08:09:06 RRSAgent has joined #tagmem 08:09:06 logging to http://www.w3.org/2011/09/15-tagmem-irc 08:09:08 RRSAgent, make logs public 08:09:08 Zakim has joined #tagmem 08:09:10 Zakim, this will be TAG 08:09:10 I do not see a conference matching that name scheduled within the next hour, trackbot 08:09:11 Meeting: Technical Architecture Group Teleconference 08:09:11 Date: 15 September 2011 08:10:28 Noah: See agenda. Ashok wrapping up Client-Side State work. 08:10:43 for client-side storage, how much do we want to do on this? 08:10:59 Ahok: You have looked at slides and a vey brief write-up 08:11:27 Noah: Jeff Jaffe asked us to give him alerts of upcoming possible crisis issues. 08:11:52 Ashok has joined #tagmem 08:12:11 ... Privacy and Security we have all felt we are high priority for the web, but not clear whether TAG should engage and how. 08:12:51 ... After lunch, we step back and declare our overall direction again. Should we do that earlier? 08:14:25 [general warm noises about the agenda, and agreee to wrap at 3pm] 08:14:56 jar has joined #tagmem 08:15:38 masinter: I was rethinking whether we should do a finding on MIME on the Web. 08:18:36 Noah: Ok, we will fit that discussion in. 08:18:41 http://www.w3.org/2001/tag/products/clientsidestorage.html 08:18:51 topic: Client-side storage 08:19:10 Noah: See product page [linked above] 08:22:46 Ashok: We can write a story about the history of how this came to be, and I have some of that done. 08:22:56 ... But then the question, what to use it for? 08:23:14 Two cases: You ahev an eisting webapp, which you can now usee offline. 08:23:39 In this case, the behaviour of the app does not change. 08:24:00 basically, the local storage is acting like a big cache -- controlable but a cache. 08:25:09 masinter: I see people miving to HTTP hibi protoocol, bypasing the proxuy infrastructure .. 08:26:07 ... is this a trdeoff between doing this caching at he app design level, or at a system, evel? 08:27:18 s/evel/level/ 08:27:19 Cache by user or by application 08:28:12 jar: Good for user to have a model of what is going to work offline. With caching, is there is assurance that that some sort of info will be available for browsing offline, then that can be an arch'l requirement. 08:28:49 We would like to then know the visible impact of this class of solutions. 08:29:12 Ashok. You mean, you will require data for an app -- you can get it in diff't ways? 08:29:15 JeniT has joined #tagmem 08:29:53 jar: More a question of failures being predictable. With current proxy caches, there is no contract aout hat will work offline. 08:30:37 ... Google mail uses client side storage to provide dependable behaviour of offline storage. 08:31:08 We are discussing http://www.w3.org/2001/tag/products/clientsidestorage.html 08:32:09 RRSAgent, pointer? 08:32:09 See http://www.w3.org/2011/09/15-tagmem-irc#T08-32-09 08:32:36 the title of the product page says "Web Application Storage" and not "Client Side Storage". I like "Web Application Storage" better, because we need to talk about the tradeoffs between local storage and local caches of remote storage 08:32:59 and the question is whether hybi also has a caching architecture 08:33:05 Noah: The model is there are HTTP proxy caches, and this system (client-side storage) should be able to work in that mode. But also it should be able to 08:33:14 - control so make sure right stuff is there 08:33:24 - space management , relation to other apps 08:33:29 - this is writable offline 08:33:36 This last one is the biggie. 08:33:53 hybi aka "The Web Socket Protocol" 08:34:02 To build things like emial, you have to be abl eto change the web though your cache when you get back online. 08:34:17 I would like to see the innovation there. 08:34:30 Maybe there is a=some agent-based intention-to-update story. 08:34:36 That would work as on and offline. 08:34:37 q+ 08:34:44 s/emial/email/ 08:34:49 s/abl eto/able to/ 08:35:01 Thi update capability is hte fundamental thing whoch you lose when you use a cache. 08:35:26 Ashok: There is a spec from the web caching guys which gives the user control of the cache. 