has joined #xmlsec 12:16:46 logging to http://www.w3.org/2007/07/17-xmlsec-irc 12:16:48 RRSAgent, make logs member 12:16:49 Zakim has joined #xmlsec 12:16:51 Zakim, this will be XMLSEC 12:16:51 ok, trackbot-ng; I see T&S_XMLSEC()9:00AM scheduled to start in 44 minutes 12:16:53 Meeting: XML Security Specifications Maintenance Working Group Teleconference 12:16:54 rrsagent, make log public 12:16:55 Date: 17 July 2007 12:17:02 Chair: Frederick 12:17:04 ScribeNick: tlr 12:30:33 klanz2 has joined #xmlsec 12:30:51 hi ... 12:45:04 FrederickHirsch has joined #xmlsec 12:48:14 Meeting: XML Security Specifications Maintenance WG Conference Call 12:48:25 Chair: Frederick Hirsch 12:49:22 Scribe: Thomas Roessler 12:49:37 Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0027.html 12:49:51 RRSAgent, make log public 12:52:41 T&S_XMLSEC()9:00AM has now started 12:52:48 +Frederick_Hirsch 12:52:56 -Frederick_Hirsch 12:52:57 T&S_XMLSEC()9:00AM has ended 12:52:58 Attendees were Frederick_Hirsch 12:54:38 EdSimon has joined #xmlsec 12:56:19 T&S_XMLSEC()9:00AM has now started 12:56:26 + +1.613.726.aaaa 12:56:31 zakim, call thomas-781 12:56:31 ok, tlr; the call is being made 12:56:32 +Thomas 12:56:33 sean has joined #xmlsec 12:56:48 zakim, aaaa is EdSimon 12:56:49 +EdSimon; got it 12:57:01 jcc has joined #xmlsec 12:58:52 rdm has joined #xmlsec 12:59:33 +sean 12:59:46 +??P4 12:59:47 zakim, ? is klanz2 12:59:48 +klanz2; got it 13:00:03 + +1.410.695.aabb 13:00:13 zakim, mute me 13:00:13 klanz2 should now be muted 13:00:18 zakim, aabb is rdm 13:00:18 +rdm; got it 13:00:20 +??P7 13:00:35 zakim, ??P7 is jcc 13:00:35 +jcc; got it 13:00:51 Frederick, are you on the phone line? 13:01:00 having difficulty with phone connedtion, will try again 13:01:39 frederick, do you have skype? 13:01:57 hal has joined #xmlsec 13:02:15 ack klanz2 13:03:03 http://www.w3.org/2007/xmlsec/wiki/UserPreferences 13:03:05 yes let me try land line 13:03:17 frederick, shall I try to conference you in through skype? 13:03:48 zakim, who is on the phone? 13:03:48 On the phone I see EdSimon, Thomas, sean, klanz2, rdm, jcc 13:04:04 zakim, what is the number? 13:04:04 I don't understand your question, FrederickHirsch. 13:04:05 +Hal_Lockhart 13:04:11 zakim, code? 13:04:11 the conference code is 965732 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), tlr 13:04:11 zakim, what is the phone number? 13:04:13 I don't understand your question, FrederickHirsch. 13:04:25 PHB has joined #xmlsec 13:05:05 + +03531637aacc 13:05:09 VoIP 13:05:22 can you hear me 13:05:27 zakim, aacc is FrederickHirsch 13:05:28 +FrederickHirsch; got it 13:05:39 zakim, who is here? 13:05:39 On the phone I see EdSimon, Thomas, sean, klanz2, rdm, jcc, Hal_Lockhart, FrederickHirsch 13:05:42 On IRC I see PHB, hal, rdm, jcc, sean, EdSimon, FrederickHirsch, klanz2, Zakim, RRSAgent, tlr, trackbot-ng 13:06:14 Agenda: http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0027.html 13:06:17 zakim, who is talking? 13:06:28 tlr, listening for 10 seconds I heard sound from the following: klanz2 (0%), sean (45%) 13:06:30 Topic: Administrvia 13:06:33 zakim, mute sean 13:06:33 sean should now be muted 13:06:45 Next meeting: 31 July, no meeting next week 13:06:56 fjh: Tech plenary draft agenda is available. 13:07:03 ... still soliciting papers for workshop ... 13:07:09 ... please follow up on interop questionnaire ... 13:07:13 ... minutes for last time .... 13:07:26 http://www.w3.org/2007/07/10-xmlsec-minutes 13:07:27 zakim, code? 13:07:27 the conference code is 965732 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), PHB 13:07:40 tlr: umh, did I update the version in datespace 13:08:25 http://www.w3.org/2007/07/10-xmlsec-minutes.html 13:08:36 That's the updated version. 