See also: IRC log
<Mez> http://www.w3.org/2008/08/13-wsc-minutes.html
mez: approved
<Mez> http://www.w3.org/2006/WSC/track/actions/open
mez: standard set of open action
items, i don't know of any extras
... first agenda, working through our first test scenario
... on vacation for the next two weeks
... tlr will chair
<Mez> work through test scenario for 6.1.1 and 6.1.2
mez: someone should be in the wiki writing done the test scenario
thomas to capture conversation for wiki
<tlr> http://www.w3.org/2006/WSC/wiki/TestCases
<Mez> http://www.w3.org/TR/wsc-ui/#identity-requirement
mez: what will the test scenario be for viewing the identity information in the primary interface
tlr: there is a lot of check it off the list if it's ok in 6.1.1, they might depend on the individual browser
mez: do we ask them to go to the url and look for it
steele: the identity signal is consistent as the user navigates
tlr: an interesting question about the enumeration of conditions are things affected by the implementation in the second parapraph
s/pararaph/paragraph
mez: have we handled the second paragraph
tlr: the 3rd talks about
consistency
... the UA must indicate no information is available
... the test would using the identity signal when interacting
with different classes of websites
<steele> with a pinned cert?
tlr: set to test: plain http,
https with regular cert, https with ev certs, https with broken
ev cert, and possible cert conditions
... which we might find when testing for certificate
errors
... we need more precise situations for these
... we need to understand the sites one visits when the
identity information is available
mez: a forward reference to 6.1.2
<tlr> issue: clarify "positive form of identity" language in 6.1.1
<trackbot> Created ISSUE-215 - Clarify \"positive form of identity\" language in 6.1.1 ; please complete additional details at http://www.w3.org/2006/WSC/track/issues/215/edit .
mez: are we up to the 4th
paragraph?
... why is the last line about web content there in 6.1.1
tlr: need to add material for
when identity information is available
... the last sentence, as i read it, is that the identity
signal is security chrome, might need an editorial
clarificaiton
... the must in the last sentence might be redundant
... should deal with it in 7.1.4
mez: So we have a draft to cover 6.1.1
tlr: and we need to have the webpages with special variables to run this against
mez: planning the testbed? is that a different discussion?
tlr: let's focus on what the tests mean in the first place
mez: moving on to 6.1.2
tlr: sounds like another
requirement that depends on how the UA shows it
... it should also be dealt with when there are many
implementations
mez: i thought the test plan would cover what we need to do to make that claim
tlr: some things might be inspection of X, it's hard to test the absence of something
mez: so we'll have activities around verifying that there are conforming implementations not in the test plan
tlr: no, i'm having a hard time
saying the questions we're asking are tested
... there is a difference between a test plan and a test
<tlr> me too
mez: i like having one place to
cover everything
... don't care what name it has
... point in wiki on identity signal content
<tlr> I'm not actually sure it's code inspection.
steele: it sounds like we're
requiring code inspection?
... is that gonna fly?
<Mez> someone in adobe claims they checked, it's good
mez: doesn't need to be an external person
<Mez> we nod our heads sagely
tlr: we could give a checklist but someone has to check it, maybe not our place to say how it happens
mez: we talked about it last
week, how exposed do the tests need to be
... in the public? unnecessary, other tests have been done in
house
... don't know of a good alternative for code that isnt' open
source
... test cases for top-level that's at least AA/EV
tlr: we need to enumerate, tls
secured webpage, and webpages where any of the criteria do not
apply
... do/do not apply and need to verify the behavior in the
cases
mez: tables format?
tlr: painful to do on phone and
in wiki
... ... maybe someone should go through and write up what it
should be
... there are some conclusions that derive from the initial
spec that is useful
mez: something to do at the end
of the call?
... we're doing in the call because of lack of volunteers to do
it another time
<tlr> ACTION: baker to drive test case matrix for 6.12 - due 2008-09-03 [recorded in http://www.w3.org/2008/08/20-wsc-minutes.html#action01]
<trackbot> Sorry, couldn't find user - baker
<tlr> ACTION: phb to drive test case matrix for 6.12 - due 2008-09-03 [recorded in http://www.w3.org/2008/08/20-wsc-minutes.html#action02]
<trackbot> Created ACTION-502 - drive test case matrix for 6.12 [on Phillip Hallam-Baker - due 2008-09-03].
tlr: covers 6.1.2 in the
spec
... looking through, we have conditions under which information
is displayed, and we need cases where it is displayed
... shall we move further through the spec?
steele: in 6.1.2, phb's action
item, is it a list of candidate certificates and how they'll be
displayed?
... what do you mean by all the different cases
tlr: for the different types of certificates and the content conditions where they may be used, the cases need to be enumerated and the input needs to be broken into categories based on the interactions that occur, and state the output of the identity information
steele: 6.1.2 seems to talk about
other properties of the certificate
... how does each certificate behave under conditions
tlr: would be a great piece of input
mez: not enough time to get another section done in remaining time
tlr: 6.3
... if we know the states when it should display we should know
when the indicator should be present
... it appears the cases from 6.1 will cover it, but we should
check
... is there anything else to say about 6.3 now
mez: need output from phb's
action-502
... will that get folded into the parts that are there after it
is fleshed out
... ok, good start, having worked examples is useful, any
topics to bring up for next week
tlr: i'll plan to go over the comments we have so far, right now there's at least one comment to look at