08:36:02 s/Thi/The/ 08:36:06 s/hte/the/ 08:36:11 s/whoch/which/ 08:36:16 TBL: This fits very nicely with the read/write data model. I've described it in a design issue note. 08:36:24 Tim: Fits nicely with the read/write data story 08:36:31 TBL: The changes all go through little SPARQL updates, which are posted. 08:36:45 ... easy to spool up 08:38:03 Tim: The only thing you can't spopol of cousre is a lock, an atoic thing where you ned to fail if there is interference from another user or another app. 08:38:16 s/spopol/spool/ 08:38:20 (See http://www.w3.org/ReadWriteLinkedData ) 08:38:25 s/cousre/course/ 08:38:31 s/atoic/atomic/ 08:38:38 s/ned/need/ 08:38:41 Noah: Are we gueuing up a couple of posts, or a calendar entry, logically? 08:38:57 s/gueuing/queuing/ 08:39:16 Noah: What level of abstraction? Post or book aitline seat? 08:39:29 s/aitline/airline/ 08:39:31 s/aitline/airline/ 08:46:26 Tim: RPC systems had this problem that when the operation was transparently remote it was good for the dev but horrible for the usr, who would just see the app lock when an offline or online problem happened. The app was not aware of differetn offline and online errors. So web apps which use explicit app-level transfer can be written to be much more user-friendly with errors. Compare then with sync between a Mac an a server wen the mac will run over the 08:46:28 Tim: RPC systems had this problem that when the operation was transparently remote it was good for the dev but horrible for the usr, who would just see the app lock when an offline or online problem happened. The app was not aware of differetn offline and online errors. So web apps which use explicit app-level transfer can be written to be much more user-friendly with errors. Compare then with sync between a Mac an a server wen the mac will run over the 08:46:29 Tim: RPC systems had this problem that when the operation was transparently remote it was good for the dev but horrible for the usr, who would just see the app lock when an offline or online problem happened. The app was not aware of differetn offline and online errors. So web apps which use explicit app-level transfer can be written to be much more user-friendly with errors. Compare then with sync between a Mac an a server wen the mac will run over the 08:46:46 Tim: RPC systems had this problem that when the operation was transparently remote it was good for the dev but horrible for the usr, who would just see the app lock when an offline or online problem happened. The app was not aware of differetn offline and online errors. So web apps which use explicit app-level transfer can be written to be much more user-friendly with errors. Compare then with sync between a Mac an a server wen the mac will run over the 08:46:47 Tim: RPC systems had this problem that when the operation was transparently remote it was good for the dev but horrible for the usr, who would just see the app lock when an offline or online problem happened. The app was not aware of differetn offline and online errors. So web apps which use explicit app-level transfer can be written to be much more user-friendly with errors. Compare then with sync between a Mac an a server wen the mac will run over the 08:46:53 wweqfkjqwklef 08:46:55 Tim: RPC systems had this problem that when the operation was transparently remote it was good for the dev but horrible for the usr, who would just see the app lock when an offline or online problem happened. The app was not aware of differetn offline and online errors. So web apps which use explicit app-level transfer can be written to be much more user-friendly with errors. Compare then with sync between a Mac an a server wen the mac will run over the 08:46:56 Tim: RPC systems had this problem that when the operation was transparently remote it was good for the dev but horrible for the usr, who would just see the app lock when an offline or online problem happened. The app was not aware of differetn offline and online errors. So web apps which use explicit app-level transfer can be written to be much more user-friendly with errors. Compare then with sync between a Mac an a server wen the mac will run over the 08:47:11 I'm moving toward wanting TAG findings to be more about summarizing the architectural principles nascent in what's going on rather than being experts and publishing our own thoughs 08:47:39 I agree with Larry on that bit 08:47:44 operations which were spooled, and where there is a conflict, it knows enough of the semantics of what has happened to ask a user which version of a calendar she wants. That requires the sync program being coed to understand al the semantcis of each type of object which can by synced. Maybe we have with offline read-write linked data a happy edium, where it is easier to make a generic sync gadget because the semantics of what is being stored is open and expli 08:47:54 explicit. 