See also: IRC log
<DKA> http://www.w3.org/2002/09/wbs/37584/BPWG-StillPossible-F2F-March-2009/results
dka: London roolz
... but we need to discuss a bit
... people from US may not be able to attend if we hold in
London
... I'm going to be there anyway for the AC meeting as is
Kai
... plus as David Storey notes SxSW is also ..
... it's a trade off
... balance of opinion is on London then I am happy with that
(25-27 March)
... no clear decision ref Boston, London seems to be the
winner
Francois: what about Adam?
Adam: I'd prefer London, could make Boston though
DKA: Can you host?
Adam: sure but we may have a problem with NDA's being waived
Dom: Can't be held in a place
where an NDA is required
... but we did do it before at Google's office in LON
Adam: so I will chase up and see if we can follow that precedent
<DKA> PROPOSED RESOLUTION: We will have the next f2f in London 25-27 March 2009.
<dom> Policy Regarding Non-Disclosure Agreements and W3C Meetings
<dom> "W3C workshops, Technical Plenaries, Group meetings and other W3C-sanctioned events shall not be conducted on the premises of organizations that request W3C meeting participants to sign non-disclosure agreements in order to gain access to the host's facilities"
dka: we'll leave the question of hosts open, and if Google can't do it then we should be able to do it at Vodafone
<DKA> .
RESOLUTION: We will have the next f2f in London 25-27 March 2009
<francois> ACTION: daoust to setup a registration poll for next F2F in London [recorded in http://www.w3.org/2009/01/27-bpwg-minutes.html#action01]
<trackbot> Created ACTION-903 - Setup a registration poll for next F2F in London [on François Daoust - due 2009-02-03].
adam: need to have info on room sizes
dka: francois, would you be so
kind as to organise a poll?
... I would guess around 20
Adam: have gone through Jo's
extensive comments
... I raised an Issue yesterday, and would like to go through
it
<francois> ISSUE-287?
Adam: I'll keep raising issues as I trip across things over the forthcoming weeks
<trackbot> ISSUE-287 -- Propose merging 3.1.1 and 3.1.2 in MWABP -- OPEN
<trackbot> http://www.w3.org/2005/MWI/BPWG/Group/track/issues/287
dka: good plan, wan't to open a
discussion on how to get Ajax developers looking at this and
engaing with it
... anyone?
... developer portals and Web sites, where we can get better
community feedback
adam: don't know of anything mobile specific
<jeffs> +1 on site to allow dev feedback fm AJAX/Javascript devs... makes easier to solicit input from non-members
dka: where do people hang out who are working on iPhone Web apps
adam: sure there are Ajax discussion groups that would be a good place to go
<jeffs> suggest we est a site so we can publicize
dka: need to think about where we
are going to publicise
... any android sites?
<dom> hmm... no point of raising an issue if nobody has a plan to submit?
dka: (dan discusses raising an Issue)
<jeffs> if group does not object, I will also start a thread on my "Center for the Handheld Web" blog http://chw.rit.edu/blog
dom: an issue with a plan to
action it is like ...
... unly to get progressed
<francois> +1 to jeffs
dom: agree that we should get more feedback but think that someone needs to take an action to come back with a proposal or get on with some outreach
dka: jeffs, you can do some outreach?
jeffs: The idea of getting people
to do outreach and gather stuff together makes sense
... I can do a post on the Center for the Handheld Web
blog
... if you want other people to do outreach then they can point
there or do their own
<scribe> ACTION: Jeffs to initiate discussion on his blog ref feedback on the MWABP [recorded in http://www.w3.org/2009/01/27-bpwg-minutes.html#action02]
<trackbot> Created ACTION-904 - Initiate discussion on his blog ref feedback on the MWABP [on Jeffrey Sonstein - due 2009-02-03].
<scribe> ACTION: appelquist to initiate discussion on betavine ref feedback on MWABP [recorded in http://www.w3.org/2009/01/27-bpwg-minutes.html#action03]
<trackbot> Created ACTION-905 - Initiate discussion on betavine ref feedback on MWABP [on Daniel Appelquist - due 2009-02-03].
<francois> ISSUE-287?
<trackbot> ISSUE-287 -- Propose merging 3.1.1 and 3.1.2 in MWABP -- OPEN
<trackbot> http://www.w3.org/2005/MWI/BPWG/Group/track/issues/287
adam: ISSUE-287 ...
