IRC log of webappsec on 2012-03-13

Timestamps are in UTC.

20:53:34 [RRSAgent]
RRSAgent has joined #webappsec
20:53:34 [RRSAgent]
logging to
20:53:36 [trackbot]
RRSAgent, make logs world
20:53:38 [trackbot]
Zakim, this will be
20:53:38 [Zakim]
I don't understand 'this will be', trackbot
20:53:39 [trackbot]
Meeting: Web Application Security Working Group Teleconference
20:53:39 [trackbot]
Date: 13 March 2012
20:53:56 [bhill2]
zakim, this will be 92794
20:53:56 [Zakim]
ok, bhill2; I see SEC_WASWG()5:00PM scheduled to start in 7 minutes
20:55:07 [gopal]
20:56:14 [gopal]
Scribe: Gopal Raghavan
20:56:20 [gopal]
ScribeNick: gopal
20:56:21 [bhill21]
bhill21 has joined #webappsec
20:58:17 [Zakim]
SEC_WASWG()5:00PM has now started
20:58:18 [Zakim]
+ +1.650.648.aaaa
20:58:55 [Zakim]
20:58:57 [Zakim]
20:58:57 [Zakim]
20:59:10 [abarth]
abarth has joined #webappsec
20:59:40 [Zakim]
+ +1.978.944.aabb
20:59:58 [gioma1]
Zakim, ??P4 is gioma1
20:59:58 [Zakim]
+gioma1; got it
21:00:01 [jeffh]
jeffh has joined #webappsec
21:00:09 [Zakim]
+ +1.206.245.aacc
21:00:35 [Zakim]
+ +1.425.865.aadd
21:00:49 [bhill21]
Meeting: WebAppSec bi-weekly call 3/13/2012
21:01:03 [bhill21]
Chair: bhill2 erescorla
21:01:09 [Zakim]
+ +1.650.678.aaee
21:01:21 [Zakim]
+ +1.866.317.aaff
21:01:40 [bhill21]
21:01:49 [bhill21]
zakim, aacc is bhill2
21:01:49 [Zakim]
+bhill2; got it
21:02:44 [Zakim]
21:03:11 [corycarson]
corycarson has joined #webappsec
21:03:18 [jeffh]
dunno how to ident
21:03:33 [abarth]
how do we get zakim to list the phone numbers it has?
21:03:42 [bhill21]
zakim, [phone alpha suffix] is [your name]
21:03:42 [Zakim]
I don't understand '[phone alpha suffix] is [your name]', bhill21
21:03:59 [gopal]
Zakim, who is here?
21:03:59 [Zakim]
On the phone I see +1.650.648.aaaa, gioma1, +1.978.944.aabb, bhill2, +1.425.865.aadd, +1.650.678.aaee, +1.866.317.aaff, [Mozilla]
21:03:59 [bhill21]
zakim seems to be more forgetful than I remember
21:04:01 [Zakim]
On IRC I see corycarson, jeffh, abarth, bhill21, RRSAgent, Zakim, gioma1, bhill2, dveditz, gopal, trackbot
21:04:20 [abarth]
Zakim, aaee is abarth
21:04:20 [Zakim]
+abarth; got it
21:05:57 [gopal]
roll call
21:06:34 [corycarson]
corycarson has joined #webappsec
21:07:17 [Zakim]
+ +1.415.832.aagg
21:07:18 [Zakim]
21:07:36 [bhill21]
cory and tanvi will be able to be added to the scribe list
21:08:05 [gioma1]
zakim, ??P8 is gioma1
21:08:05 [Zakim]
+gioma1; got it
21:08:39 [gopal]
bhill2: minutes of 2/28 updated, are there any objections
21:08:53 [gopal]
bhill2: no objects to minutes of last call
21:08:54 [puhley]
puhley has joined #webappsec
21:10:18 [gopal]
bhill2: any volunteers for action-35?
21:10:38 [gopal]
abarth: anyone can take it that will be great
21:11:16 [bhill21]
ACTION bhill2 to find a new owner for action-35
21:11:16 [trackbot]
Created ACTION-54 - Find a new owner for action-35 [on Brad Hill - due 2012-03-20].
21:11:42 [Zakim]
+ +1.408.320.aahh
21:12:07 [gopal]
bhill2: next item is action-36, David Huang
21:12:23 [gopal]
David is in w3c meeting
21:12:37 [gopal]
bhill2: any updates on action-51 ?
21:14:20 [gopal]
jeffh: will get it through next week
21:14:39 [gopal]
bhill2: next item is action-52
21:15:15 [gopal]
bhill2: accomplished, will close the action item
21:15:24 [Zakim]
+ +1.831.246.aaii
21:15:30 [gopal]
bhill2: action-53 can be marked closed
21:15:37 [bhill21]
zakim, aaii is dveditz
21:15:37 [Zakim]
+dveditz; got it
21:16:11 [gopal]
bhill21: no pending item on item this time
21:16:50 [gopal]
bhill21: last call we had discussion on policy-uri discussion, we decided to do straw poll
21:17:08 [gopal]
bhill21: 4 votes, 50-50 again
21:17:30 [gopal]
bhill21: remove from link at facebook
21:18:29 [gopal]
bhill21: Any one who has not already expressed their vote has a preference?
21:18:46 [gopal]
bhill21: what is implementation status, is it in webkit?
21:18:59 [gopal]
abarth: implemented in firefox and not in webkit
21:19:08 [gopal]
meta-tag is in webkit and not firefox
21:19:35 [gopal]
looks like we have an additional issues we need to raise
21:20:09 [gopal]
tanvi: i don't know of the moment
21:20:48 [bhill21]
ISSUE should we retain the meta tag implementation from CSP?
