20:53:34 RRSAgent has joined #webappsec 20:53:34 logging to http://www.w3.org/2012/03/13-webappsec-irc 20:53:36 RRSAgent, make logs world 20:53:38 Zakim, this will be 20:53:38 I don't understand 'this will be', trackbot 20:53:39 Meeting: Web Application Security Working Group Teleconference 20:53:39 Date: 13 March 2012 20:53:56 zakim, this will be 92794 20:53:56 ok, bhill2; I see SEC_WASWG()5:00PM scheduled to start in 7 minutes 20:55:07 Chair:bhill2 20:56:14 Scribe: Gopal Raghavan 20:56:20 ScribeNick: gopal 20:56:21 bhill21 has joined #webappsec 20:58:17 SEC_WASWG()5:00PM has now started 20:58:18 + +1.650.648.aaaa 20:58:55 +??P4 20:58:57 -??P4 20:58:57 +??P4 20:59:10 abarth has joined #webappsec 20:59:40 + +1.978.944.aabb 20:59:58 Zakim, ??P4 is gioma1 20:59:58 +gioma1; got it 21:00:01 jeffh has joined #webappsec 21:00:09 + +1.206.245.aacc 21:00:35 + +1.425.865.aadd 21:00:49 Meeting: WebAppSec bi-weekly call 3/13/2012 21:01:03 Chair: bhill2 erescorla 21:01:09 + +1.650.678.aaee 21:01:21 + +1.866.317.aaff 21:01:40 Agenda: http://lists.w3.org/Archives/Public/public-webappsec/2012Mar/0035.html 21:01:49 zakim, aacc is bhill2 21:01:49 +bhill2; got it 21:02:44 +[Mozilla] 21:03:11 corycarson has joined #webappsec 21:03:18 dunno how to ident 21:03:33 how do we get zakim to list the phone numbers it has? 21:03:42 zakim, [phone alpha suffix] is [your name] 21:03:42 I don't understand '[phone alpha suffix] is [your name]', bhill21 21:03:59 Zakim, who is here? 21:03:59 On the phone I see +1.650.648.aaaa, gioma1, +1.978.944.aabb, bhill2, +1.425.865.aadd, +1.650.678.aaee, +1.866.317.aaff, [Mozilla] 21:03:59 zakim seems to be more forgetful than I remember 21:04:01 On IRC I see corycarson, jeffh, abarth, bhill21, RRSAgent, Zakim, gioma1, bhill2, dveditz, gopal, trackbot 21:04:20 Zakim, aaee is abarth 21:04:20 +abarth; got it 21:05:57 roll call 21:06:34 corycarson has joined #webappsec 21:07:17 + +1.415.832.aagg 21:07:18 +??P8 21:07:36 cory and tanvi will be able to be added to the scribe list 21:08:05 zakim, ??P8 is gioma1 21:08:05 +gioma1; got it 21:08:39 bhill2: minutes of 2/28 updated, are there any objections 21:08:53 bhill2: no objects to minutes of last call 21:08:54 puhley has joined #webappsec 21:10:18 bhill2: any volunteers for action-35? 21:10:38 abarth: anyone can take it that will be great 21:11:16 ACTION bhill2 to find a new owner for action-35 21:11:16 Created ACTION-54 - Find a new owner for action-35 [on Brad Hill - due 2012-03-20]. 21:11:42 + +1.408.320.aahh 21:12:07 bhill2: next item is action-36, David Huang 21:12:23 David is in w3c meeting 21:12:37 bhill2: any updates on action-51 ? 21:14:20 jeffh: will get it through next week 21:14:39 bhill2: next item is action-52 21:15:15 bhill2: accomplished, will close the action item 21:15:24 + +1.831.246.aaii 21:15:30 bhill2: action-53 can be marked closed 21:15:37 zakim, aaii is dveditz 21:15:37 +dveditz; got it 21:16:11 bhill21: no pending item on item this time 21:16:50 bhill21: last call we had discussion on policy-uri discussion, we decided to do straw poll 21:17:08 bhill21: 4 votes, 50-50 again 21:17:30 bhill21: remove from link at facebook 21:18:29 bhill21: Any one who has not already expressed their vote has a preference? 21:18:46 bhill21: what is implementation status, is it in webkit? 21:18:59 abarth: implemented in firefox and not in webkit 21:19:08 meta-tag is in webkit and not firefox 21:19:35 looks like we have an additional issues we need to raise 21:20:09 tanvi: i don't know of the moment 21:20:48 ISSUE should we retain the meta tag implementation from CSP? 21:21:42 dan, georgia, do you have any strong objection ? 