[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: DSS-TC 16 May 2005 meeting minutes
DSS TC Conference Minutes Date: Monday, 16 May 2005, 12:00pm - 01:00pm ET Agenda: 1. Welcome by chair (Juan Carlos Cruellas) 2. Confirm conference call minute taker (Dimitri Andivahis) Dimitri Andivahis took minutes. 3. Roll Call Hal took the roll call. Voting Members Hal Lockhart, BEA Systems Pieter Kasselman, Betrusted Krishna Yellepeddy, IBM Juan Carlos Cruellas, Individual Andreas Kuehne, Individual Trevor Perrin, Individual Glenn Benson, J.P. Morgan Chase & Co. Dimitri Andivahis, Surety Prospective Member Stefan Drees, Individual 4. Approval of agenda Agenda approved. 5. Approval of minutes of 02 May 05 Minutes of 02 May 05 approved. 6. Outstanding Actions Review Action 05-02-07-01 [Nick and JC] Add section on upcoming Profiles to Roadmap Document. Juan Carlos reported this is ongoing; to be completed within the next two weeks. Action 05-04-04-4 : Nick : draft a response to IPR question. Juan Carlos reported that according to Nick (not present) this is ongoing, and that Nick expected to report on it at the next conference call. Action 05-04-04-5 : all : take a look at the ambiguous sentence in section 3.5.8 Juan Carlos proposed that it remain open; Stefan seconded. Action 05-04-04-6 : JC, Ed, Andreas : List of topics to be addressed in InterOP testing Juan Carlos reported it is ongoing, and that the list of topics is not yet completed. Action 05-04-18-01 [JC, Ed, and Dimitri] Ed to clarify Timestamp verification and updating in the EPM profile. JC to confirm if any clarifications required in XAdES. Dimitri to pick up and suggest any required core clarifications. Closed. In the previous conference call, Ed and Juan Carlos had expressed the opinion that this action be closed, but wanted to hear Dimitri's opinion (absent from previous call); Dimitri agreed to have this action closed. Action 05-04-18-04 [JC and Ed] JC to take a shot at some text which will form the recommended change to the core. Ed to review and feedback. Juan Carlos reported it is ongoing. Action 05-05-02-01 - John Messing to provide information on the new MIME type proposed by the Court Filing TC to replace base64 and DIME. Juan Carlos reported it is ongoing. Action 05-05-02-02 - Glenn Benson to issue a new version of Signature gateway profile incorporating most of the comments in msg00015.html, with some exceptions. Exceptions will be discussed off-line by mail. Closed. Glenn submitted a new version and addressed the comments that had been submitted by Nick. Nick has since sent email to the list requesting further consideration on the description of service policy. Action 05-05-02-03 - Juan Carlos, Andreas, Ed and Tommy to submit signature artifacts to Wiki. Juan Carlos reported it is ongoing. 7. Issues on the core and profiles maintenance Juan Carlos explained that the issues of core and profile maintenance were moved ahead of the upcoming profiles on the agenda to allow for more time for discussion on these issues. Juan Carlos asked Stefan, the new editor for the Core document, to provide an update. 7.1 Review issues in the Comments Tracking document. . See also thread on Non encoding of XMLData, canonicalization, exclusive canonicalization, and restrictions imposed to clients. References: starting: http://www.oasis-open.org/apps/org/workgroup/dss/email/archives/200505/msg00007.htm ..... http://www.oasis-open.org/apps/org/workgroup/dss/email/archives/200505/msg00021.html and their follow-ups Stefan said that he submitted a new draft of the DSS Comments Tracking document. The new draft contains information about past discussions, even on topics where the discussion led to no changes to the Core document. Stefan explained that based on the recent discussion on the mailing list about XML Data encoding and the exclusive canonicalization issue, he opened a new issue, "Document vs. Signature validation" and asked Trevor to talk further about it. Trevor mentioned that the issue is not directly related to the XML data encoding issues, and referred to his message on the list. Trevor thought that the verify protocol is too complicated, compared to the sign protocol, and thought that some of this functionality could be moved to a profile. Juan Carlos pointed that the XML data encoding issue should be resolved first, since it affects implementers of the protocols, and said that in hi thinking the issue of simplifying the verify protocol is medium-term in terms of priority. Trevor agreed. Stefan thought that the issue deserved to be discussed at length, and that it is important to match the vision and the implementation for the documents. He also thought that the group could have a drill-down approach and address the security concerns, and he brought up his experience with XPath discussions. Stefan thought that at this point there was diversity of