08:47:58 the main concern i have about storage is that the caching for web sockets / hybi doesn't fit into the previous architectural model we had in mind 08:48:08 Except that where there are clear principles, like "identify things with URIs", we should say so clearly and without hesitation. 08:48:30 Ahok: This has the characteristic that you can store stuff, that you cna store parts of to different web sites. This is new 08:49:04 once you move into hybi, there aren't any URIs for anything other than the service i don't think, and certainly not for data or intermediate states 08:49:23 The first way, then is like a cache, and the second way this is used is this new capability to write different things back to different web sites. 08:49:24 maybe we should invite some folks to come talk to us 08:49:53 s/hibi/hybi/ 08:50:14 masinter: [see IRC above] 08:50:26 Are we mssing something in the move to web sockets etc? 08:51:00 We are losing visibility by the main system of the dta, and we lose URIs for tings. 08:51:17 you mean: what might happen if you attempt a web socket connection when you're off line? (for example) 08:51:59 When people use hybi, then there is no URI. 08:52:11 q? 08:52:36 q+ to talk about product page.... 08:53:20 q- 08:53:31 Noah: What is the priority of this work, then? 08:53:54 q- 08:54:31 Tracker, new poll 08:54:32 Preference poll: with respect to storage work, should we commit to 1) serious project work now 2) I know enough to say not high priority for 6 mos to a year 3) go for a month or two fact finding and decide in telcon 08:54:36 HT = 3 08:54:45 DA = 2.5 08:54:56 JT = 3 08:55:01 PL = 3 08:55:06 larry = 1 08:55:06 TB = 3 08:56:56 Masinter: This is happening, Web sites are bring rewritten now. This is the time to point arch'l choices they may not have thought about. 08:57:18 People are makingvery local decisions, now, and it is timely for us to get up to speed on this. 08:57:42 Noah: Good for us to get priorities fixed at f2f 08:57:58 TB = 1 08:58:11 I agree :) 08:58:48 TBL: Larry is convincing. And besides, I'm interested in how we manage resources. 08:59:45 Tim: This is intersting because it overlaps with a pet want of mine, good user tools for resource management, grouping apps/things/sites/whatever by task, and allocating disk ram, cpu, data access, etc to them. 09:00:11 I wonder whether this ties into the Device API question we got at http://lists.w3.org/Archives/Public/www-tag/2011Sep/0002.html 09:00:30 i'd like to look at how to get linked data and link relations into a world that is dominated by websocket access 09:00:45 Ashok : maybe we should start by setting out the architectural issues. 09:01:39 Jeni: I don't see the connection with the Device API question 09:01:41 Ashok: How can I pcik the brains fo W3C staff? 09:02:15 masinter: it's asking whether "devices" (local data on a computer) should be accessed using an HTTP protocol 09:02:21 Jeni: looking again... 09:02:25 Tim: Do a Project Review. Some thursday 9-10:30 am EST typically. Talk to amy@w3.or. 09:02:47 You will need a presentation and a chair and a scribe 09:02:55 masinter: it was just a vague thought 09:03:05 s/pcik/pick/ 09:03:17 and a notice explaining the scope of it and reason for it and objectives to send out a week or 3 in advance. 09:03:20 Jeni: maybe it's the same question for something other than storage 09:03:41 q? 09:04:33 Noah: Proposal is that a finding would be timed as final in July 09:04:50 Masinter: I want to work on issues and good proiactices, and the issues first please. 