Web Application Security Working Group Teleconference

13 Mar 2012


See also: IRC log


+1.650.648.aaaa, +1.978.944.aabb, gioma1, +1.206.245.aacc, +1.425.865.aadd, +1.650.678.aaee, +1.866.317.aaff, bhill2, [Mozilla], abarth, +1.415.832.aagg, +1.408.320.aahh, +1.831.246.aaii, dveditz
Gopal Raghavan


<trackbot> Date: 13 March 2012

<scribe> Scribe: Gopal Raghavan

<scribe> ScribeNick: gopal

<bhill21> Meeting: WebAppSec bi-weekly call 3/13/2012

<bhill21> Chair: bhill2 erescorla

<jeffh> dunno how to ident

<abarth> how do we get zakim to list the phone numbers it has?

<bhill21> zakim seems to be more forgetful than I remember

roll call

<bhill21> cory and tanvi will be able to be added to the scribe list

bhill2: minutes of 2/28 updated, are there any objections
... no objects to minutes of last call
... any volunteers for action-35?

abarth: anyone can take it that will be great

<bhill21> ACTION bhill2 to find a new owner for action-35

<trackbot> Created ACTION-54 - Find a new owner for action-35 [on Brad Hill - due 2012-03-20].

bhill2: next item is action-36, David Huang

David is in w3c meeting

bhill2: any updates on action-51 ?

jeffh: will get it through next week

bhill2: next item is action-52
... accomplished, will close the action item
... action-53 can be marked closed

bhill21: no pending item on item this time
... last call we had discussion on policy-uri discussion, we decided to do straw poll
... 4 votes, 50-50 again
... remove from link at facebook
... Any one who has not already expressed their vote has a preference?
... what is implementation status, is it in webkit?

abarth: implemented in firefox and not in webkit

meta-tag is in webkit and not firefox

looks like we have an additional issues we need to raise

tanvi: i don't know of the moment

<bhill21> ISSUE should we retain the meta tag implementation from CSP?

dan, georgia, do you have any strong objection ?

<bhill21> based on straw poll results and lack of two implementations we resolve to remove the policy-uri directive

bhil21: issue 14 opened and we can talk about that on irc

bhill21: any further objections to core last call
... didn't hear any objections

<jeffh> attend in person

bhill21: indicate if you would be able to attend F2F

<bhill21> bhill plans to attend F2F

Dan: if I am available will definitely be there

<corycarson> I plan to attend

<bhill21> ekr plans to attend

<gioma1> I cannot be there

<bhill21> tanvi plans to attend

tanvi: yes

<puhley> I plan to attend the meeting

<bhill21> abarth plans to attend

will confirm in couple of days

bhill21: think about what is beyond this agenda
... big item is testing and developing test suite
... anti-clickjacking work, csp 1.1

are there any other major topics?

bhill21: will take an action to put together agenda

<bhill21> ACTION to bhill2 to put together F2F agenda proposal for list

<trackbot> Sorry, couldn't find user - to

<bhill21> ACTION bhill2 to put together F2F agenda proposal for list

<trackbot> Created ACTION-55 - Put together F2F agenda proposal for list [on Brad Hill - due 2012-03-20].

bhill21: end of items in todays agenda, any other topics?

thanks, will talk in 2 weeks

Summary of Action Items

[End of minutes]