21:21:42 [gopal]
dan, georgia, do you have any strong objection ?
21:22:05 [bhill21]
based on straw poll results and lack of two implementations we resolve to remove the policy-uri directive
21:23:19 [gopal]
bhil21: issue 14 opened and we can talk about that on irc
21:23:46 [gopal]
bhill21: any further objects to core last call
21:23:55 [gopal]
21:24:25 [gopal]
bhill21: didn't hear any objections
21:24:32 [jeffh]
attend in person
21:24:47 [gopal]
bhill21: indicate if you would be able to attend F2F
21:25:02 [bhill21]
bhill plans to attend F2F
21:25:03 [gopal]
Dan: if I am available will definitely be there
21:25:05 [corycarson]
I plan to attend
21:25:13 [bhill21]
ekr plans to attend
21:25:15 [gioma1]
I cannot be there
21:25:17 [bhill21]
tanvi plans to attend
21:25:18 [gopal]
tanvi: yes
21:25:44 [puhley]
I plan to attend the meeting
21:25:44 [bhill21]
abarth plans to attend
21:25:47 [gopal]
will confirm in couple of days
21:26:20 [gopal]
bhill21: think about what is beyond this agenda
21:26:40 [gopal]
bhill21: big item is testing and developing test suite
21:27:28 [gopal]
bhill21: anti-clickjacking work, csp 1.1
21:27:36 [gopal]
are there any other major topics?
21:27:58 [gopal]
bhill21: will take an action to put together agenda
21:28:27 [bhill21]
ACTION to bhill2 to put together F2F agenda proposal for list
21:28:27 [trackbot]
Sorry, couldn't find user - to
21:28:40 [bhill21]
ACTION bhill2 to put together F2F agenda proposal for list
21:28:40 [trackbot]
Created ACTION-55 - Put together F2F agenda proposal for list [on Brad Hill - due 2012-03-20].
21:29:11 [gopal]
bhill21: end of items in todays agenda, any other topics?
21:29:25 [gopal]
thanks, will talk in 2 weeks
21:29:37 [Zakim]
21:29:38 [Zakim]
- +1.408.320.aahh
21:29:38 [Zakim]
- +1.866.317.aaff
21:29:39 [Zakim]
- +1.650.648.aaaa
21:29:39 [Zakim]
- +1.415.832.aagg
21:29:40 [Zakim]
21:29:40 [Zakim]
21:29:41 [Zakim]
- +1.425.865.aadd
21:29:44 [Zakim]
21:29:46 [Zakim]
21:29:55 [gopal]
zakim, list attendees
21:29:55 [Zakim]
As of this point the attendees have been +1.650.648.aaaa, +1.978.944.aabb, gioma1, +1.206.245.aacc, +1.425.865.aadd, +1.650.678.aaee, +1.866.317.aaff, bhill2, [Mozilla], abarth,
21:29:58 [Zakim]
... +1.415.832.aagg, +1.408.320.aahh, +1.831.246.aaii, dveditz
21:30:06 [bhill21]
zakim, list attendees
21:30:06 [Zakim]
As of this point the attendees have been +1.650.648.aaaa, +1.978.944.aabb, gioma1, +1.206.245.aacc, +1.425.865.aadd, +1.650.678.aaee, +1.866.317.aaff, bhill2, [Mozilla], abarth,
21:30:10 [Zakim]
... +1.415.832.aagg, +1.408.320.aahh, +1.831.246.aaii, dveditz
21:30:18 [gopal]
RRSAgent, set logs public-visible
21:30:37 [gopal]
RRSAgent, make minutes
21:30:37 [RRSAgent]
I have made the request to generate gopal
21:30:45 [bhill21]
thanks for scrib ing, gopal
21:31:05 [gopal]
bhill21: np,
21:40:49 [Zakim]
- +1.978.944.aabb
21:52:53 [gopal]
gopal has joined #webappsec
22:05:01 [Zakim]
disconnecting the lone participant, gioma1, in SEC_WASWG()5:00PM
22:05:02 [Zakim]
SEC_WASWG()5:00PM has ended
22:05:02 [Zakim]
Attendees were +1.650.648.aaaa, +1.978.944.aabb, gioma1, +1.206.245.aacc, +1.425.865.aadd, +1.650.678.aaee, +1.866.317.aaff, bhill2, [Mozilla], abarth, +1.415.832.aagg,
22:05:02 [Zakim]
... +1.408.320.aahh, +1.831.246.aaii, dveditz
22:09:40 [bhill2]
bhill2 has joined #webappsec
22:09:44 [bhill21]
bhill21 has joined #webappsec
22:12:51 [bhill2]
bhill2 has joined #webappsec
22:13:24 [bhill21]
bhill21 has joined #webappsec
22:46:58 [bhill2]
bhill2 has joined #webappsec
22:48:41 [bhill21]
bhill21 has joined #webappsec
22:50:31 [bhill2]
bhill2 has joined #webappsec
22:52:31 [bhill21]
bhill21 has joined #webappsec
22:54:31 [bhill2]
bhill2 has joined #webappsec
22:58:42 [bhill2]
bhill2 has joined #webappsec
23:17:12 [dveditz]
Zakim, aaii is dveditz
23:17:12 [Zakim]
sorry, dveditz, I do not recognize a party named 'aaii'
23:17:26 [dveditz]
ok, it was a while ago