09:06:29 Noah: [edits product page] 09:07:04 masinter: The title "Web App Storage" is better than "Client-Side Storage" IMHO 09:11:07 [discussion of possible deliverables and timing] 09:13:48 Noah: Edits "Key deliverables with dates" 09:15:40 I wonder whether this ties into the Device API question we got at 09:15:40 http://lists.w3.org/Archives/Public/www-tag/2011Sep/0002.html 09:16:59 https://lists.webkit.org/pipermail/webkit-dev/2011-July/017621.html 09:17:57 masinter, thanks, that's exactly the relationship that was niggling me 09:18:39 Jeni: yes, thanks for raising this, might extend the scope of this product topic but i think that's ok 09:20:14 The question of whether the phone's calendar is just a local cache of my 'real' calendar stored remotely... if you use the HTTP/REST view the same app would work independently of that 09:47:59 \scribenick ht 09:48:19 scribenick: ht 09:48:45 scribe: Henry S. Thompson 09:48:53 Resuming after break 09:50:26 Topic: Track high priority developments for Jeff Jaffe [http://www.w3.org/2001/tag/2011/09/13-agenda#jeffreport] 09:50:42 NM: [Recaps the background] 09:51:13 NM: I committed to produce something in October 09:51:18 q+ 09:51:19 NM: I will be asking for help 09:51:23 ack next 09:52:10 LM: We should take this seriously -- we are rarely asked for anything from W3C management 09:52:36 LM: We may not need to generate this list, we could just prioritise and summarise 09:52:45 NM: Where would the initial list come from 09:52:54 LM: We could request input on the public list 09:53:03 and from the membership 09:53:22 s/generate the list/generate the entire list/ 09:53:35 s/could just prioritize/could prioritize/ 09:53:49 s/generate this list/generate the entire list/ 09:55:53 i would start with trying to keep a web site / wiki page / etc. listing technical issues of concern to the web community..... 09:55:54 NM: We could put out a public call for help in doing a better job in tracking/anticipating emerging issues of importance to the architecture of the Web 09:56:18 i'd put out an initial list and invite community to add 09:56:33 TBL: "Upcoming train wrecks" as the title, not about "doing better", just doing it at all 09:57:05 LM: I was thinking of putting out an initial list, asking for additions, better than a blank sheet of paper 09:57:15 LM: E.g. I18N vs. CSS 09:57:24 LM: E.g. Hybi bypassing REST 09:57:35 LM: Microdata vs. RDFa 09:57:41 LM: Persistence 09:58:29 TBL: Move from phone apps to web apps 09:58:50 TBL: ... What more do we need to make this work 09:59:05 can we give an executive summary of hte issues, who the stakeholders are, and why that is an issue 09:59:18 TBL: ... In particular, for example, the fact that web apps can't access the web is a real problem 09:59:31 why is it a "potential train wreck" 09:59:40 DKA: How architect device APIs -- RESTful/???? 09:59:43 but all the other things they need to do wich phone apps can and they can't yet 10:00:24 LM: Part of my remit at my job is to identify potential train wrecks between our products and standards 10:01:20 ... I've done this at various levels, from dozens of pages down to a simple summary, and even red/yellow/green light labels 10:02:03 list of issues, but would also like criteria of why they're a CEO-level problem 10:02:51 Canvas and SVG 10:03:01 NM: We need to be careful to avoid getting stuck on careful analysis, let's continue just listing issues at first 10:03:24 W3C and IETF scope 10:03:29 registries and IANA 10:04:02 XML and HTML ... task force report? 10:04:36 HTML.next 10:05:08 already known on the list: privacy 10:05:49 HST: We don't need to list things already on the wider W3C priority list(s) 10:08:18 AM: We got taken by surprise a few times in the past 10:08:43 ... and so we tried having a standing item on telcons for "Anything new we should keep in mind?" 10:09:17 NM: I'll try that a bit, maybe 10:10:15 TBL: Should we remove JJ from the way we think about this, and just make it a TAG job? 10:10:26 JAR: Frequency? 10:10:39 NM: twice yearly was the request 10:10:50 JAR: Make it just a newsletter? 10:11:21 NM: Any more items for the list? 10:12:17 HT: There is this notion of "the death of protocols". 10:12:19 NM: Meaning? 