- From: Norman Walsh <ndw@nwalsh.com>
- Date: Wed, 15 Oct 2008 15:58:46 -0400
- To: www-tag@w3.org
- Message-ID: <m2y70ptytl.fsf@nwalsh.com>
See http://www.w3.org/2001/tag/2008/10/09-minutes
[1]W3C
- DRAFT -
TAG Weekly
09 Oct 2008
[2]Agenda
See also: [3]IRC log
Attendees
Present
Stuart, Henry, Norm, Dan, Raman, Ashok, Dave
Regrets
Tim, Noah
Chair
Stuart Williams
Scribe
Jonathan Rees, Norm Walsh
Contents
* [4]Topics
1. [5]Convene
2. [6]F2f Minutes
3. [7]Responding to Content Transformation Guidelines
4. [8]Passwords in the clear ISSUE-52
5. [9]Issue binaryXML-30
6. [10]TAG @ TPAC
7. [11]Action item review
8. [12]Any other business?
* [13]Summary of Action Items
--------------------------------------------------------------------------
<Stuart> scribe: Norm Walsh
<Norm> scribenick: norm
Convene
Agenda accepted.
Stuart: Propose we accept the minutes from last week's meeting
Accepted.
Next meeting: 16 Oct
For next week, regrets from Norm, Tim, Ashok
Dave agrees to scribe 16 Oct
F2f Minutes
Stuart: Thanks to all for bringing them together.
... Propose we accept those as a record of our f2f meeting in October
No objections, no abstentions.
Accepted.
Stuart: We should announce them, I'll do that.
Responding to Content Transformation Guidelines
Stuart: Norm was to review this and see if it was something we needed to
take a look at.
Norm: Dan moved it to be due next week, I'll endeavor to review it before
then
Passwords in the clear ISSUE-52
Stuart: Dave, can you bring us up to date?
<DaveO>
[14]http://www.w3.org/2001/tag/doc/passwordsInTheClear-52-20081008.html
Dave: I made two major changes. The first in section 2.
... Changed the good practice to read "Clear text passwords are a serious
security risk. Transmit passwords in the clear only in interactions that
do not need to be secure and do not lead to the new vulnerabilities in
other interactions."
... I added two sentences to the following paragraph to warn against
reusing passwords that are sent in the clear.
... The other thing I did was in 2.1.1
... I added a reference to the background on digest authentication and
salted hashes.
Stuart: Are there any TAG members who have re-read it recently and have
comments?
Dan: Mostly I've been looking at the first good practice note.
... But I've got no comments.
Ashok: Stuart, there were a couple of emails about this. One said that you
should never transmit passwords in the clear.
Dan: None of the messages suggest improvements; you can't please everyone.
Henry: I think the GPNs now read in a good, escalating sequence. I find
the second one slightly awkward after the comma, but I can live with it. I
think we should take this forward.
Raman: I think it's time we published it. We aren't going to get any new
insights from this. Mostly we've been wordsmithing.
Ashok: I agree.
Jonathan: So do I
Norm: I'm happy with it.
Dave: So we're going to publish this as an approved finding?
Henry: Yes
Dave: I've already fixed the small editorial issues.
Henry: It's not valid HTML.
<DanC> (I'd rather not use so much screenspace for previous versions.)
<Norm> (Yes, the last three or so would be fine by me)
Stuart: I propose that the TAG publishes this as an approved finding, with
some latitude to the editor to make the HTML valid and clean up the
boilerplate.
Dave: I second.
<DanC> (pls get any changes confirmed by another set of eyeballs from 1.26
on)
Stuart: Objections?
... None.
<ht> There are also broken links -- see
[15]http://validator.w3.org/checklink?url=http://www.w3.org/2001/tag/doc/passwordsInTheClear-52-20081008
Stuart: Abstentions?
... None.
RESOLUTION: We will publish this as an approved finding.
Issue binaryXML-30
Stuart: Henry has finished ACTION-93, which leaves us with 176 and 177 on
Noah, Dave, and Stuart.
... There are more WDs out there, do we need to discuss them?
Henry: There's been no reply to my message of last Thursday, I'll ping
them again.
Stuart: No one has substantive discussion for this week? We can move on
then.
TAG @ TPAC
Stuart: Meeting with other WGs. I followed up with the HTML WG chair. I
also saw on the TAG mailing list, Raman forwarded some extract of an HTML
WG minutes that suggest that there may be some misunderstanding there.
