19:57:54 RRSAgent has joined #waf 19:57:54 logging to http://www.w3.org/2008/02/06-waf-irc 19:57:56 RRSAgent, make logs member 19:57:56 Zakim has joined #waf 19:57:58 Zakim, this will be WAF 19:57:58 ok, trackbot-ng; I see IA_WAF()3:00PM scheduled to start in 3 minutes 19:57:59 Meeting: Web Application Formats Working Group Teleconference 19:57:59 Date: 06 February 2008 19:58:11 Agenda: http://lists.w3.org/Archives/Public/public-appformats/2008Feb/0027.html 19:58:13 zakim, code? 19:58:13 the conference code is 9231 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), MikeSmith 19:58:39 IA_WAF()3:00PM has now started 19:58:46 +??P3 19:58:51 rrsagent, make logs public 19:58:53 Zakim. who is om the phone? 19:58:58 Zakim, ??P3 is me 19:58:58 +MikeSmith; got it 19:59:06 Zakim. who is on the phone? 19:59:18 +MSEder 19:59:29 zakim, MSEder is ArtB 19:59:29 +ArtB; got it 20:00:10 Zakim, who is on the phone? 20:00:10 On the phone I see MikeSmith, ArtB 20:03:37 +Dave_Orchard 20:04:39 dorchard has joined #waf 20:04:48 zakim, who's on the phone? 20:04:48 On the phone I see MikeSmith, ArtB, Dave_Orchard 20:05:18 ArtB, k 20:05:25 +[Mozilla] 20:05:48 sicking has joined #waf 20:06:01 zakim, Mozilla is Sicking 20:06:01 +Sicking; got it 20:06:17 Zakim, passcode? 20:06:17 the conference code is 9231 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), anne 20:06:23 Scribe: Art 20:06:29 ScribeNick: ArtB 20:06:32 Chair: Art 20:06:45 +anne 20:06:54 Present: Art, Jonas, David, Mike, Anne, Thomas (IRC) 20:07:01 Topic: Review Agenda 20:07:46 AB: we will skip #2 and #3 since there were no comments on those agenda items 20:08:09 Topic: Proposal for a way to avoid round-trip ... 20:08:36 AB: Anne, what's the status? 20:08:42 AvK: pending some comments 20:08:51 ... integrated in the ED now 20:09:13 AB: who are you waiting for comments from? 20:09:24 AvK: everyone i.e. no one in particular 20:09:31 ... Jonas had some comments 20:09:45 JS: not much we can do to tweak this 20:10:06 ... not sure we can do what Mark wants 20:10:31 JS: I think the current spec is as secure as it can be made 20:10:47 AvK: Google says its important as well as the REST guys 20:11:19 AB: does this proposal address the issues the REST guys made 20:11:24 AvK: yes, I think so 20:11:31 JS: but they haven't responded as such 20:11:48 DO: I found it hard to follow; not sure how it all works together 20:12:01 ... may be waiting for it to be integrated in the spec 20:12:10 AvK: I've also added examples to the spec 20:12:30 ... I think I've addressed their concerns 20:12:51 ... If 10 posts, need to do 12 requests total and that's not too bad 20:13:03 JS: would still like to get some more feedback from them 20:13:13 AvK: I agree explicit consent would be better 20:13:33 JS: there a couple of minor details I still want to change but they aren't behavioral 20:13:42 ... e.g. some stuff with the slashes 20:13:56 AvK: must start with a slash but doesn't have to end with one 20:14:30 JS: if I have the foo dir is /foo or /foo/? 20:14:39 ... not clear where to put the policy 20:15:29 JS: it would be good to get some more feedback on the URI syntax 20:15:41 AvK: agree but that would be relatively easy to change 20:17:00 AB: agree we need more review and "explicit consent"; how do we get that? 20:17:09 DO: typically would publish a new WD 20:17:42 AvK: could you send an email to Mark, Tyler, and others? 20:17:52 DO: Stuart and I also raised related concerns 20:17:57 Tyler is Tyler Close 20:18:09 AvK: would like to get quick feedback 20:18:34 DO: the reqs seem to be settling but this is a big change thus a new WD seems like the right way to go 20:18:50 AvK: I suppose a new WD would be OK but prefer a LC 20:19:02 ... we could publish a WD and then in a few weeks go to LC 20:19:34 DO: I think the changes are too substantial to go directly to LC 20:19:52 AvK: there is a precedence to publish a FPWD and LC at the same time 20:20:05 AB: any objections to an immediate new WD? 20:20:22 AvK: don't want it to delay LC 20:20:42 zakim, call thomas-skype 20:20:42 ok, tlr; the call is being made 20:20:44 +Thomas 20:21:04 AB: Mike, what is the Team's position? 20:21:16 ... on WD and LC? 20:22:32 MS: I think there have been too many objections to this work item to publish this as an LC under the current charter and its extension 20:22:51 ... this isn't a final decision by the Team but that's where we stand now 20:23:22 AvK: are these objections from the Team or Members? Where is the archive? 