<francois> [I note the issue was raised as "RAISED", which hides it deep in the list of issues. The "OPEN" state should be preferred. An email should have been sent to the mailing-list but was not. That's all dom's fault, for sure.]
<jeffs> to clarify, asking for feedback on MWABP in general or ECMAScript in specific?
adam: 3.1.1 Retain Info for
Personsalization ... and 3.1.2 Autoamtically identify users
...
... apart from Network Operators this is really the same
thing
... kind of no-brainer ways of keeping track of users and their
preferences
... the gist is basically to identify user and minimise the
input - the difference from BP1 being that there are more ways
to do that now
dka: the how to do it can be merged if they are combined
adam: they are basically sayiong the same thing, once they are combined though not sure of the difference to BP1
<dom> [I have made sure new issues would appear as "open"; trying to figure out why issues aren't sent to the mailing list anymore]
<DKA> Jo: I think we need to get to the bottom of authentication separately. I agree with Adam however on this point.
<dom> [found why]
adam: what does the team think we are trying to say with this best practice, i.e. what important info should be in here, rather than just adding details for the sake of it
dka: can you do a proposal with a "before and after"
adam: OK
<scribe> ACTION: ref ISSUE-287 Adam to create a proposal for merge of 3.1.1. and 3.1.2 [recorded in http://www.w3.org/2009/01/27-bpwg-minutes.html#action04]
<trackbot> Sorry, couldn't find user - ref
<scribe> ACTION: connors to create a proposal for merge of 3.1.1. and 3.1.2 ref ISSUE-287 [recorded in http://www.w3.org/2009/01/27-bpwg-minutes.html#action05]
<trackbot> Created ACTION-906 - Create a proposal for merge of 3.1.1. and 3.1.2 ref ISSUE-287 [on Adam Connors - due 2009-02-03].
dom: basically ...
... I ran some MobileOK statistics and one of the biggest
causes of error was the fact that XHTML Basic doesn't allow the
lang attribute
... at the same time I18N strongly recommends that in text/html
you use both lang and xml:lang
... so either you break good practice for mobileOK or for
I18N
... and the new orthodoxy is that any version of XHTML can be
served as text/html (rather than only XHTML 1.0)
... XHTML2 WG is considering adding the lang attribute
... by going through the "proposed edited rec" process
... they are interested in support and assistance from
BPWG
... so are we interested in adding the lang attribute
... to XHTML Basic?
<EdC> Fine with me, but as far as I know, most mobile devices supporting XHTML basic support XHTML basic 1.0, not 1.1.
dka: <mumble mumble> non trivial
dom: not difficult though
proposed edited rec process, especially as limited in
scope
... they want us to say we support
dka: I am supportive ... but hink
that we need to understand more
... if we support and they make a change will we make a change
to the checker?
... and so more content will become mobileOK
dom: yes they would release a new DTD and we'd make a trivial change to the checker and lots of sites would instantly become mobileOK
dka: what is the time
frame?
... if it goes beyond June we are not around to make the
change
dom: given that we have a normative dependency on XHTML Basic 1.1 we don't need a formal resolution to do it, so even if the process takes longer than the remaining time that is not a problem
<dom> PROPOSED RESOLUTION: the BPWG supports adding the lang attribute in XHTML Basic
<EdC> +1
<DKA> +1
<brucel> +1
<francois> +1
PROPOSED RESOLUTION: BPWG supports inclusion of lang attribute in all versions of XHTML and of upgrading checker to take into account
<dom> +1
<DKA> +1 to jo
<EdC> All versions means those specified by W3C -- not XHTML mobile profile...
<yeliz> +1
[which one were people supporting? mine is broader than Dom's?]
<EdC> (not = not necessarily)
<DKA> +1
PROPOSED RESOLUTION: BPWG supports inclusion of lang attribute in XHTML and of upgrading checker to take into account
+1
<DKA> +1
<SeanP> +1
<EdC> +1
RESOLUTION: BPWG supports inclusion of lang attribute in XHTML and of upgrading checker to take into account
francois: this discussion is on
MWABP rather than than CT
... have had some feedback from the Web App Security Context
group and think we will get feedback from them following their
meeting tomorrow
... so suggest we postpone till next week
francois: we need to rationalise
the topic on content transformation, and Jo had an action but
he hasn't done it yet
... we have everything on the table and we need to make a
decision
... will we put something in the guidelines and if so what
would it be
rob: I started the discussion off on what should be done to address the question of what to do if you are the "man in the middle"
<francois> Rob's email on links rewriting
rob: ref security
... perhaps we should generalise the discussion rather than
limiting to HTTPS
... that was my intention in kicking the discussion off
... but the discussion assumed the HTTPS context
<EdC> and a third issue: general security considerations on transformations not necessarily dependent on URL rewriting, nor on HTTPS (cookies, referer, etc).