13:08:42 RESOLUTION: minutes approved 13:08:44 Topic: action item review 13:08:52 +PHB 13:09:06 ACTION-26: note for submission to CG; continued 13:09:38 action-50 to be assigned to THomas, 31 July 13:09:38 ACTION-50: reassign to Thomas; new due date on 31 July 13:10:16 ACTION-53: work toward publication of decryption transform; blocked on XPointer issue 13:10:20 ACTION-56: done 13:11:10 ACTION-58: done; might need some refinement in terms of test cases 13:11:21 ACTION-61: done; haven't heard back 13:11:29 ACTION-62: clarify testing issues; done 13:11:33 ACTION-63: done 13:11:36 i am muted, but yes my action item is closed 13:11:57 sean, you can unmute yourself by saying "zakim, unmute me" 13:11:59 Topic: XPointer 13:12:20 http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0018.html 13:12:21 i can scribe for thomas in this section 13:12:38 zakim, mute me 13:12:39 rdm should now be muted 13:13:02 Both decrypt transform and xml dsig core include effectively normative reference to XPointer, but to CR 13:13:34 this was returned to WD, split into three, two went to REC 13:13:43 xpointer() XPointer scheme 13:13:51 one part that includes material referenced did not , i.e 13:14:47 DSig core can reference XPointer REC and Element scheme() XPointer 13:14:49 http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/xmldsig-core-xpointer.html#sec-ReferenceProcessingModel 13:14:53 look at 4.3.3.2 13:15:35 look for paragraph "When a fragment is not preceded " 13:15:46 barename now called shortname 13:16:43 three kinds of XPointer - barename (still exist, shortname) in XPointer framework 13:17:05 do you have a link for the short name definition 13:17:16 second, #xpointer(/), identifies root element in nodeset 13:17:28 yes, in XPointer Framework... 13:18:10 syntax for element XPointer only allows document, but would lose comments after closing tag of document element 13:18:22 so cannot use element XPointer for this 13:18:27 hence definition in this draft 13:19:18 XPointer framework REC is http://www.w3.org/TR/2003/REC-xptr-framework-20030325/ 13:19:38 XPointer element scheme REC http://www.w3.org/TR/2003/REC-xptr-element-20030325/ 13:20:09 looking at 4.3.3.3 13:20:26 no XPointer evaluation context defined in framework 13:20:47 edit for this, also to remove location-set 13:21:08 i.e. no context, no location-set (point nodes, range set) 13:21:58 -klanz2 13:22:07 lost the call 13:22:26 full xpointer, now is scheme based xpointer (equivalent distinction) 13:23:49 q+ 13:24:08 q 13:24:11 q+ 13:24:13 zakim, ? is klanz2 13:24:13 sorry, klanz2, I do not recognize a party named '?' 13:24:14 +??P16 13:24:18 zakim, ? is klanz2 13:24:18 +klanz2; got it 13:24:42 fjh: intent of the changes to do what was done before, but not refer to xpointer 13:24:58 ... select portion of text? ... 13:25:08 ... change implementations that relied on that? ... 13:25:30 q+ 13:25:37 -klanz2 13:26:47 +Konrad_Lanz 13:27:02 tlr: well, that's OPTIONAL. Also, step 2 suggests that a partially selected text node would be fully referenced in the old model, no? 13:27:19 jcc: same question, q- 13:27:22 q- jcc 13:27:26 ack FrederickHirsch 13:27:28 ack FrederickHirsch 13:27:30 ack PHB 13:27:45 not conformance effecting 13:27:48 q- 13:27:49 phb: it's ok 13:28:23 http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/xmldsig-core-xpointer.html#sec-ReferenceProcessingModel 13:28:31 I think we need time to review the changes before the next call in two weeks. 13:28:54 q+ 13:29:04 ack hal 13:29:04 I'm good with merging. 13:29:10 ok with merging 13:29:20 ACTION: tlr to merge into main editor's draft 13:29:20 Created ACTION-64 - Merge into main editor's draft [on Thomas Roessler - due 2007-07-24]. 13:30:22 fjh: sense of group -- pretty close, no major rework? 13:30:28 q+ 13:30:32 klanz2: ok 13:30:47 ack tlr 13:31:09 tlr: do w have test cases for C4N with comments? 