10:12:52 this is the concern that Hybi taking over not only HTTP but everything else, including mail, etc. 10:13:24 HT: HTML5 represents a kind of disintermediation. In the past, to create an app you would design some sort of protocol and associated RFCs would be developed. Now, you just design an XML document type and use HTTP, and the standards process gets skipped, because we have less of a tradition of rigorous standardization that level of protocol. 10:13:49 LM: So e.g. with HyBI, being 2-directional it replaces HTTP 10:14:20 LM: Also, scripting now handles the 'protocols', so the network middle-ware (proxies, caches, etc.) have no idea what's going by 10:15:02 NM: Right, so what used to be a protocol is now being, or could be, tunneled through HTTP or HyBI 10:15:07 http://www.w3.org/html/wg/tracker/issues/175 is an administrative process issue 10:15:18 versioning 10:16:09 not only protocols, but also formats, as the libraries running in the browser "VM" are starting to replace document format definitions 10:16:09 HST: I.e. a standard without end 10:20:14 JAR: OData 10:23:18 hhalpin message connecting odata to rdf http://lists.w3.org/Archives/Public/public-awwsw/2011Jan/0021.html 10:23:58 well: http://masinter.blogspot.com/2011/06/irreconcilable-differences.html 10:24:13 that was my list of standards issues 10:24:54 Topic: Privacy http://www.w3.org/2001/tag/group/track/actions/545 ACTION-545 10:25:46 coordinate with http://www.w3.org/2011/07/appsecwg-charter.html 10:25:47 s/for Jeff Jaffe/for Jeff Jaffe ACTION-568/ 10:26:33 Also Web Apps/Security [http://www.w3.org/2001/tag/2011/09/13-agenda#security] 10:26:56 and http://www.w3.org/Privacy/ 10:27:05 NM: We need to decide if we are going to take either of these seriously and put resources in, or explicitly move them to the back burner 10:27:33 AM: Should we try to spell out the landscape in these areas 10:27:45 ... using a Wiki, ask other experts to contribute 10:27:53 with other policy-based important initiatives like internationalization & accessibility, we rely on 'architectural' activities to take the lead, and for the TAG as more of a coordination body rather than doing the heavy lifting 10:28:34 Tobias Gondrom 10:28:50 ... Particularly in Security, ask Tobias Gondrom for help 10:29:09 NM: What is the goal, what would be success wrt this Wiki 10:29:33 AM: If it spells out what the state-of-the-art is for Security on the Web 10:29:46 W3C just started http://www.w3.org/2011/08/appsecwg-charter.html Web Application Security Working Group 10:29:46 q+ masinter 10:30:17 q+ noah to say concerned about roadmaps and overviews vs. hot button issues 10:30:30 JAR: Alternative to SOA, a roadmap spelling out the parts of W3C that connect up to what security questions 10:30:45 ... compare that to the received WebArch position might be 10:30:51 ack next 10:30:58 q+ to mention wikipedia effect 10:31:10 LM: W3C just chartered a new Security WG 10:31:30 ... We have I18N and Accessibility for other cross-cutting/horizontal issues 10:31:44 ... This maybe is the right model for Security and Privacy as well 10:32:01 q+ 10:32:07 ack next 10:32:09 YL: The new Security WG has good joint membership with the relevant IETF WGs 10:32:09 noah, you wanted to say concerned about roadmaps and overviews vs. hot button issues 10:32:32 NM: Is there a way we could follow their work more closely 10:32:45 ... Why should we try to lead in this area given that they are there now 10:32:47 review ongoing work and maybe a roadmap? 10:32:53 ... Someone track this? 10:33:13 NM: Do we know how they are running -- f2f, telcons, ? 10:33:30 LM: Their scope is not all aspects of Web Security 10:34:19 ... The most valuable next step, per John Kemp's work, was an analysis of what's happening vs. what W3C WGs need, to identify gaps 10:34:34 NM: Scope is broad, isn't it 10:34:47 LM: Explicitly its WebApps 10:35:01 ... but this can't help ramifying 10:35:34 TBL: Security issues by definition are rapidly changing, the arms race model 10:35:34 i'm thinking of a roadmap kind of like the broader issue list we were talking about earlier, but specifically for security issues and approaches. That's what JK was trying to get at. 10:36:03 TBL: Tracking IETF is really important, they're doing a lot 10:36:33 TBL: Not sure about a roadmap that involves anything like an ontology -- that's precisely what changes all the time, and we couldn't keep up 10:36:44 LM: [as above] 10:36:56 NM: Who might take that on? 10:37:07 AM: To do what? 10:37:52 solicit resources to help generate that list? 10:38:21 DKA has joined #tagmem 10:38:22 NM: Help the W3C community identify (not a cosmic security taxonomy) an inventory of security issues for W3C WGs, sort and prioritise, and identify ones that are and are not being addressed (in W3C or IETF or ...) 