21:22:05 based on straw poll results and lack of two implementations we resolve to remove the policy-uri directive 21:23:19 bhil21: issue 14 opened and we can talk about that on irc 21:23:46 bhill21: any further objects to core last call 21:23:55 s/objects/objections 21:24:25 bhill21: didn't hear any objections 21:24:32 attend in person 21:24:47 bhill21: indicate if you would be able to attend F2F 21:25:02 bhill plans to attend F2F 21:25:03 Dan: if I am available will definitely be there 21:25:05 I plan to attend 21:25:13 ekr plans to attend 21:25:15 I cannot be there 21:25:17 tanvi plans to attend 21:25:18 tanvi: yes 21:25:44 I plan to attend the meeting 21:25:44 abarth plans to attend 21:25:47 will confirm in couple of days 21:26:20 bhill21: think about what is beyond this agenda 21:26:40 bhill21: big item is testing and developing test suite 21:27:28 bhill21: anti-clickjacking work, csp 1.1 21:27:36 are there any other major topics? 21:27:58 bhill21: will take an action to put together agenda 21:28:27 ACTION to bhill2 to put together F2F agenda proposal for list 21:28:27 Sorry, couldn't find user - to 21:28:40 ACTION bhill2 to put together F2F agenda proposal for list 21:28:40 Created ACTION-55 - Put together F2F agenda proposal for list [on Brad Hill - due 2012-03-20]. 21:29:11 bhill21: end of items in todays agenda, any other topics? 21:29:25 thanks, will talk in 2 weeks 21:29:37 -abarth 21:29:38 - +1.408.320.aahh 21:29:38 - +1.866.317.aaff 21:29:39 - +1.650.648.aaaa 21:29:39 - +1.415.832.aagg 21:29:40 -[Mozilla] 21:29:40 -dveditz 21:29:41 - +1.425.865.aadd 21:29:44 -bhill2 21:29:46 -gioma1.a 21:29:55 zakim, list attendees 21:29:55 As of this point the attendees have been +1.650.648.aaaa, +1.978.944.aabb, gioma1, +1.206.245.aacc, +1.425.865.aadd, +1.650.678.aaee, +1.866.317.aaff, bhill2, [Mozilla], abarth, 21:29:58 ... +1.415.832.aagg, +1.408.320.aahh, +1.831.246.aaii, dveditz 21:30:06 zakim, list attendees 21:30:06 As of this point the attendees have been +1.650.648.aaaa, +1.978.944.aabb, gioma1, +1.206.245.aacc, +1.425.865.aadd, +1.650.678.aaee, +1.866.317.aaff, bhill2, [Mozilla], abarth, 21:30:10 ... +1.415.832.aagg, +1.408.320.aahh, +1.831.246.aaii, dveditz 21:30:18 RRSAgent, set logs public-visible 21:30:37 RRSAgent, make minutes 21:30:37 I have made the request to generate http://www.w3.org/2012/03/13-webappsec-minutes.html gopal 21:30:45 thanks for scrib ing, gopal 21:31:05 bhill21: np, 21:40:49 - +1.978.944.aabb 21:52:53 gopal has joined #webappsec 22:05:01 disconnecting the lone participant, gioma1, in SEC_WASWG()5:00PM 22:05:02 SEC_WASWG()5:00PM has ended 22:05:02 Attendees were +1.650.648.aaaa, +1.978.944.aabb, gioma1, +1.206.245.aacc, +1.425.865.aadd, +1.650.678.aaee, +1.866.317.aaff, bhill2, [Mozilla], abarth, +1.415.832.aagg, 22:05:02 ... +1.408.320.aahh, +1.831.246.aaii, dveditz 22:09:40 bhill2 has joined #webappsec 22:09:44 bhill21 has joined #webappsec 22:12:51 bhill2 has joined #webappsec 22:13:24 bhill21 has joined #webappsec 22:46:58 bhill2 has joined #webappsec 22:48:41 bhill21 has joined #webappsec 22:50:31 bhill2 has joined #webappsec 22:52:31 bhill21 has joined #webappsec 22:54:31 bhill2 has joined #webappsec 22:58:42 bhill2 has joined #webappsec 23:17:12 Zakim, aaii is dveditz 23:17:12 sorry, dveditz, I do not recognize a party named 'aaii' 23:17:26 ok, it was a while ago