See also: IRC log
[PENDING] ACTION: DanC to look into adding "note well..." notice to webdav, uri lists [recorded in http://www.w3.org/2005/08/15-ietf-w3c-minutes]
[DROPPED] ACTION: Philippe to check with Martin about the status of file: [recorded in http://www.w3.org/2005/08/15-ietf-w3c-minutes]
Ted: Larry said he intends to do it
DanC: yes, I saw that
Toward a More Secure Web — W3C Workshop on Transparency and Usability of Web Authentication , 15/16 March 2006 — New York City, USA
Thomas: program committee is reviewing position papers. workshop is focussed on user experience of web browsing, and security problems there. we have participation from financial services, [missed], browser vendors. workshop program to appear in a week or so
<timbl> User interface aspects of the browser security problem.
Ted: DKIM WG is chartered. 1st meeting at the upcoming Dallas IETF. In the security area. I think the milestones in the DKIM charter are up-to-date. there were some concerns about the openness of the original designers to accept changes, but they've acommodated request for incompatible change
DanC: some W3C members are asking about "what should a large user org do?"
Ted: you could tell them to be sure their DNS service doesn't block resource records.
(it would be nice to have a pointer to a nice article aimed at sysadmins of large enterprises)
Thomas: level on consensus for the threats & reqs document?
Ted: there's WG last call and IETF last call… consensus is rough, but basically there; there seems to be critical mass of support for an important use case. [… some technical explanation of a case that is not covered… zombies and granularity of domain policies… ]. Some community disagreement about whether or not there needs to be support for distinguishing between different e-mail addresses @ the same domain. See also Handling of Unknown DNS Resource Record (RR) Types.
(this case seems to go beyond what I see as critical requirements)
TimBL: what do the signatures look like? PGP? PKI?
<Leslie> BTW -- to refresh peoples' memories -- we did talk about DKIM on our last call (at the time it had bof'ed once, and was lining up to BOF in Vancouver)
Ted: it's like disconnected CMS in S/MIME, but it's new… a critical question is: which parts of the message are signed?
Ted: the DMSP is a proposal for a Distributed Multimodal Synchronization Protocol. a protocol for stuff that goes between components of, e.g., a voice browsing system [?]
Ted: DIX didn't make Vancouver, but are having a BOF in Dallas. See IETF 65 BOF Announcement: Digital Identity Exchange (DIX)
<Thomas> DIX BOF won't be reviewing a charter
<Thomas> Folks involved in SAML agree it's not too much of an overlap
Ted: DSMP BOF is unlikely for Dallas; they may have time in the Real-Time Applications and Infrastucture (RAI) Area open meeting
[Multimodal Interaction Activity]
Thomas: interaction with MS Infocard?
(I'm curious about DIX compared to OpenID too.)
Ted: dunno; ask scott in email?
[Ted is excused]
<Leslie> speaking as a mailing list reader, not anything else — it seems like the dix proposal as currently stated is very much in danger of overruning other efforts. That's one of the things that will have to get fixed.
Philippe: It looks like there are issues with the copying permissions in the IETF Problems with the IETF's copying permissions…
John: yes, we've heard that issue raised. it's an ongoing discussion.
“The license in RFC 2026 [2] gave third parties the right to produce unrestricted derivative works, under some conditions.”
John: it's a question of rights to produce derivative works, expecially code excerpts
Dan: ah. yes. W3C has a separate software license for those reasons.
no news.
DanC: I'm curious about VCalendar testing… esp w.r.t. hCalendar and microformats
no urgency
<plh> Monday, October 2, 2006, 2pm Eastern?
Leslie: as opposed to 3x/yr?. 1st week June?
June 5, 2006, 2pm Eastern?
Mon, 5 Jun 2006 2p Boston time OK for Dan
RESOLUTION: to meet again Mon, 5 Jun 2006 2pm Boston time. Leslie to chair, though various risks noted