... I'm wondering if we need to clarify.
Raman: I think that would be useful. I think we should keep it focussed on
making the spec more managable.
Henry: With respect, I think we need to cover both topics. We don't have
to argue to get the other one in there because their initial response was
to say taht we should look at the URI issue.
Raman: The demarkation issue is different, I meant more about
modularization wrt other W3C specs, namespaces, etc.
... I don't want that to fall into the namespaces discussion and get lost.
Stuart: I think they just don't know what we meant by "modularization of
the spec".
Henry: I think we should clarify that.
Stuart: So I should send some clarifaction to Mike and Chris saying that
we've observed their minutes and make it clear what our concerns are.
... With respect to the plenary day panel session, you all know just as
much as I do from the email.
... I think, at least from Noah's email, there was at least a tentative
suggestion that TAG participation in that panel would amount to maybe Tim
plus two other tag members.
... Noah indicated a willingness to participate, though he wanted the TAG
to make the choice.
... Do we have an guidance that we'd like to give Chris and Noah about the
session itself and also who would staff the panel with?
Norm: Who all is going?
Stuart: Regrets from Stuart, Jonathan, Henry, and Dave for Wednesday.
... Stuart, Jonathan, and Dave will be absent the whole week.
Norm: I'm certainly willing to.
Stuart: Raman, Dan, Norm, Noah are going to be there.
Dan: I'm willing, but I don't think my perspective is different from
Tim's.
Raman: I don't feel enough ownership of the WebArch document, so I'd
rather not participate.
<Zakim> ht, you wanted to nominate Noah and Norm
Henry: It's clear how this is going: let's have Tim, Noah, and Norm
Stuart: Proposal: Tim, Noah, and Norm to participate in the panel
Raman: I think that's a good idea.
Accepted.
Ashok: Before we move on...
... We've gotten lots of mail about what meetings we're supposed to
participate in. What are they?
Stuart: There are only two, you might have seen more mail, but there are
only two at the moment.
... Meeting with the Web Applications WG from 2-3p on Monday
... And a meeting with the HTML WG between the morning break and lunchtime
on Thursday.
... There was a standing invitation from the WAI WG, but they weren't
specifically saying they have things they want to talk about.
<Stuart> [16]http://www.w3.org/2001/tag/group/track/actions/overdue
Action item review
Stuart: There are a bunch of overdue items, let's see if we can each clean
them up.
... Either update the dates, request to have it withdrawn, or note that it
has been finished but that the action remains incorrectly open.
<Stuart> [17]http://www.w3.org/2001/tag/group/track/
<jar> I pushed ACTION-178 way out... it's going to take some work. I hope
to get to it much sooner than the given date
<DanC> action-152?
<trackbot> ACTION-152 -- Jonathan Rees to review overlap between the HCLSI
URI note and HT's w.r.t. contribution to TAG finding on UrnsAndRegistries
-- due 2008-05-27 -- OPEN
<trackbot> [18]http://www.w3.org/2001/tag/group/track/actions/152
<DanC> close action-152
<trackbot> ACTION-152 Review overlap between the HCLSI URI note and HT's
w.r.t. contribution to TAG finding on UrnsAndRegistries closed
Henry: Jonathan is helping out, but I'm happy to have that one closed.
action-142?
<trackbot> ACTION-142 -- Norman Walsh to review Raman's draft of
webApplicationState-60 -- due 2008-06-04 -- OPEN
<trackbot> [19]http://www.w3.org/2001/tag/group/track/actions/142
Norm: Ok, I guess that one still stands.
action-146?
<trackbot> ACTION-146 -- Norman Walsh to review 2008-05-13 versioning
draft -- due 2008-05-26 -- OPEN
<trackbot> [20]http://www.w3.org/2001/tag/group/track/actions/146
close action-146
<trackbot> ACTION-146 Review 2008-05-13 versioning draft closed
<DanC> action-175?
<trackbot> ACTION-175 -- Stuart Williams to collect input from TimBL and
others and revise issue description -- due 2008-09-30 -- OPEN
<trackbot> [21]http://www.w3.org/2001/tag/group/track/actions/175
Stuart: We have an email thread and I meant to confirm with the TAG that
they're happy with the change.
... I got a looks good to me response from Drummond Reese which would
basically end it.
<jar> Pushed ACTION-181 out 2 weeks... need to find out what I need from
Dave O (sources, use case, etc.)