20:23:44 MS: some on the public archive; some based on internal discussions 20:24:03 AvK: I think we've addressed the issues raised 20:24:27 MS: there is a question about whether this spec is within the group's charter 20:25:15 ... The charter is a bit broad 20:25:35 ... I think the group did this work in good faith 20:25:49 ... If people didn't pay attention, that's not this group's fault 20:26:12 ... I don't think anyone tried to "sneak in this work" 20:27:20 I'm not sure what this means for the group publishing another Working Draft though... 20:27:37 TR: I don't have much to add to what Mike said 20:28:06 ... There should not be a LC going out under the current charter 20:28:35 MS: that is true i.e. that's the Team's consensus 20:29:33 AvK: the Selectors spec in the Web API WG was able to go to LC 20:29:52 ... despite going out of charter 20:30:01 TR: I don't know the specifics of that case 20:30:33 JS: one reason this group started this work is because this mechanism is needed by XBL2 20:31:21 AB: I agree and have argued that point 20:31:38 ... Seems like the problem is that we are now in this "limbo" state 20:31:46 http://www.w3.org/TR/selectors-api/ is the precedent I was talking about 20:32:15 MS: not clear how long it will take for the new charter to get approved 20:33:10 ... we have a combination of the "limbo" state but also not clear where this is going to end up in the next charters 20:33:24 DO: we should be able to publish a new WD, right? 20:33:31 ... or is that not allowed? 20:34:27 AB: yes, what is the answer Mike? 20:34:43 MS: I can't make a decision now 20:34:44 q+ 20:34:56 AvK: when will you know? 20:35:36 TR: based on my recollection - there will be no LC pub; I do not recall a decsion on the WD question 20:36:04 ... If the WG wants to publish a "normal" WD then the Team can discuss this 20:36:17 AvK: we want not just a new WD but also a LC 20:36:18 q+ 20:36:21 q- 20:36:59 q+ to say I can go ahead with plan to publish a WD first 20:37:00 DO: I think we should publish a WD and not a LC regardless of precedence 20:37:19 AvK: again, I'm OK with a WD now but then want a LC two weeks later 20:38:40 AB: perhaps we can consensus to publish a WD now and then ask the Team to consider us publishing a LC during the extension period 20:39:22 AvK: I think there is indeed a precedence for us to publish a LC during the extension period 20:40:04 AB: I propose we publish a new WD ASAP 20:40:09 AB: any objections? 20:40:26 [none heard] 20:40:35 AB: any changes you want to make Anne? 20:40:43 AvK: just a few changes 20:40:56 DO: and I have a couple of quick changes I'd like to get in 20:42:11 MS: once we are ready, we should be able to get it published quickly 20:42:39 RESOLUTION: publish a new WD as soon as Anne is ready 20:42:48 DO: let's set a deadline for comments 20:43:00 AB: OK 20:43:14 AvK: let's set the target for next Tuesday 20:43:47 ACTION: Mike determine the Team's position on us publishing a LC version during this extension period 20:43:47 Sorry, amibiguous username (more than one match) - Mike 20:43:47 Try using a different identifier, such as family name or username (eg. mamend, mike) 20:44:30 ACTION: Michael(tm) to determine the Team's position on us publishing a LC version during this extension perioad 20:44:30 Created ACTION-167 - Determine the Team's position on us publishing a LC version during this extension perioad [on Michael(tm) Smith - due 2008-02-13]. 20:44:32 I have no such sense. 20:44:52 AB: Mike, when do you expect the charter to go out for formal AC review? 20:45:14 s/no such sense/no good sense when charter review will happen/ 20:45:46 MS: I will push this and hope to get it out next week 20:46:02 AB: ok, great 20:46:43 MS: I will report back to the group when I have a clearer idea; can't do that today, though 20:47:25 tlr - thanks 20:48:04 -Thomas 20:49:32 q? 20:49:38 q- 20:49:54 Topic: Issue #21 20:51:01 AB: are there any gaps or holes that need to be filled? 20:51:15 ... the latest ED contains a lot of info to address this issue 20:51:59 JS: we used to have a description about what can currently be done regarding XSS but it was removed 20:52:19 ... would like to know why it was removed because it seems like that info is relevant for the Security Model 20:52:53 AvK: I think we just changed the Intro; it's bit more abstract now 20:53:03 ... we still mention the Same Origin Policy 20:53:31 AB: Jonas, can you identify the text you'd like to get added? 