See also: IRC log
<tlr> ScribeNick: yngve
<ses> Advance regrets for next meeting --- it's during IEEE Security and Privacy (Oakland)
tlr: minutes accepted
diffmk highlights changes ?
tlr: yes
<tlr> ACTION-185, ACTION-186, ACTION-168 to be closed
tyler: two people looked at it.
... yngve has worked with the template
<tlr> RecRevisitingPastDecisions
<tlr> http://lists.w3.org/Archives/Public/public-wsc-wg/2007May/0023.html
<rachna> I have a question about the template content.
rachna: should template include attacks?
tyler: need list of attacks
rachna: have a list of attacks in mind
tlr: updated threath tree
rachna: will put list on wiki
<ses> (I wouldn't be so sure that all threats in Rachna's mind are on the tree. The tree definitely has missing branches)
<tlr> http://www.w3.org/2006/WSC/wiki/ThreatTrees
rachna: example threat is spoofing
<bill-d> yes
bill-d: we have an info-sec group internally
<tlr> ACTION: doyle to solicit commentary on Thread Trees from MITRE INFOSEC community - due 2007-06-15 [recorded in http://www.w3.org/2007/05/16-wsc-minutes.html#action01]
<trackbot> Created ACTION-214 - solicit commentary on Thread Trees from MITRE INFOSEC community [on Bill Doyle - due 2007-06-15].
<tlr> due date on ACTION-214 tentative; action dependent on ACTION-215
<tlr> ACTION: rdhamija2 to revisit threat trees, match to her list of attacks, make explicit, turn into note material [recorded in http://www.w3.org/2007/05/16-wsc-minutes.html#action03]
<trackbot> Created ACTION-215 - to revisit threat trees, match to her list of attacks, make explicit, turn into note material [on Rachna Dhamija - due 2007-05-23].
tlr: what do tyler think about adding attacks
tyler: will not hurt
<tlr> proposed: use cases and attacks that are addressed go into the template; attacks not addressed listed as limitations
<tlr> ACTION: tyler to update template accordingly [recorded in http://www.w3.org/2007/05/16-wsc-minutes.html#action04]
<trackbot> Created ACTION-216 - Update template accordingly [on Tyler Close - due 2007-05-23].
tlr: uncertain about timeline moving all recommendations into template
tyler: completion will probably be delayed
... will look at yngve's submission
<tlr> agendum for next meeting: check in on status of editing for recommendation
<rachna> can you explain what conformance clause means? Sorry I missed it.
<tlr> tlr: conformance clause is the thing that you comply with or not
<tlr> ... abstract away from concrete user interfaces ...
<tlr> ... augment with implementation techniques ...
<tlr> phb: haven't given lightning talk on Secure Letterhead, yet, might have been confused with EV
<tlr> tlr: phb, please put it into the Wiki under "to be discussed"
<tlr> ACTION: hallam-baker to enter Secure Letterhead proposal into Wiki; link from "to be discussed" [recorded in http://www.w3.org/2007/05/16-wsc-minutes.html#action05]
<trackbot> Created ACTION-217 - Enter Secure Letterhead proposal into Wiki; link from \"to be discussed\" [on Phillip Hallam-Baker - due 2007-05-23].
<tlr> ACTION: thomas to start e-mail thread on conformance sections [recorded in http://www.w3.org/2007/05/16-wsc-minutes.html#action06]
<trackbot> Created ACTION-218 - Start e-mail thread on conformance sections [on Thomas Roessler - due 2007-05-23].
tlr: f2f in two weeks
<tlr> http://lists.w3.org/Archives/Public/public-wsc-wg/2007May/0050.html
tlr: planned discussion about QA, testing
etc.
... what are our remaining steps about notes
... missing agenda: how are we going to update note
<tlr> deadline for update of note is 2 June
tyler: lots of w3c process that must be discussed
tlr: may do updated draft without approval
... what should be discussed before f2f, and what can be discussed at f2f?
tyler : should check own action items [scribe's understanding: all members]
<sduffy> tyler, I will be available to help close those out as soon as you and I catch up offline
scribe: may put what is declared as having concesus into draft
<tlr> agendum for next call: updated working draft of Note, to be done before 2 June
scribe: suggest roll call of open actions items against draft next phone meeting
<tlr> tyler will lead agendum 11 (note issues discussion) at face-to-face
tlr: no further comments about f2f agenda
<asaldhan> tlr: f2f can be attended by phone?
tlr: f2f can be attended by phone
johnath: broken padock
... padlock mixes signals, used to deduce trust [even if it is not designed
for it]
... MS moving to green bar
... need an indicator in primary UI for verifiable identity
... safety is slippery concept
... can't [really] tell if it is safe to shop even with EV
tlr: coming close to discussion about
selfsigned certs
... problem with second guessing what the user wants
hal: must view in context of other proposals
audian: [identity indicator] have more tech
integrity than padlock
... bigger question: does it mean safe to shop?
audian: better than padlock
sduffy: consumer assumes padlock anywhere means its OK
?:user do not think about difference between chrome and content
<asaldhan> I support this signal because it is a functionality of an user agent and not some web page.
<rachna> An illegitimate site may copy Larry into the content. Users will have to recognize two Larry's and know about the new ritual to click on the right one in the address bar. This is something we can test.
<asaldhan> provided the security verification service is somebody credible
bill-d: padlock bundles lots of things
... perhaps break things out of padlock?
<tlr> Larry = the guy checking the passport
johnath: breaking the padlock apart may separate questions about identity, safe to shop, etc...
<johnath> johnath: we resist this being a new padlock, because it's not about safety. Spoofing is always a concern, but spoofing an identity indicator is less valuable because on a legit site, they don't need to, and a scam site will not benefit as much since there is always an identity indicator present, unlike the padlock
tlr: is there a notion about type of
interactions to get information
... e.g trust ratings
... should be part of a proposal
<johnath> blame the time overrun on my voip issues
audian: like ev cert, but chrome can be spoofed
<rachna> I agree with Audian. Picture in Picture attacks are hard for users to detect. Trust indicators whether they be identity or security indicators lend credibility and will always be spoofed. The only improvement here may be if users learn the new ritual.
johnath: mozilla moving padock, ev might impede
some phishing
... green bar not competing with anything in chrome
johnath: identtiy instead of safety will [missed that]
<tlr> ACTION: nightingale to update IdentitySignal to cover discussion on call, and match RecTemplate [recorded in http://www.w3.org/2007/05/16-wsc-minutes.html#action08]
<trackbot> Created ACTION-219 - to update IdentitySignal to cover discussion on call, and match RecTemplate [on Johnathan Nightingale - due 2007-05-23].
<tlr> deferred due to lack of critical parties
<rachna> I will need to be bumped as well
<tlr> tlr: bumped to when?
<rachna> sorry. next week is fine
<tlr> to be done when MEZ is here
<tlr> to be done next week or later
tlr: meeting adjourned