13:31:13 s/do w/do we/ 13:31:18 jcc: can take an action 13:31:51 ACTION: juan carlos to develop/retrieve test cases for C14N with comments, scheme-based xpointers 13:31:51 Created ACTION-65 - Carlos to develop/retrieve test cases for C14N with comments, scheme-based xpointers [on Juan Carlos Cruellas - due 2007-07-24]. 13:32:45 tlr: inform coordination group of this approach regarding XPointer behaviour 13:33:07 ACTION: thomas to inform xml cg of intent to squat on xpointer(/) and xpointer(id(ID)) 13:33:07 Created ACTION-66 - Inform xml cg of intent to squat on xpointer(/) and xpointer(id(ID)) [on Thomas Roessler - due 2007-07-24]. 13:33:27 topic: identifiers for xpath 2.0 and xslt 2.0 13:33:38 http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0012.html 13:34:43 +1 13:35:05 -Hal_Lockhart 13:35:20 fjh: defer to XML Signature vNext 13:35:23 ed: agree 13:35:38 ACTION: EdSimon to update wiki to list XPath 2.0 and XSLT 2.0 identifiers 13:35:38 Sorry, couldn't find user - EdSimon 13:35:40 +Hal_Lockhart 13:35:48 action: Ed Simon to update wiki to list XPath 2.0 and XSLT 2.0 identifiers 13:36:00 Created ACTION-67 - Simon to update wiki to list XPath 2.0 and XSLT 2.0 identifiers [on Ed Simon - due 2007-07-24]. 13:36:23 tlr: for items we defer to v.next, if urgent issue we can write note or members can do member submissions 13:36:59 Topic: RFC 4514 and 2253 13:37:02 zakim, umute me 13:37:02 I don't understand 'umute me', sean 13:37:07 zakim, unmute sean 13:37:07 sean should no longer be muted 13:37:09 zakim, unmute me 13:37:09 sean was not muted, sean 13:37:24 http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0024.html 13:37:32 fjh: thanks for doing that; very helpful 13:37:39 sean: went through the grammars, looked at changes section in 4514 13:37:46 ... three possible places with incompatibilities ... 13:37:57 ... but they're (a) obscure, and (b) fix obvious bugs in 2253 ... 13:38:12 ... first one, 2253 if you look at grammar doesn't allow attribute type keywords of length 1 ... 13:38:18 ... highly unlikely that's enforced ... 13:38:22 ... would forbid C='US' ... 13:38:26 ... used widely ... 13:38:43 ... second one, RFC 2253 didn't allow '\ ' to escape a space ... 13:38:47 ... another bug in the grammar .. 13:38:56 ... doubt there are any implementations that enforce this one ... 13:39:09 ... last one, RFC 4514 requires null characters to be escaped ... 13:39:14 ... 2253 doesn't say anything about them ... 13:39:20 ... worth writing a test case for each ... 13:39:26 ... to make sure implementations aren't broken ... 13:40:03 fjh: write test cases, what else do we need to do? 13:40:15 sean: umh 13:40:40 fjh: I'm asking the wrong question. We've narrowed down the issues. These are reasonable changes, we'll look if we have any issues -- not sure that's really needed. 13:40:57 sean: I'm just suggesting that test cases are final action. If we do find problems, that's better fixed in the implementation than in the spec. 13:41:40 Agree that ok to change normative reference, to 4514, if these issues arise, then implementation has serious issue, an implementation issue 13:41:47 tlr: to summarize, we're fine changing the reference. If the differential use cases demonstrate strict RFC 2253 compliance, then that suggests insane implementation. 13:41:52 s/Agree/Summary, agree 13:42:02 fjh: sounds reasonable 13:42:18 sean: would like to hear from Konrad 13:42:23 -PHB 13:42:25 klanz: read e-mail; think that's fine 13:42:40 fjh: what else do we need to do? 13:43:30 tlr: umh? 13:43:34 fjh: where do we record this? 13:43:35 record this in transition request as annotation to changes 13:43:41 record in readme for test case 13:43:42 tlr: annotation to changes; transition request 13:43:46 sean: readme for test cases 13:44:52 fjh: track on wiki, not as separate action item 13:45:57 tlr: let's keep them in tracker 13:46:07 fjh: yeah... might indeed make it easier 13:46:41 ACTION: sean to develop RFC 4514 / RFC 2253 test cases 13:46:44 Created ACTION-68 - Develop RFC 4514 / RFC 2253 test cases [on Sean Mullan - due 2007-07-24]. 