20:53:40 JS: yes, I can submit something 20:56:10 ACTION: Jonas submit an input that will result in closing Issue #21 20:56:10 Created ACTION-168 - Submit an input that will result in closing Issue #21 [on Jonas Sicking - due 2008-02-13]. 20:56:52 action-155? 20:56:52 ACTION-155 -- Jonas Sicking to send a request for comments regarding the policy decision questions and issues -- due 2008-01-30 -- CLOSED 20:56:52 http://www.w3.org/2005/06/tracker/waf/actions/155 20:57:15 issue-21? 20:57:15 ISSUE-21 -- What is the Security Model for the access-control spec? -- RAISED 20:57:15 http://www.w3.org/2005/06/tracker/waf/issues/21 20:57:40 Topic: Issue #20 20:58:42 AB: have a detailed discussion on the mail list 20:59:53 ... we've had inputs from Thomas, Tyler, Jonas and maybe others 20:59:58 ... Jonas: http://lists.w3.org/Archives/Public/public-appformats/2008Feb/0007.html 21:00:30 ... just want to discuss how to get consensus and keep the technical discussion on the mail list 21:01:00 JS: need to have some policy enforcement in the client 21:01:17 AvK: I want to close 21:01:32 DO: I'm still concerned about this issue 21:01:48 ... we've been discussing this issue internally 21:01:56 ... I'm not prepared to close it now 21:02:03 JS: but we need feedback on this issue 21:02:21 DO: I understand; it's been hard to get the right people in BEA involved 21:02:37 ... I've been talking to other people too; I'm active on it 21:03:03 JS: currently client PEP adds complexity 21:03:17 ... wonder if we have added to many features 21:03:24 -MikeSmith 21:03:31 ... but I'll post my comments on the mail list 21:03:44 dorchard has joined #waf 21:06:23 billyjack has joined #waf 21:06:33 [ some discussion missing ... ] 21:07:03 Zakim, code? 21:07:03 the conference code is 9231 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), billyjack 21:07:26 sicking: 21:07:27 Topic: Issue #22 ac4csr-webarch 21:07:39 +[IPcaller] 21:07:50 sicking, so dropping method whitelisting? 21:07:53 Zakim, IPcaller is me 21:07:53 +billyjack; got it 21:08:01 anne, yes 21:08:46 AB: what should we do with this? 21:08:47 seems fine to me... less text :) 21:08:58 DO: I thought the Hixie and Anne proposal addressed it 21:09:03 AvK: yes I agree 21:09:15 DO: I think we should resolve it as closed 21:09:38 ACTION: Orchard close issue #22 21:09:38 Created ACTION-169 - Close issue #22 [on David Orchard - due 2008-02-13]. 21:09:58 Topic: AOB 21:10:20 AB: do we want to have a call next week? 21:10:26 AvK: I'm fine either way 21:10:43 DO: hopefully we should have just published a WD and may not have much to talk about 21:10:50 AB: I tend to agree 21:10:55 AvK: what about two week? 21:11:21 AB: sounds good and hopefull Mike will have an answer from tthe Team regarding LC by then 21:11:44 JS: Mozilla is going to do a security review next Tuesday 21:11:57 ... it is open to the public and anyone can dial in 21:12:04 ... I will post details to the mail list 21:12:18 AB: listen mode only OK? 21:12:22 JS: absolutely 21:13:00 MS: yes, two weeks should be enough time 21:13:14 AB: no call next week; next call on Feb 20 21:13:32 -Dave_Orchard 21:13:41 AB: meeting adjourned 21:13:41 -anne 21:13:43 -billyjack 21:13:45 -Sicking 21:13:46 -ArtB 21:13:46 IA_WAF()3:00PM has ended 21:13:47 Attendees were MikeSmith, ArtB, Dave_Orchard, Sicking, anne, Thomas, billyjack 21:13:55 rrsagent, make minutes 21:13:55 I have made the request to generate http://www.w3.org/2008/02/06-waf-minutes.html ArtB 21:14:34 Present: Art, Anne, Mike, Jonas, David, Thomas 21:14:41 rrsagent, make minutes 21:14:41 I have made the request to generate http://www.w3.org/2008/02/06-waf-minutes.html ArtB 21:15:02 zakim, bye 21:15:02 Zakim has left #waf 21:19:58 rrsagent, bye 21:19:58 I see 4 open action items saved in http://www.w3.org/2008/02/06-waf-actions.rdf : 21:19:58 ACTION: Mike determine the Team's position on us publishing a LC version during this extension period [1] 21:19:58 recorded in http://www.w3.org/2008/02/06-waf-irc#T20-43-47 21:19:58 ACTION: Michael(tm) to determine the Team's position on us publishing a LC version during this extension perioad [2] 21:19:58 recorded in http://www.w3.org/2008/02/06-waf-irc#T20-44-30 21:19:58 ACTION: Jonas submit an input that will result in closing Issue #21 [3] 21:19:58 recorded in http://www.w3.org/2008/02/06-waf-irc#T20-56-10 21:19:58 ACTION: Orchard close issue #22 [4] 21:19:58 recorded in http://www.w3.org/2008/02/06-waf-irc#T21-09-38