<jar> [22]http://www.w3.org/2001/tag/group/track/actions/184 is relevant
and truly overdue.
<DanC> (Dave, you have 6 actions related to XMLVersioning-41 ; wanna
guestimate due dates?)
<DanC> action-133?
<trackbot> ACTION-133 -- David Orchard to ask raman what he thinks should
be done wrt css versioning -- due 2008-04-17 -- OPEN
<trackbot> [23]http://www.w3.org/2001/tag/group/track/actions/133
<DanC> close action-133
<trackbot> ACTION-133 Ask raman what he thinks should be done wrt css
versioning closed
<DanC> close action-159
<trackbot> ACTION-159 Update compatibility strategies document in response
to f2f discussion closed
<DanC> action-182 due 23 Oct 2008
<trackbot> ACTION-182 Provide example for jar to work into the formalism
due date now 23 Oct 2008
<DanC> DO: NVDL is now out of scope
<DanC> close action-16
<trackbot> ACTION-16 Incorporate the NVDL text into the findings. closed
<DanC> action-165 due 30 Oct 2008
<trackbot> ACTION-165 Formulate erratum text on versioning for the web
architecture document due date now 30 Oct 2008
The TAG discussed and rearranged a variety of open actions
Any other business?
Dave: There's some web services work I'd like to discuss.
Raman: I think we're short changing ourselves if we wait to hear about the
panel.
... The browser and HTML groups are questioning a lot of that document.
Chris is trying to face this issue head on.
... I think Chris is trying to get that out in the open and to note that
it isn't cast in stone, we should be able to keep it relevant.
... Let me play the cynics roll. If I say the WebArch document is
irrelevant, which parts would you defend?
... We need to go in with a good idea of what we think is still true and
which parts we think we'd bend on.
Dan: I gave a talk recently about interaction and the Google web cache.
Raman: Don't use GET when you are sending data that's going to change. I
think that's pretty solid, but then you get to the edges.
... In some sense, if there are six people on the panel, let's say that
there are two sides, though I don't like to think of it in those terms.
... I don't think an hour long panel will change the minds of one side or
the other. It's a means of getting everyone understand what the issues
are.
... What are the clear foundations, what may have been missunderstood, and
what is just wrong.
Norm: Good suggestions.
Dan: The things that have been questions are error handling, versioning,
mime types/content sniffing, namespaces
... We've acknowledged that we have more or different things to say about
versioning.
... I'd like to have better error handling, I'd like to be able to have a
mode that shows me errors.
... But probably when you're browsing someone elses site...but I dunno,
it's still risky.
<DanC> (text in the REC is "Agents that recover from error by making a
choice without the user's consent are not acting on the user's behalf." --
[24]http://www.w3.org/TR/webarch/#error-handling )
Raman: Error handling has two layers: error hadnling in the face of any
implementation breaking any spec whatever, then there's error recovery wrt
HTML/tagsoup.
... The third piece which always gets folded in is, if you have a spec, it
always happens that there are gaps. There's error recovery in terms of how
do you come out of that.
... Then there's error recovery in the face of someone blatently violating
a spec.
In the last case, I think there should be a mode to show errors because
otherwise, bad money will drive out good.
Raman: Further down in the spec, the stuff about following your nose to
understand documents, doesn't really work so I think we'd get lots of
pushback on that.
... I can show you an example of how broken this is by pointing to the top
level RSS feed at the BBC.
<raman> on [25]http://www.bbc.co.uk/radio/ see rss link:
<raman> [26]http://www.bbc.co.uk/radio/i/index.xml
<raman> classic example of an attempt sematnic web technology --- rdf:seq
is empty
Stuart: Identify with URIs is germain to Dave's question about web
services.
Raman: I don't think web services is going to come up on the panel.
Dan: Most of the arguments about follow-your-nose are that you don't need
it to get your job done, but this isn't getting anyone's job done.
Raman: What I'm saying is that folks who see this say look at all this
crud that didn't work, what works are visible hypertext links, so that's
all we need.
Apparently it's a distinction between pages served to UK readers and
readers in the rest of the world.
Raman: It's really bad advertising for this technology, it's about 4k that
doesn't say anything.
... Some of these things are important and we should try to get the
audience to leave with that impression.
... So how are we going to decide which things are in which buckets?
<scribe> ACTION: Norman to review the GPNs and try to put them in the
buckets on an email thread. [recorded in
[27]http://www.w3.org/2008/10/09-tagmem-minutes.html#action02]
<trackbot> Created ACTION-185 - Review the GPNs and try to put them in the
buckets on an email thread. [on Norman Walsh - due 2008-10-16].
