IRC log of bpwg on 2008-09-09

Timestamps are in UTC.

13:57:20 [RRSAgent]: RRSAgent has joined #bpwg
13:57:20 [RRSAgent]: logging to http://www.w3.org/2008/09/09-bpwg-irc
13:57:49 [jo]: rrsagent, pointer?
13:57:49 [RRSAgent]: See http://www.w3.org/2008/09/09-bpwg-irc#T13-57-49
13:58:03 [jo]: rrsagent, make minutes
13:58:03 [RRSAgent]: I have made the request to generate http://www.w3.org/2008/09/09-bpwg-minutes.html jo
13:58:17 [jo]: rrsagent, make logs public
13:59:41 [jo]: zakim, byte
13:59:41 [Zakim]: I don't understand 'byte', jo
13:59:47 [jo]: zakim, bye
13:59:47 [Zakim]: leaving. As of this point the attendees were jo, Francois, +0752568aaaa, tomhume
13:59:47 [Zakim]: Zakim has left #bpwg
13:59:55 [jo]: rrsagent, byte
13:59:55 [RRSAgent]: I'm logging. I don't understand 'byte', jo. Try /msg RRSAgent help
14:00:06 [francois]: tarckbot, start telcon
14:00:10 [jo]: rrsagent, bye
14:00:10 [RRSAgent]: I see no action items
14:00:15 [RRSAgent]: RRSAgent has joined #bpwg
14:00:15 [RRSAgent]: logging to http://www.w3.org/2008/09/09-bpwg-irc
14:00:17 [trackbot]: RRSAgent, make logs public
14:00:17 [Zakim]: Zakim has joined #bpwg
14:00:19 [trackbot]: Zakim, this will be BPWG
14:00:19 [Zakim]: BPWG matches both Team_(bpwg)13:46Z and MWI_BPWG(CTTF)10:00AM
14:00:20 [trackbot]: Meeting: Mobile Web Best Practices Working Group Teleconference
14:00:20 [trackbot]: Date: 09 September 2008
14:00:24 [francois]: Chair: francois
14:00:30 [francois]: Agenda: http://lists.w3.org/Archives/Public/public-bpwg-ct/2008Sep/0007.html
14:00:36 [francois]: zakim, code?
14:00:36 [Zakim]: sorry, francois, I don't know what conference this is
14:00:42 [Pontus]: Pontus has joined #bpwg
14:00:48 [francois]: zakim, this will be MWI_BPWG
14:00:51 [Zakim]: ok, francois, I see MWI_BPWG(CTTF)10:00AM already started
14:00:56 [francois]: zakim, code?
14:00:56 [Zakim]: the conference code is 2283 (tel:+1.617.761.6200 tel:+33.4.89.06.34.99 tel:+44.117.370.6152), francois
14:01:00 [rob]: rob has joined #bpwg
14:01:41 [Zakim]: +Francois
14:01:59 [Zakim]: +tomhume
14:02:23 [francois]: zakim, who is on the call?
14:02:52 [Zakim]: On the phone I see hgerlach, Francois, tomhume
14:03:22 [Zakim]: +rob_finean
14:03:55 [jo]: zakim, who is here?
14:03:58 [Zakim]: +Pontus
14:04:31 [Zakim]: + +03531522aaaa
14:04:50 [jo]: zakim, aaaa is dotMobi
14:04:55 [Zakim]: On the phone I see hgerlach, Francois, tomhume, rob_finean, Pontus, +03531522aaaa
14:04:59 [jo]: zakim, dotMobi holds jo
14:05:42 [jo]: zakim, wake up
14:05:56 [Zakim]: +dotMobi; got it
14:06:05 [Zakim]: On IRC I see rob, Pontus, Zakim, RRSAgent, hgerlach, tomhume, jo, francois, trackbot, matt, dom
14:06:11 [Zakim]: +jo; got it
14:06:29 [jo]: scribe: Jo
14:06:55 [jo]: Topic: Introductions
14:06:56 [Zakim]: I don't understand 'wake up', jo
14:08:11 [jo]: francois: introduces Tom as an Invited Expert with specific mobile development expertise to enhance representation from that side
14:08:27 [jo]: ... and to help reolve the last call comments
14:08:33 [jo]: ... so round the table
14:08:57 [jo]: ... I am the staff contact for BP and lead the CTTF "I am here to help"
14:09:39 [jo]: heiko: I work for Vodafone and own content adaptation in VOdafone
14:09:58 [jo]: pontus: from Ericsson have been working on the CT product
14:10:09 [jo]: rob: from Openwave responsible for OpenWeb
14:10:21 [SeanP]: SeanP has joined #bpwg
14:10:52 [jo]: jo: from dotMObi, co-chair of BP and editor of CT doc
14:11:34 [jo]: tom: I am MD of Future Platforms and increasingly involved in mobile Web hence come across transformation
14:12:05 [jo]: s/MObi/Mobi/
14:12:28 [jo]: Topic: Future of the Task Force
