< Return to Calendar

* DSS-X Conference Call #252 (Conference Call)
Name * DSS-X Conference Call #252 (Conference Call)
Time Monday, 02 November 2020, 06:00pm to 07:00pm CET
(Monday, 02 November 2020, 05:00pm to 06:00pm UTC)
Description No description provided.
Agenda

1. Welcome by the Chair (Andreas)

2. Minutes taker
All write into the chat(http://webconf.soaphub.org/conf/room/dss-x), Andreas assembles and uploads into document area.

3. Roll call

4. Approval of the agenda

5. Approval of minutes from previous calls

5.1 Minutes from call #251 on 07 Sep 2020:
URL = https://www.oasis-open.org/committees/document.php?document_id=67733&wg_abbrev=dss-x

6. DSS-X documents

6.1 Progress of DSS-X Core

- publication of CVE
    CVE-2020-13101 assigned, waiting for approval
    info teaser published
    status of CVE-2020-13101?

    
- topics for CS03
    
DSSX-63: Section 6 of the core cs02 references a non-existing element 'SignatureType' of OptionalInputsVerify
DSSX-64: Reference JSON schema in Swagger and OAS files

collecting additional topics
planning for CS03 together with some profiles

6.2 Problems verifying XML and JSON schema

- local and remote schema locations
- due to JSON Validator „tberman.json-schema-validator“: Invalid schema: dereference error
- due to OpenAPI validator „mermade.openapi-lint“ : 'incContent' invalid

    status of stefan's multi-TC efforthttps://github.com/WebOfTrustInfo/ld-signatures-java.git
 

7. Profiles
- Evidence, JSON Signature and X.509 profiles next for CD.
first draft of Evidence Record Validation profile at https://www.oasis-open.org/committees/document.php?document_id=67046&wg_abbrev=dss-x

Received comment from Tobias Wich: https://lists.oasis-open.org/archives/dss-x-comment/202007/msg00000.html
Response and open topic (response URL) at https://lists.oasis-open.org/archives/dss-x-comment/202007/msg00001.html

updated version pending

- JSON Canonicalization
Any agreed standard? RFC 8785

Implementations (thanks to Anders):
Java: https://mvnrepository.com/artifact/io.github.erdtman/java-json-canonicalization/1.1
JavaScript: https://www.npmjs.com/package/canonicalize
.NET Core: https://github.com/cyberphone/json-canonicalization/tree/master/dotnet
Python 3.X: https://github.com/cyberphone/json-canonicalization/tree/master/python3
go: https://github.com/cyberphone/json-canonicalization/tree/master/go


- AdES
JAdES uses http://json-schema.org/draft-07/schema#. Any need for us to align?

- Verifiable Credentials
Java implentations
https://github.com/jsonld-java/jsonld-java URDNA-2015 missing

https://github.com/WebOfTrustInfo/ld-signatures-java.git more promising


8. Next meeting

Suggested to meet again on 16 Nov 2020
Note: Starting at 18:00 local time in Central Europe


9. AOB

Anders's JSON signature spec: https://github.com/cyberphone/jws-jcs
Use case: https://connect2id.com/blog/how-to-secure-json-objects-with-hmac

 
Submitter Mr. Andreas Kuehne
GroupOASIS Digital Signature Services eXtended (DSS-X) TC
Access This event is visible to OASIS Digital Signature Services eXtended (DSS-X) TC and shared with
  • OASIS Open (General Membership)
  • General Public