francois: there are two
questions, i) intercepting secure connections ii) rewriting
links which triggers a number of cross site scripting
problems
... and other security issues
... I think that we should have a "security consideration"
section as proposed by Eduardo referencing what has been
written by Rob
... I hope we are clear that we can't recommend to break the
secure connection
... we can't endorse that as a best practice
dka: what is the way out of this
<rob> PROPOSED RESOLUTION: Include a section on General Security Considerations, which is appliccable to "man-in-the-middle" transformations, irrespective of SSL
francois: I think there should be a security consideration topic, or rather a security alert section
<scribe> ACTION: Jo to action his outstanding action [recorded in http://www.w3.org/2009/01/27-bpwg-minutes.html#action06]
<trackbot> Created ACTION-907 - Action his outstanding action [on Jo Rabin - due 2009-02-03].
<dom> ACTION-902?
<trackbot> ACTION-902 -- Jo Rabin to summarise current discussions on https link re writing -- due 2009-01-27 -- OPEN
<trackbot> http://www.w3.org/2005/MWI/BPWG/Group/track/actions/902
<dom> close ACTION-907
<trackbot> ACTION-907 Action his outstanding action closed
dka: anything else?
francois: I think we already resolved to change the link rewriting section - especially to remove the MAY as this would be to endorse the practice, which we don't
<EdC> There are editorial issues, to be done conformance statements, mandatory heuristics, at least.
francois: we really need a crystallization of the topic as it has spilled over into so many other areas
<francois> ISSUE-286?
<trackbot> ISSUE-286 -- Transformation of Mobile Content/Mandating some respect of some heuristics -- OPEN
<trackbot> http://www.w3.org/2005/MWI/BPWG/Group/track/issues/286
francois: sean - summary?
sean: I raised this issue last
week, but no email got sent out
... issue was raised about mandating heuristics around
content-types and doctypes that are unambiguously mobile
... raised originally by Dom back in Nov
... we discussed a couple of weeks ago and I said that if you
don't allow transformation on mobile pages then this prevents
link rewriting
... and so you lose the proxy function
... so I wrote up the issue of user choice to allow users to
choose mobile pages and EdC brought sup some points which I
tried to answer
... and that is where we are
<dom> (as I mentioned last week, this only applies to cases where the proxy rewrites links; when it does, we could allow only to rewrite links, so as to preserve the proxy function)
francois: so we need to summarise
where we agree and where we disagree
... so we need to agree that we say that those heuristics
SHOULD be respected but with the caveat that the user can
express the choice to continue link re-writing
<Zakim> jo, you wanted to say that jo has the action already
EdC: I don't think there is
disagreement
... idea is simple
... if user doesn't want any kind of transformation then they
get page untouched and they get links to non mobile sites
... but on the other hand if they allow transformed content
then it is just a question of how the proxy works. Some will
need to rewrite to keep users on mobile pages and others
wont
... it is just a question of implementation
... saying SHOULD NOT is fine, you just need a reason to do
otherwise
dom: it's more complicated than
that. If the Proxy works at netowrk level then requests get
caught anyway
... but for link re-writing proxies it is more difficult.
... so this would prevent non netowrk level proxies from doing
their job
<francois> [Proxies SHOULD NOT transform explicit mobile content save links rewriting in Linked-mode proxies?]
dom: so the CT guidelines could
say that rewriting links is OK in this case
... we should be as strict as possible for network level
proxies but for link rewriting proxies, restrict as much as
possible
edc: if you have to rewrite then you will rewrite and that is included in the SHOULD
dom: but that's not restrictive enough - so we need to explicitly limit what can be rewritten in those circumstances
edc: the question of saying which
restrictions is a long topic - we could open too big a can of
worms and we won't be able to resolve it.
... rewriting URLs in out of band proxies falls into that
category
dom: that would open the door to transforming everything
edc: <scribe missed it>
<francois> s/trasnforming/transforming
seanp: you know where I am coming
from, if a user allows it then we should be able to transform
sites
... we gets lots of requests for this
<EdC> In short:CT-proxies should not modify mobile content -- except as strictly necessary to make desktop content accessible to mobile devices. URL rewriting is unavoidable for out-of-band proxies (i.e. those that do not capture all HTTP traffic by default). Other transformations are in principle not admissible.