14:13:14 [jo]: rancois: just wanted to review this, before August we thought we might be able to stop the TF and move the work back to the WG but with the number of comments think it is appropriate to continue the TF
14:13:14 [hgerlach]: me
14:13:22 [jo]: +1 to continuing the TF
14:13:24 [Zakim]: +SeanP
14:13:52 [jo]: heiko: need to get comments done asap should not keep people waiting
14:14:19 [jo]: francois: don't think we can do it in 2 weeks but yes we seem to be agreed
14:14:24 [hgerlach]: +1
14:14:31 [jo]: q+
14:14:41 [jo]: Topic: Sharing the workload
14:15:19 [jo]: francois: I split the comments up between the TF members and wanted people to be responsible so we can just get on it with it, the allocation is random
14:15:23 [francois]: ack jo
14:15:38 [jo]: ack me
14:15:51 [jo]: Topic: Introductions (bis)
14:16:04 [jo]: francois: introduces Tom to SeanP who just joined
14:16:14 [jo]: seanp: work for novarra
14:16:24 [jo]: tom: (per the above)
14:16:43 [jo]: Topic: Sharing the workload (bis)
14:17:21 [jo]: francois: was just trying to find a way to go faster rather than to impose anything on anyone
14:18:05 [francois]: zakim, mute SeanP
14:18:05 [Zakim]: SeanP should now be muted
14:18:09 [jo]: ... I left 2 unallocated to deal with today
14:18:16 [francois]: zakim, unmute SeanP
14:18:16 [Zakim]: SeanP should no longer be muted
14:18:18 [jo]: zakim, who is noisy?
14:18:28 [Zakim]: jo, listening for 10 seconds I heard sound from the following: dotMobi (30%), tomhume (61%), Francois (36%)
14:18:38 [francois]: zakim, mute tomhume
14:18:38 [Zakim]: tomhume should now be muted
14:19:16 [francois]: -> http://lists.w3.org/Archives/Public/public-bpwg-ct/2008Sep/0008.html Division of the Last Call comments
14:19:19 [jo]: ... any objections to my allocation of coments?
14:20:09 [jo]: ... person responsible to read and summarise the comment and the position we took before, linking where appropriate, and propose changes tot he spec or provide a rationale for saying no, etc.
14:20:25 [jo]: ... done on the mailing list and hence go faster on the call?
14:20:37 [jo]: ... any views?
14:20:41 [hgerlach]: q+
14:20:45 [jo]: +1 to the allocation as it stands
14:21:14 [jo]: heiko: I think I am the only one who can't do anything with the Vary header so would prefer not to do that
14:22:13 [jo]: jo: I'll take 2081 and 2088
14:22:17 [hgerlach]: q+
14:22:24 [francois]: ack hgerlach
14:22:25 [jo]: ack hg
14:23:33 [hgerlach]: +1
14:24:46 [jo]: Topic: Section 4.15
14:24:53 [jo]: s/15/1.5/
14:25:37 [francois]: http://www.w3.org/2000/06/webdata/xslt?inclusion=1&xslfile=http%3A%2F%2Fwww.w3.org%2F2003%2F12%2Fannotea-proxy&xmlfile=http%3A%2F%2Fcgi.w3.org%2Fcgi-bin%2Ftidy-if%3FdocAddr%3Dhttp%253A%252F%252Fwww.w3.org%252FTR%252F2008%252FWD-ct-guidelines-20080801%252F&annoteaServer=http%3A%2F%2Fwww.w3.org%2F2006%2F02%2Flc-comments-tracker%2F37584%2FWD-ct-guidelines-20080801%2Fannotations#sec-altering-header-values
14:26:06 [francois]: http://www.w3.org/2006/02/lc-comments-tracker/37584/WD-ct-guidelines-20080801/search/?responseFilter=incl&section=sec-altering-header-values&
14:27:10 [jo]: q+
14:27:21 [francois]: ack jo
14:28:44 [SeanP]: q+
14:28:50 [jo]: jo: I will take on making proposed responses but first think that we need to agree a policy
14:29:13 [jo]: ... for example I would not be averse to a document that said don't change any headers
14:29:33 [jo]: ... but I think the members of the TF need to express views
14:29:48 [francois]: ack SeanP
14:30:29 [jo]: seanp: I like it as it is, think it is practical as it is written to meet the reality of how it is being done now as well as being consistent with the way the group sees content developing
14:30:47 [jo]: rob: the comments seem mainly about POSTs - is that right?