13:47:33 zakim, mute me 13:47:33 sean should now be muted 13:47:43 topic: wrap up some things that hung around the agenda for a while 13:47:51 s/topic: wrap up some things that hung around the agenda for a while/ 13:47:54 topic: misc wrap-up 13:48:16 fjh: XML escaping and well-formedness. Agreed there's no need to do more on this. 13:48:23 klanz2: early e-mail exchange; moot 13:48:30 ... agree there's no open issue ... 13:48:54 EdSimon: yep, there was also an exchange with Sean around CDATA etc; not an issue 13:49:06 fjh: encoding of leading space in dname work -- anything needed? 13:49:13 ... thought we had deferred to vNext ... 13:49:19 ... is that an issue any more with all the changes? ... 13:50:03 klanz2: it's recommended to escape first space character... 13:50:20 http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/ 13:50:47 tlr: RFC 4514 takes care of that 13:50:53 klanz2: "augment" takes care of that 13:50:59 tlr: 4514 requires space at beginning to be escaped 13:51:01 ... on the xmldsig-core side ... 13:51:06 fjh: ok, issue closed 13:51:28 fjh: adding a warning similar to what was in the RFC 13:51:39 sean: record as best practice item 13:51:47 fjh: who would like to do this? 13:51:55 ed: ok, will do that along with other wiki stuff 13:52:04 ... would like review from Sean, Konrad ... 13:52:12 warning similar to that of section 7.2 of RFC 2253: http://www.ietf.org/rfc/rfc2253.txt 13:52:36 ACTION: ed to draft warning similar to that of section 7.2 of RFC 2253 as possible best practice item 13:52:36 Created ACTION-69 - Draft warning similar to that of section 7.2 of RFC 2253 as possible best practice item [on Ed Simon - due 2007-07-24]. 13:53:03 fjh: reversibility of string to DER encoding ... another warning? 13:53:23 q+ 13:53:30 jcc: yeah, that's what I was thinking 13:53:40 ack tlr 13:54:07 tlr: either this is the same issue as above, or the last action is wrong. 13:54:18 fjh: ooops, yes. Juan Carlos, please review what Ed does. 13:54:34 5c and 5d same item (in agenda) 13:54:46 q+ 13:55:09 q- 13:55:30 http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0005.html 13:55:46 Topic: ACTION-60; mime types vs URIs 13:56:01 jcc: that was the message sent concerning the two attributes ... 13:56:08 ... one appearing in ds:Reference, one appearing in ds:Object ... 13:56:17 ... conclusion after reading in spec was ... 13:56:31 ... ??? ... 13:56:46 ... type attribute in ds:Reference always pointed to Object, Manifest, whatever ... 13:56:53 ... Type attribute in ds:Object element is MIME type ... 13:56:57 ... which deals with media type ... 13:57:02 ... they look a bit orthogonal ... 13:57:07 ... but no guidance at all ... 13:57:21 ... some kind of guidance should be given which interpretation is the right one ... 13:57:26 ... MIME type is string, Type is URI ... 13:57:49 ... but we could put a MIME type into Type (??) ... 13:57:56 ... clarify and agree what purposes of each attribute are ... 13:58:29 fjh: let me summarize... not an issue with the rec, but maybe some interpretation advice in best practice document? 13:58:33 jcc: exactly 13:59:11 klanz2: is there shared view that these are orthogonal -- schema type vs. media type of encoded object? 13:59:22 ... I agree to that interpretation ... 13:59:35 fjh: konrad, please send list to message, errrm, .. 13:59:45 ;-) 13:59:48 Topic: interop 13:59:48 http://lists.w3.org/Archives/Public/public-xmlsec-maintwg/2007Jul/0026.html 14:00:00 I'll list a send to the message ;-) 14:00:11 jcc: tried to clarify proposed way to build infrastructure for infrastructure 14:00:28 ... proposal is that last table have links to details of test cases ... 14:00:32 ... and test cases themselves .... 