10:38:31 s/issues/concerns/ 10:38:43 NM: This is a big job 10:39:06 LM: Starved for time 10:39:24 ... Maybe this is on our list of potential train wrecks 10:39:41 NM: Surely a big potential vulnerability 10:40:03 s/LM: Starved/NM: Starved/ 10:40:08 HST: This is more than a day a week 10:40:19 s/... Maybe this/LM: Maybe this/ 10:40:43 TBL: Survey of issues, or of organizations 10:41:07 ... I don't see anyone around the table doing the first 10:41:26 ... So maybe going meta -- if we were looking for a group to do this, where would we look? 10:41:33 ... Existing group, or need a new one? 10:42:01 NM: Proposal? 10:42:14 TBL: To make a map of the entities (people, orgs) involved 10:42:52 NM: Same old same old: good ideas, no one for which this is more important than the things they are already doing 10:43:21 YL: IETF Security Area is an umbrella for all the security stuff at IETF, so they sort of have this responsibility 10:43:38 TBL: Get the Area head to come talk to us? 10:43:52 TBL: Co-chair is on the new WebSec WG at W3C 10:43:59 s/TBL:/YL:/ 10:44:25 JAR: Are they covering things up to the level we might think of as WebArch? 10:44:58 YL: Level crossing in the stack is what the IETF Area and WebSec are aiming to coordinate on 10:45:32 NM: I am not hearing that Security is a major area of work for the TAG 10:46:17 ... It is still in order to track something at a lower level, but we don't have a high-level goal that we are working toward 10:46:33 NM: "The TAG has no 6-month goal in Security" 10:46:42 ... That makes me unhappy 10:46:52 TBL: I don't agree, I think it's not for us to do 10:47:31 s/agree/agree that it's bad for us to pull back from that/ 10:47:48 TBL: If IETF come to us and say there's a WebArch issue, perhaps 10:47:50 q+ to suggest a goal to ask for a web security roadmap 10:48:00 q- ht 10:48:40 NM: We could get to a point where we could contribute, albeit it might take two years -- I'm sorry we can't find a way to do that 10:48:56 ack timbl 10:49:09 ack masinter 10:49:09 masinter, you wanted to suggest a goal to ask for a web security roadmap 10:49:24 ACTION-341? 10:49:24 ACTION-341 -- Yves Lafon to follow up with Thomas about security review activities for HTML5 -- due 2011-05-10 -- OPEN 10:49:24 http://www.w3.org/2001/tag/group/track/actions/341 10:49:49 LM: We could ask for a review of what's happening in the W3C security groups, and the gaps with respect to their needs 10:50:01 HST: Whom, and why would we do it? 10:50:19 NM: Background education is in scope at any time 10:50:23 q? 10:50:37 LM: It might get us to push for more resources from W3C in this area 10:51:29 close ACTION-341 10:51:29 ACTION-341 Follow up with Thomas about security review activities for HTML5 closed 10:51:43 ACTION-344? 10:51:43 ACTION-344 -- Jonathan Rees to alert TAG chair when CORS and/or UMP goes to LC to trigger security review -- due 2011-09-13 -- OPEN 10:51:43 http://www.w3.org/2001/tag/group/track/actions/344 10:52:38 JAR: We still want to review this. 10:52:47 NM: Even given that the Web Sec group is there to do it. 10:52:50 JAR: Yes. 10:53:20 ACTION-344 Due 2012-01-01 10:53:20 ACTION-344 Alert TAG chair when CORS and/or UMP goes to LC to trigger security review due date now 2012-01-01 10:53:30 ACTION-515? 