14:31:00 [jo]: francois: hmmm, not really
14:31:23 [jo]: rob: oops, I was reading the wrong section
14:31:46 [jo]: q+
14:32:22 [francois]: ack jo
14:32:41 [jo]: rob: we came up with this text because we thought that altering the user agent is a good way of getting content to a device that oherwise would not be able to get it
14:33:37 [hgerlach]: q+
14:33:52 [francois]: jo: I don't preempt discussion on this, but the rationale is twofold: 1. otherwise content would be blocked. I'm personally unaware of this happening. To be fair, we should have more statistics.
14:34:16 [francois]: ... 2. because some people want the reformatted view.
14:34:46 [francois]: ... Not much to say about that apart from the fact that it may occur.
14:36:18 [jo]: jo: I think we need to justify with some figure how frequently servers respond with a 406 or equivalent that blocks the user getting a response, which is the main justification for the. The other justification, which is tha the user has requested a restructured desktop experience seems to me at least conceivable, but to what extent to we need to accommodate that possibility?
14:36:38 [francois]: ack hgerlach
14:37:33 [jo]: heiko: In general I agree with Jo - but should we differentiate between different heades - e.g. the User agent might be special, other headers should probably be treated differently
14:38:25 [jo]: ... I think that the 406 is something different which is why I mentioned earlier that we should have a white list
14:38:49 [jo]: francois: what other headers do you think are problematical, the section benefits from being generic
14:38:52 [jo]: q+
14:38:56 [francois]: ack jo
14:40:39 [jo]: jo: I do think we should distinguish between rejection with 406 because of incomptible accepts vs incompatible User Agents
14:41:25 [SeanP]: q+
14:41:31 [jo]: francois: well, aaron had an action a while back about this, maybe we should re-awaken his action
14:42:12 [jo]: jo: sure, google would be well placed to do this if they were able, if they aren't then we will have to do it elsewhere in the group
14:43:21 [SeanP]: ack me
14:43:41 [jo]: francois: so you're suggesting we need to test if we can be stricter about the user agent not being changed - and continue to be strict about the accept-* ?
14:43:53 [jo]: [discussion about who can supply info]
14:44:07 [jo]: seanp: I can see if we have anything on that
14:44:16 [jo]: q+
14:44:21 [francois]: ack jo
14:44:40 [jo]: francois: I'll take an action to get back to aaron
14:44:49 [jo]: jo: I can look and see if we have anyting too
14:45:11 [jo]: action: daoust to get back to aaron from google to see if he can get some stats for us
14:45:11 [trackbot]: Created ACTION-842 - Get back to aaron from google to see if he can get some stats for us [on François Daoust - due 2008-09-16].
14:46:02 [jo]: action: jo to see if he can come up with wording on this section that might accommodate everyone
14:46:02 [trackbot]: Created ACTION-843 - See if he can come up with wording on this section that might accommodate everyone [on Jo Rabin - due 2008-09-16].
14:46:40 [jo]: action-843+ (the section in question being 4.1.5)
14:47:06 [jo]: topic: 4.3.6.2 HTTPS link rewriting
14:47:21 [francois]: http://www.w3.org/2000/06/webdata/xslt?inclusion=1&xslfile=http%3A%2F%2Fwww.w3.org%2F2003%2F12%2Fannotea-proxy&xmlfile=http%3A%2F%2Fcgi.w3.org%2Fcgi-bin%2Ftidy-if%3FdocAddr%3Dhttp%253A%252F%252Fwww.w3.org%252FTR%252F2008%252FWD-ct-guidelines-20080801%252F&annoteaServer=http%3A%2F%2Fwww.w3.org%2F2006%2F02%2Flc-comments-tracker%2F37584%2FWD-ct-guidelines-20080801%2Fannotations4.6.3
14:47:37 [francois]: http://www.w3.org/2006/02/lc-comments-tracker/37584/WD-ct-guidelines-20080801/search/?responseFilter=incl&section=sec-https-link-rewriting&
14:48:26 [jo]: francois: we got lots of comments and the comments are about saying that HTTPS links should not be re-written in any circumstances as it is a man in the middle attack
14:49:05 [jo]: ... either we say this is not allowed or we stick to the text we have amended a bit
14:49:25 [jo]: ... positions and volunteers to address these coments?
14:49:28 [SeanP]: q+
14:49:32 [francois]: ack SeanP
14:50:31 [jo]: sean: we have a pretty good statement in the document - if you outlaw this you can't get to your mail etc. - a lot of the comments refer to banks but there are a lot of other sites that you can't go to which have less security requirements
14:50:53 [jo]: francois: I don't have a clear position, I understand both the need and the danger
14:50:57 [hgerlach]: maybe just add "towards "server and user" at the end
14:51:17 [jo]: ... if anything I'd say it just should not be allowed
14:51:31 [jo]: ... but agree that some applications don't have to be that secure
14:51:41 [jo]: ... any more thoughts?