opinions on the issues, but was hopeful for a resolution. Juan Carlos asked whether he knew how the email discussion between Konrad (Lanz) and Trevor could be resolved, that is, by editing some text, adding a new section, or otherwise. Trevor said that the proposed requirement to apply client-side canonicalization is problematic because, among other reasons, it is not a requirement in XMLDSig. He also said he expects Konrad's response to his last email to further advance resolution of the issue. Juan Carlos gave an example of a client who tries to sign a subtree of an XML document, and asked whether under certain circumstances, subsequent verification of the DSS signature would fail. Trevor thought that in the specific example verification wouldn't fail, but the issue is complicated enough that any discussion would need to pay attention to the details. Juan Carlos asked about Konrad's assertions on the mailing list regarding security issues and attacks on the protocols. Trevor responded that the cases presented (broken client) were not really a security concern, and that a broken client could only harm himself. Trevor thought that the committee members could review his proposal and come to an agreement. ACTION [All] Consider Trevor's proposal on simplifying verification and come to a resolution on the XML Schema issue. ACTION [Stefan] Inspect all comments posted, assess whether issues are closed, and post to the list. 8. Upcoming Profiles - Signature gateway profile (Glenn) Reference: http://www.oasis-open.org/apps/org/workgroup/dss/email/archives/200505/msg00017.html Glenn talked about the additional comments submitted by Nick. He thought the comments were on a minor issue, and asked for information on moving forward with this profile. Juan Carlos proposed for Glenn to try to clarify Nick's comments this coming week, and possibly have this profile voted as a committee draft at the next conference call. Glenn agreed with this proposal, and will post a new draft document after he resolves the issue with Nick. - Timestamp profile update for managing nested time-stamps (Dimitri) Dimitri reported that he had been away for two weeks and hadn't followed up on Nick's most recent comments on the issue yet. ACTION [Dimitri] Respond to Nick's comments on nested timestamps. Juan Carlos proposed an additional action to add text and make explicit the issues of timestamp verification related to closed Action 05-04-18-01. ACTION [ Juan Carlos, Ed, Dimitri ] Provide text to clarify Timestamp verification and updating in the XAdES, EPM, timestamping profiles. - Reports regarding any progress on other profiles 9. Interoperability testing Juan Carlos said that certain artifacts has been uploaded to Wiki, but not all test cases are available yet. He expected that by the next conference call a document of all test cases would be posted. Some sign request and some sign responses have been generated and they will be exchanged through Wiki by the next conference call. 10. Date of Next meeting. Proposal for 30th May 2005 It was pointed that May 30 is a holiday in the US, and that may affect quorum. It was decided to wait 2-3 days until a decision can be made on whether to keep or postpone the next conference call. ACTION [Chairs] By the end of this week, determine whether the next conference call should be held on May 30 or postponed until a later date. 11. Any other business 12. Close New and outstanding Actions Action 05-02-07-01 [Nick and JC] Add section on upcoming Profiles to Roadmap Document. Action 05-04-04-4 : Nick : draft a response to IPR question. Action 05-04-04-5 : all : take a look at the ambiguous sentence in section 3.5.8 Action 05-04-04-6 : JC, Ed, Andreas : List of topics to be addressed in InterOP testing Action 05-04-18-04 [JC and Ed] JC to take a shot at some text which will form the recommended change to the core. Ed to review and feedback. Action 05-05-02-01 - John Messing to provide information on the new MIME type proposed by the Court Filing TC to replace base64 and DIME. Action 05-05-02-03 - Juan Carlos, Andreas, Ed and Tommy to submit signature artifacts to Wiki. Action 05-05-16-01 [All] Consider Trevor's proposal on simplifying verification and come to a resolution on the XML Schema issue. Action 05-05-16-02 [Stefan] Inspect all comments posted, assess whether issues are closed, and post to the list. Action 05-05-16-03 [Dimitri] Respond to Nick's comments on nested timestamps. Action 05-05-16-04 [ Juan Carlos, Ed, Dimitri ] Provide text to clarify Timestamp verification and updating in the XAdES, EPM, Core, and timestamping profiles. Action 05-05-16-05 [Chairs] By the end of this week, determine whether the next conference call should be held on May 30 or postponed until a later date. Submitted by: Dimitri Andivahis, Surety dimitri@surety.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]