10:53:30 ACTION-515 -- Larry Masinter to (as trackbot proxy for John) who will publish http://www.w3.org/2001/tag/2011/02/security-web.html, slightly cleaned up, with help from Noah and Larry -- due 2011-07-30 -- PENDINGREVIEW 10:53:30 http://www.w3.org/2001/tag/group/track/actions/515 10:54:17 q+ to suggest we forward this doc to WebSec 10:54:44 ack next 10:54:44 DKA has joined #tagmem 10:54:46 ht, you wanted to suggest we forward this doc to WebSec 10:55:33 HST: A new WG often gets input, which they may or may not take forward 10:55:47 ... I think that would be helpful for this doc, send it to WebSec on this basis 10:56:06 close ACTION-515 10:56:06 ACTION-515 (as trackbot proxy for John) who will publish http://www.w3.org/2001/tag/2011/02/security-web.html, slightly cleaned up, with help from Noah and Larry closed 10:56:37 s/input/more-or-less informal submissions as input/ 10:57:34 [Note to scribe -- clarify WebSec (IETF) vs. WebAppSec (W3C)] 10:58:54 ACTION \: Larry to find an appropriate way to make available http://www.w3.org/2001/tag/2011/02/security-web.html to the Web App Sec working group 10:58:54 Sorry, couldn't find user - \ 10:59:04 ACTION: Larry to find an appropriate way to make available http://www.w3.org/2001/tag/2011/02/security-web.html to the Web App Sec working group 10:59:05 Created ACTION-607 - Find an appropriate way to make available http://www.w3.org/2001/tag/2011/02/security-web.html to the Web App Sec working group [on Larry Masinter - due 2011-09-22]. 10:59:17 ACTION-516? 10:59:17 ACTION-516 -- Yves Lafon to talk with Thomas Roessler about organizing W3C architecture work on security -- due 2011-07-19 -- OPEN 10:59:17 http://www.w3.org/2001/tag/group/track/actions/516 10:59:29 close ACTION-516 10:59:30 ACTION-516 Talk with Thomas Roessler about organizing W3C architecture work on security closed 10:59:38 ACTION-554? 10:59:38 ACTION-554 -- Noah Mendelsohn to formulate product page for TAG work on security including John Kemp security draft Due: 2011-05-24 -- due 2011-09-15 -- OPEN 10:59:38 http://www.w3.org/2001/tag/group/track/actions/554 11:00:53 NM: Larry do you want discussion of ACTION-516 11:01:12 LM: To (Yves): what about the work that's beyond the scope of Web App Sec? 11:01:19 YL: If you have a topic in mind we can talk about it. 11:02:04 NM: I think we decided not to do the sort of security work that merits a product page. So, closing ACTION-554 11:02:10 close ACTION-554 11:02:10 ACTION-554 Formulate product page for TAG work on security including John Kemp security draft Due: 2011-05-24 closed 11:02:19 ACTION-33? 11:02:19 ACTION-33 -- Henry Thompson to revise naming challenges story in response to Dec 2008 F2F discussion -- due 2011-08-10 -- OPEN 11:02:19 http://www.w3.org/2001/tag/group/track/actions/33 11:04:01 ACTION: Noah to schedule telcon discussion of TAG goals on privacy Due: 2011-10-01 11:04:01 Created ACTION-608 - Schedule telcon discussion of TAG goals on privacy Due: 2011-10-01 [on Noah Mendelsohn - due 2011-09-22]. 11:04:12 TLR: Thomas is the domain lead 11:04:34 LM: There's an organizational meeting coming up for the Do Not Track WG. 11:37:17 masinter has joined #tagmem 12:12:52 masinter has joined #tagmem 12:13:50 plinss_ has joined #tagmem 12:13:51 scribenick: masinter 12:13:55 DKA has joined #tagmem 12:14:11 topic: Review TAG Priorities for 2011 12:14:12 jar has joined #tagmem 12:18:54 Note: scribing cleanup: Henry Thursday, Jonathan Tuesday, Dan Wednesday 12:19:12 noah has joined #tagmem 12:19:20 ht has joined #tagmem 12:20:02 Ashok has joined #tagmem 12:20:32 noah: framing priorities discussion http://www.w3.org/2001/tag/products/ 12:20:46 noah: trap: doing a good job on the wrong things 12:22:08 noah: we're not doing that but we might, we should look at our products 12:30:55 ((noah editing products page with discussion)) 12:31:31 ((HTML5 last call moved to 'other active projects')) 12:31:54 ((Jeni no longer on Web Application State)) 12:36:10 ((etc, not capturing individual edits)) 12:37:34 ((MIME and the web looking at finding by 31 December, draft for review by 30 September)) 12:38:15 JAR: the linking item ought to be higher up 12:38:35 dan: I don't have an action on API minimization 12:39:41 ((discussion that when reviewing minutes to update product page and actions ...)) 12:43:48 Which "Other Active Products" should raise in priorities? 12:45:58 ((publishing and linking moved up to top priority)) 12:47:30 larry: http://www.w3.org/standards/webarch/ 12:55:40 ACTION: Appelquist to draft initial cut at http://www.w3.org/standards/webarch/identifiers Due: 2011-10-18 12:55:41 Created ACTION-609 - Draft initial cut at http://www.w3.org/standards/webarch/identifiers Due: 2011-10-18 [on Daniel Appelquist - due 2011-09-22]. 