14:51:49 [tomhume]: q+
14:51:51 [jo]: ... anyone want to take this on?
14:51:55 [francois]: ack tomhume
14:52:36 [jo]: tom: one of the difficulties here is that it pushes an understanding of the mechanisms on to the user who probably doesn't understand what is going on
14:52:57 [hgerlach]: yes, but this is the same with a native browser e.g. firefox
14:52:59 [jo]: ... not even clear on the web now, with regular desktop browsers
14:53:18 [jo]: francois: agree, what do you think would help ref the user
14:54:02 [jo]: tom: yes, good idea, but can't think of an easy way to do this avoiding malicious attacks in the context of a mobile device
14:54:24 [rob]: q+ to echo Sean's comment; many websites use HTTPS login even though the content isn't sensitive. As Tom says, the end-user somehow makes a decision about what is secure enough to read email vs what is secure enough for online banking
14:54:32 [jo]: francois: how about noting that and thinking about it, can I assign you the comments
14:55:23 [jo]: ... a fresh look at the section by someone who did not participate in the previous discussions
14:55:49 [jo]: q?
14:56:04 [dom]: re https, the web security context guidelines might have some useful definitions and ideas to solve that problem: http://www.w3.org/TR/2008/WD-wsc-ui-20080724/
14:56:06 [francois]: ack rob
14:56:06 [Zakim]: rob, you wanted to echo Sean's comment; many websites use HTTPS login even though the content isn't sensitive. As Tom says, the end-user somehow makes a decision about what is
14:56:10 [Zakim]: ... secure enough to read email vs what is secure enough for online banking
14:56:50 [jo]: rob: there is a difference between logging in to hotmail, where everything subsequent to login is done in the plain anyway
14:57:48 [jo]: ... there is an education of the end-users to do, to allow them to use some kind of login that uses https for that kind of thing, but not use it for banking, I don't think we should ban this completely
14:58:11 [jo]: francois: but shouldn't we put the load on the CP in that if they don't need https they shouldn't use it
14:58:24 [SeanP]: q+
14:58:41 [francois]: ack SeanP
14:58:42 [jo]: ... but there is more than that - https is used to protect content in both cases
14:59:49 [jo]: sean: I agree with most of what Rob says - https is secure from the user to the operator then from operator to Content Provider - so if you trust your operator you are probably OK if not you should not be using HTTPs through a proxy
15:00:47 [jo]: jo: points out that Dom pasted the link: http://www.w3.org/TR/2008/WD-wsc-ui-20080724/
15:01:06 [jo]: francois: we should take a look at this
15:01:53 [jo]: francois: aob
15:02:14 [jo]: francois: we seem to have assigned all the comments so go ahead and discuss on the mailing list
15:02:27 [Zakim]: -Pontus
15:02:32 [jo]: s/francois: aob/Topic: AOB
15:02:36 [hgerlach]: great, bye!;-)
15:02:45 [Zakim]: -hgerlach
15:02:53 [Zakim]: -Francois
15:02:56 [Zakim]: -SeanP
15:02:58 [jo]: zakim, drop me
15:03:00 [Zakim]: sorry, jo, I do not see a party named 'jo'
15:03:02 [Zakim]: -rob_finean
15:03:02 [francois]: RRSAgent, draft minutes
15:03:02 [RRSAgent]: I have made the request to generate http://www.w3.org/2008/09/09-bpwg-minutes.html francois
15:03:04 [Zakim]: -tomhume
15:03:16 [Zakim]: -dotMobi
15:03:18 [Zakim]: MWI_BPWG(CTTF)10:00AM has ended
15:03:20 [Zakim]: Attendees were hgerlach, Francois, tomhume, rob_finean, Pontus, +03531522aaaa, jo, SeanP
15:04:05 [francois]: RRSAgent, draft minutes
15:04:05 [RRSAgent]: I have made the request to generate http://www.w3.org/2008/09/09-bpwg-minutes.html francois
15:08:18 [jo]: couple of typos and a missing speaker
15:08:31 [jo]: s/couple of typos and a missing speaker//
15:08:40 [francois]: RRSagent, bye
15:08:40 [RRSAgent]: I see 2 open action items saved in http://www.w3.org/2008/09/09-bpwg-actions.rdf :
15:08:40 [RRSAgent]: ACTION: daoust to get back to aaron from google to see if he can get some stats for us [1]
15:08:40 [RRSAgent]: recorded in http://www.w3.org/2008/09/09-bpwg-irc#T14-45-11
15:08:40 [RRSAgent]: ACTION: jo to see if he can come up with wording on this section that might accommodate everyone [2]
15:08:40 [RRSAgent]: recorded in http://www.w3.org/2008/09/09-bpwg-irc#T14-46-02