<raman> need to leave
Stuart: We have a few minutes left, Dave you posted a weblog page.
Dave: Right, I think we needed to say something about the charters.
... So how well do the web services specs, both those proposed and
written, integrate into the WebArch
... I think we've failed to integrate the web services architecture into
Web Architecture.
... So if they're not part of the web architecture, and the TAG is about
web architecture, then how is the TAG relevant to them?
... The results are pretty stark.
... It seems to me that the TAG could say that it's fine work but that the
TAG does not anticipate that it will be reviewing any of it because it's
not about web architecture. We're not going to review or endorse it.
Ashok: Dave, what are you recommending? Are you recommending that we
object to the working group?
Dave: That's not what I said.
... If you've got work coming out of W3C that's got nothing to do with web
architecture, then the TAG should recuse itself.
Ashok: That sounds disengenuous. The TAG is the technical architecture
group, how can opt out?
Dave: The core part of that work isn't part of the web architecture. The
membership can do it if it wants, but they should know that it's not.
Dan: Ashok asked how and the answer is probably something in the charter
and possibly in the SOTD that says "this doesn't follow web architecture
and we don't expect it to".
... Yes.
Ashok: I don't.
Norm: I think it's a really good idea, if it's a separate architecture, we
should be willing to say that we're not going to review it.
Stuart: I think that it needs to be made as a proposal for a position that
the TAG should take and see if teh TAG will adopt that position.
<jar> scribenick: jar
Adjourned.
"Norm: will construct the HTML minutes, jar"
Summary of Action Items
[NEW] ACTION: Norman to review the GPNs and try to put them in the buckets
on an email thread. [recorded in
[28]http://www.w3.org/2008/10/09-tagmem-minutes.html#action02]
[End of minutes]
--------------------------------------------------------------------------
Minutes formatted by David Booth's [29]scribe.perl version 1.133 ([30]CVS
log)
$Date: 2008/10/15 19:56:57 $
References
Visible links
1. http://www.w3.org/
2. http://www.w3.org/2001/tag/2008/10/09-agenda
3. http://www.w3.org/2008/10/09-tagmem-irc
4. file:///projects/w3c/WWW/2001/tag/2008/10/09-minutes.html#agenda
5. file:///projects/w3c/WWW/2001/tag/2008/10/09-minutes.html#item01
6. file:///projects/w3c/WWW/2001/tag/2008/10/09-minutes.html#item02
7. file:///projects/w3c/WWW/2001/tag/2008/10/09-minutes.html#item03
8. file:///projects/w3c/WWW/2001/tag/2008/10/09-minutes.html#item04
9. file:///projects/w3c/WWW/2001/tag/2008/10/09-minutes.html#item05
10. file:///projects/w3c/WWW/2001/tag/2008/10/09-minutes.html#item06
11. file:///projects/w3c/WWW/2001/tag/2008/10/09-minutes.html#item07
12. file:///projects/w3c/WWW/2001/tag/2008/10/09-minutes.html#item08
13. file:///projects/w3c/WWW/2001/tag/2008/10/09-minutes.html#ActionSummary
14. http://www.w3.org/2001/tag/doc/passwordsInTheClear-52-20081008.html
15. http://validator.w3.org/checklink?url=http://www.w3.org/2001/tag/doc/passwordsInTheClear-52-20081008
16. http://www.w3.org/2001/tag/group/track/actions/overdue
17. http://www.w3.org/2001/tag/group/track/
18. http://www.w3.org/2001/tag/group/track/actions/152
19. http://www.w3.org/2001/tag/group/track/actions/142
20. http://www.w3.org/2001/tag/group/track/actions/146
21. http://www.w3.org/2001/tag/group/track/actions/175
22. http://www.w3.org/2001/tag/group/track/actions/184
23. http://www.w3.org/2001/tag/group/track/actions/133
24. http://www.w3.org/TR/webarch/#error-handling
25. http://www.bbc.co.uk/radio/
26. http://www.bbc.co.uk/radio/i/index.xml
27. http://www.w3.org/2008/10/09-tagmem-minutes.html#action02
28. http://www.w3.org/2008/10/09-tagmem-minutes.html#action02
29. http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
30. http://dev.w3.org/cvsweb/2002/scribe/
Received on Wednesday, 15 October 2008 19:59:30 UTC