14:01:05 ... especially relevant for test cases dealing with c14n and inheritanc e... 14:01:22 ... first, XML document, then list of links to different signatures ... 14:01:28 ... that participants would compute ... 14:01:41 ... in the end, would have document reference with tables and references to each test case ... 14:02:19 fjh: some c14n tests might just have input/output? 14:02:22 q+ 14:02:30 jcc: ?? 14:02:36 fjh: maybe just look at same canonicalized output? 14:02:47 jcc: not at level of signature, only i/o of c14n? 14:03:03 ... would work for some test cases, but maybe would also like to have negative test cases? 14:03:11 q- 14:03:36 klanz2: enveloping signatures? 14:03:53 jcc: need to think more about that 14:04:23 ... for identifying false positives, would need actual signatures ... 14:04:53 klanz2: doesn't prevent us from having unit tests for c14n 14:05:13 fjh: want to focus next call on (a) agreeing on redline as merged 14:05:22 Topic: next meeting 14:05:39 fjh: also, go through Juan-Carlos' document, test document, update, make progress on that 14:05:44 ... please review ahead of time ... 14:05:44 q+ 14:06:10 klanz2: is there some howto for the CVS? 14:06:48 tlr:test data goes into test subdirectory for interop 14:07:03 tlr: test data goes into test subdirectory for interop 14:07:16 tlr: try to use valid HTML instead of word etc 14:07:30 ... avoid plain UTF-8 encoding 14:07:41 ... general cvs instructions available on W3C 14:07:46 s/tlr:test data goes into test subdirectory for interop// 14:09:16 next call - agree dsig redline (merged), decrypt to last call, normative reference to URI spec (RFC obsoleted) same doc RFC reference (Thomas to send), review Juan Carlos docs 14:10:02 s/send/send more detailed message to list/ 14:10:23 fjh: adjourned 14:10:29 -sean 14:10:32 -Hal_Lockhart 14:10:41 -jcc 14:10:43 -EdSimon 14:10:44 -rdm 14:11:09 -Konrad_Lanz 14:11:10 -FrederickHirsch 14:11:10 zakim, list participants 14:11:11 As of this point the attendees have been +1.613.726.aaaa, Thomas, EdSimon, sean, klanz2, +1.410.695.aabb, rdm, jcc, Hal_Lockhart, +03531637aacc, FrederickHirsch, PHB, Konrad_Lanz 14:11:13 rrsagent, please draft minutes 14:11:13 I have made the request to generate http://www.w3.org/2007/07/17-xmlsec-minutes.html tlr 14:16:10 disconnecting the lone participant, Thomas, in T&S_XMLSEC()9:00AM 14:16:11 T&S_XMLSEC()9:00AM has ended 14:16:13 Attendees were +1.613.726.aaaa, Thomas, EdSimon, sean, klanz2, +1.410.695.aabb, rdm, jcc, Hal_Lockhart, +03531637aacc, FrederickHirsch, PHB, Konrad_Lanz 14:43:13 PHB has left #xmlsec 16:23:11 rdm has joined #xmlsec 16:23:19 Zakim has left #xmlsec 16:41:18 rrsagent, excuse us 16:41:18 I see 7 open action items saved in http://www.w3.org/2007/07/17-xmlsec-actions.rdf : 16:41:18 ACTION: tlr to merge into main editor's draft [1] 16:41:18 recorded in http://www.w3.org/2007/07/17-xmlsec-irc#T13-29-20 16:41:18 ACTION: juan carlos to develop/retrieve test cases for C14N with comments, scheme-based xpointers [2] 16:41:18 recorded in http://www.w3.org/2007/07/17-xmlsec-irc#T13-31-51 16:41:18 ACTION: thomas to inform xml cg of intent to squat on xpointer(/) and xpointer(id(ID)) [3] 16:41:18 recorded in http://www.w3.org/2007/07/17-xmlsec-irc#T13-33-07 16:41:18 ACTION: EdSimon to update wiki to list XPath 2.0 and XSLT 2.0 identifiers [4] 16:41:18 recorded in http://www.w3.org/2007/07/17-xmlsec-irc#T13-35-38 16:41:18 ACTION: Ed Simon to update wiki to list XPath 2.0 and XSLT 2.0 identifiers [5] 16:41:18 recorded in http://www.w3.org/2007/07/17-xmlsec-irc#T13-35-48 16:41:18 ACTION: sean to develop RFC 4514 / RFC 2253 test cases [6] 16:41:18 recorded in http://www.w3.org/2007/07/17-xmlsec-irc#T13-46-41 16:41:18 ACTION: ed to draft warning similar to that of section 7.2 of RFC 2253 as possible best practice item [7] 16:41:18 recorded in http://www.w3.org/2007/07/17-xmlsec-irc#T13-52-36