<Zakim> jo, you wanted to say that it is allowed
jo: we already say that users may request transformed content but that can't be the default assumption
seanp: sounded like mobile was going to be treated differently to the mobile page
jo: ah I see
francois: doh?
jo: I think that Sean was saying that we allow transformation of the request and therefore implicit requested transformation of the response (from desktop to mobile) but we haven't documented any facility for the user to request transformation of a mobile response. The one applies to the request and the other applies to the response irrespective of the request
seanp: yes
dka: jo can you scrivbe that as a resolution
jo: no, not now I'm busy, dammit
<francois> [Summary of what I think: we agree to mandate respect of explicit mobile pages, with 2 points to detail: 1. on the wording for proxies that operate in links-mode 2. user expression of choice for transformation of mobile pages]
<dom> +1 to francois summary
PROPOSED RESOLUTION: Introduce a section describing a non-defaultable user option to tranform responses irrespective of the transformation of the request, even where the response is apparently mobile according to the so-called mandatory heuristics
<dom> on francois.2, I think we should keep it simple, and say your "deployment" doesn't conform when mobile page gets transformed
<SeanP> What's meant by non-defaultable?
<EdC> This seems to me splitting hairs. End-users are actually offered the following: leave everything untouched. Transform responses from desktop to mobile -- it might have some side effects on mobile pages depending on the implementation of the gateway, i.e. out-of-band might have to rewrite URL to external desktop sites. Transform mobile transactions for whatever other reasons.
<dom> <dom> on francois.2, I think we should keep it simple, and say your "deployment" doesn't conform when mobile page gets transformed
edc: stunned by proposal of defaultable: simply put the user can have 3 choices - a) no transformation at all b) access desktop sites and transform c) some additional transformation
dom: problem with the approach is
that you can say that the user signed a contract that says
everything gets trasnformed, so this is really not a viable
choice
... so we are really creating lots of loop holes
[Emmental?]
edc: didn't we say that these have to be opt-in
dom: isn't signing a contract opting in?
edc: no you have to check what you want
jo: we say that preferences will be maintained on a site by site basis which goes some way to addressing Dom's point
<dom> [but that doesn't match the everything/only desktop/nothing approach that eduardo proposed, does it?]
seanp: ref dom's point ref the
contract - I thought we moved it to an appendix to out of band
means, and that we were going to an interstitial apporach -
i.e. something you do on the phone and not something you do by
contract
... and what about about the site by site thing
... thought it was on a session basis
jo: we say site by site
<dom> Current section on user preferences
<DKA> PROPOSED RESOLUTION: Introduce a section describing a non-defaultable user option to tranform responses irrespective of the transformation of the request, even where the response is apparently mobile according to the so-called mandatory heuristics
<EdC> Current version 4.2.2 User Preferences
<EdC> Proxies must provide a means for users to express preferences for inhibiting content transformation. Those preferences must be maintained on a user by user and Web site by Web site basis.
<dom> "Proxies must provide a means for users to express preferences for inhibiting content transformation. Those preferences must be maintained on a user by user and Web site by Web site basis. Proxies must solicit re-expression of preferences in respect of a server if the server starts to indicate that it offers varying responses as discussed under 4.2.6 Receipt of Vary HTTP Header."
dom: I think this is too detailed. It should be non-conformant
francois: I agree with Dom
<EdC> The resolution proposal is convoluted.
francois: isn't 4.2.2
enough?
... it's not limited to request or response
... let's leave 'as is'
... and mandate respect of explicit mobile site
<DKA> PROPOSED RESOLUTION: leave 4.2.2 as is and do not say anything about transformation of mobile-friendly content.
<EdC> Basically, you could have many other transformation options: filter for viruses, translate from * to English, add dancing bears, etc. All these are user-selectable.
PROPOSED RESOLUTION: We will not offer an explicit carve out for transforming mobile content at user request, transformation of such content is non-conformant
<dom> PROPOSED RESOLUTION: mandate respect of heuristics (as SHOULD), with caveat on links rewriting
<francois> +1 to both
seanp: liked the original one
better
... are we saying in the proposed resolution that if you
transform mobile content then you are non conformant?
dom: yes
dka: isn't there a middle way?
dom: we need to take this to the list
dka: thanks and good night