<bhill2> Scribe: David Huang

<bhill2> Scribenick: dhuang3

<erlend> np

<bhill2> guess we'll have to fix that in the notes later

<bhill2> http://www.w3.org/2012/12/04-webappsec-minutes.html

<bhill2> draft minutes from last teleconference

<ekr_> Having some phone glitches

<bhill2> http://lists.w3.org/Archives/Public/public-webappsec/2012Dec/0027.html

<bhill2> any new items for the agenda?

no new items for agenda

bhill2: congrats to csp 1.1 fpwd

<bhill2> http://www.w3.org/2011/webappsec/track/actions/open

<ekr_> brad, I can edit the tracker if you want to talk

bhill2: closing action 70

heavy echo, can't hear

<ekr_> that's awesome

bhill2: action 87 remain open, new mail on list today
... closing action 90, dross intends to participate
... action 92 still open, no changes yet
... action 93, removed by mike
... action 99 closed
... action 100, 87 closed
... action 103 closed, has responded
... update on cors to cr, next publication date is jan 2
... addressed some small bugs
... have some requests on CSP reporting
... any opinions?

tobias: wonder if the level of detail in reports would be concerning?

mike: line numbers of JS may avoid leaking sensitive information, don't see major security impact

<dveditz> question: which list do we use, public-web-security seems to be "official", but the WG page on w3.org still points at public-webappsec?

<dveditz> both seem active

bhill2: may address some of that by avoiding interference of extensions and csp
... and also intermediate devices

tobias: is there any overflow risk? probably not

<jeffh> dveditz: public-webappsec@w3.org is the WG list

bhill2: gioma responded on list about UI safety/security/integrity

<dveditz> jeffh: oh, I reversed it? OK, the names make more sense then

bhill2: security/safety... integrity of information or integrity of person, any objections or preference to changing name?
... slighty favor UI security over UI integrity

<jeffh> sounds fine

<bhill2> ACTION to bhill2 change short name from UI Safety to UI Security on next WD publication

<trackbot> Sorry, couldn't find to. You can review and register nicknames at <http://www.w3.org/2011/webappsec/track/users>.

bhill2: no objections changing to UI security

<bhill2> ACTION bhill2 to change short name from UI Safety to UI Security on next WD publication

<trackbot> Created ACTION-105 - Change short name from UI Safety to UI Security on next WD publication [on Brad Hill - due 2012-12-25].

<bhill2> http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2012-November/038213.html

bhill2: should wait for abarth to discuss this

<jeffh> dveditz: public-web-security@ is the list for <http://www.w3.org/Security/wiki/IG> but was the precursor list for the WebAppSec WG

bhill2: next call will be skipped

This is scribe.perl Revision: 1.137  of Date: 2012/09/20 20:19:01  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

Succeeded: s/erlent/erlend/
Found Scribe: David Huang
Found ScribeNick: dhuang3

WARNING: No "Topic:" lines found.

Default Present: abresee, +1.408.320.aaaa, gioma1, +1.781.362.aabb, bhill2, dhuang3, gopal, tgondrom, erlend, +1.415.832.aacc, +1.650.214.aadd, mkwst, ekr, dveditz
Present: abresee +1.408.320.aaaa gioma1 +1.781.362.aabb bhill2 dhuang3 gopal tgondrom erlend +1.415.832.aacc +1.650.214.aadd mkwst ekr dveditz
Agenda: http://lists.w3.org/Archives/Public/public-webappsec/2012Dec/0027.html
Got date from IRC log name: 18 Dec 2012
Guessing minutes URL: http://www.w3.org/2012/12/18-webappsec-minutes.html
People with action items: 

WARNING: Input appears to use implicit continuation lines.
You may need the "-implicitContinuations" option.


WARNING: No "Topic: ..." lines found!  
Resulting HTML may have an empty (invalid) <ol>...</ol>.

Explanation: "Topic: ..." lines are used to indicate the start of 
new discussion topics or agenda items, such as:
<dbooth> Topic: Review of Amy's report