12:55:48 I'll volunteer for 'Meta Formats' 12:56:24 larry: I'll do Protocols 12:56:24 ACTION: Tennison to draft initial cut at http://www.w3.org/standards/webarch/metaformats Due: 2011-10-18 12:56:25 Created ACTION-610 - Draft initial cut at http://www.w3.org/standards/webarch/metaformats Due: 2011-10-18 [on Jeni Tennison - due 2011-09-22]. 12:56:48 the style for http://www.w3.org/standards/webarch/ arranges that you can't tell where the links are by looking at the page. this is wrong. 12:56:53 ACTION: Larry to draft initial cut at http://www.w3.org/standards/webarch/protocols Due: 2011-11-15 12:56:54 Created ACTION-611 - Draft initial cut at http://www.w3.org/standards/webarch/protocols Due: 2011-11-15 [on Larry Masinter - due 2011-09-22]. 12:59:02 Zakim has left #tagmem 12:59:19 Zakim has joined #tagmem 12:59:27 zakim, who is your daddy? 12:59:27 Ralph is taking good care of me but you all are my family, jar 13:02:48 noah: If I stand up at TPAC and say these are our priorities, are these the right ones 13:03:56 noah: how do you feel about that? 13:05:57 noah: we're about to burn person-months on these topics ... is this the right stuff? 13:06:31 noah: does this feel like the right work plan? 13:06:56 dan: missing HTML.next and workshop on web applications 13:08:07 ((noah editing html.next into list)) 13:10:09 jar: there are a lot of things we're talking about and thinking about, most of them not well-formed enough to put on a list like this 13:12:05 ((discussion of microdata/RDFa)) 13:12:48 JAR: I think the linking report is more important than microdata/RDFa work 13:13:16 JAR: it's already gone on months beyond where I think it would go 13:18:32 ((discussion of microdata/RDFa not a 'TAG' task force)) 13:22:51 Larry: the task force is just a effort to help HTML working group resolve the problem, but ultimate responsibility is HTML WG. 13:23:51 ((discussion of Jeni's priorities)) 13:28:40 larry: suggest presentation to AC about TAG priorities and ask for feedback 13:29:02 topic: wrap-up 13:33:58 ht: another entry for the 'we should work on' list is identity 13:34:13 s/we should work on/train wreck/ 13:34:43 Another for train wrecks: privacy, security. 13:35:02 s/we should work on/train wrecks/ 13:35:32 timbl: the standardization around single sign-on .... 13:35:52 ht: reliable attribution in semantic web 13:36:04 jar: it's much more about accountability than attribution 13:37:23 point out http://www.w3.org/html/wg/tracker/issues/175 13:38:14 s/point/larry: points/ 13:38:55 timbl: we should put together some research projects .... 13:39:18 ((discussion of access control and provenence ...)) 13:39:47 Larry: want to ask about http://www.w3.org/2011/prov/wiki/Main_Page 13:40:01 q+ 13:40:12 ht: at this point worth mentioning afs, based on groups 13:41:10 ((afs requires daily login)) 13:41:42 timbl: kerberos and shibboleth open source public key infrastructure 13:43:22 timbl: would be very valuable for identity to be a URL 13:44:58 ashok: henry is talking about verified identity 13:45:25 ashok: most people think that's too heavy weight, and they resist 13:45:35 s/URL/HTTP URL/ 13:45:50 s/pubic key// 13:47:48 http://www.gpgtools.org/ 13:48:32 lion mail plugin: https://github.com/downloads/GPGTools/GPGMail/GPGMail-2.0a4.dmg 13:48:45 I'm at http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0x9239C98B1017581A 13:49:24 larry: move to adjourn 13:50:11 discuss next meeting & phone conference 13:51:12 TAG phone conference of sept 22 is cancelled 13:51:34 TAG next phone conference is sept 29th 13:53:36 ADJOURNED 13:53:39 GPGMail is not yet compatbile and will be disabled by Apple Mail on first startup after updating to Mac OS X Lion. 13:55:08 RRSagent, adjourn 13:55:08 I'm logging. I don't understand 'adjourn', masinter. Try /msg RRSAgent help 13:55:13 RRSagent help 13:58:13 My right key ends in E7 14:00:40 jar has joined #tagmem 14:05:54 ht has joined #tagmem 14:20:32 DKA has joined #tagmem 14:21:14 Made the train. :) BTW my key ends with F6. 14:49:44 timbl has joined #tagmem 15:40:53 plinss_ has joined #tagmem 16:00:58 Zakim has left #tagmem 17:32:14 trackbot has joined #tagmem