See also: IRC log
VQ: Regrets for next week from Noah and Tim
... Scribe for next week is Ed
ED: Yes.
Minutes of 4 April are at http://www.w3.org/2006/04/04-tagmem-minutes.html
VQ: Anyone looked at them?
<DanC> (I peeked at the minutes. )
DC: a bit
RESOLUTION: Minutes of 4 April 2006 at http://www.w3.org/2006/04/04-tagmem-minutes.html are approved.
VQ: They're in date space, so I can't edit them. Can someone from team do it?
HT: I will remove the "draft" in the copy in date space.
DC: I don't want to have to cover for other scribes.
NM: But they wind up in date space.
DC: Move them please.
VQ: There is one item that mainly concerns T.V. and we will probably skip that.
NW: I did not manage to pull together info. Will do it this week.
<Norm> See: http://www.w3.org/2001/tag/2006/06/12-logistics.html (W3C member-only)
NW: Hotel rates and suggestions will be provided this week.
VQ: Last week we asked Dan to check with Massimo on possibility of Venice.
DC: I checked with him, and he was very helpful.
VQ: Was offering one possibility in CS dept. outside of Venice, other was small island in front of Venice.
... The island would take some budget for meeting rooms.
TBL: Flying to Venice and being outside of town seems silly.
<DanC> what I wrote was "We're looking at 3-5 October"
<Zakim> DanC, you wanted to ask if http://www.dsi.unive.it/~massimo/meetings/2005/rewerse/ is in venice
NM: What dates?
NW: Vancouver was 2-4 Oct.
NM: I think Vancouver was 3-5 actually.
NW: Oh, you're right.
<dorchard> Once you are in the historic center of Venice, the island of San Servolo can be reached either by public transportation (there are hourly boats running to and from the island from in front of the Londra Palace Hotel) or by private taxi.
VQ: Do you have preferences between Vancouver and Venice?
<timbl> http://www.dsi.unive.it/~massimo/meetings/2005/rewerse/participants.html
TBL: how do we know how much the island costs?
<dorchard> Staying on an island doesn't make sense to me.
TBL: suggest we look into details.
DO: Island seems isolated.
<timbl> http://www.hotelalvagon.com/en/
<timbl> You have the meeting on the boat, of course!
<EdRice> +1 on the boat meeting :)
VQ: Poll on preferences Vancouver vs. Venice:
DC: Either one
DO: Vancouver
ED: No preference
HT: No preference (compensating benefits for me either way -- Vancouver is a long trip, Venice may be too expensive)
NM: I'm having trouble justifying the cost of going to Venice unless it's a major convenience to our European participants.
NW: Either way. Worried about Venice costs.
TBL: In Europe would be happy to stay in 1 or 2 star hotel.
Noah notes he would go for 2 star, have had pretty unpleasant experiences in some 1 stars.
TBL: Could eat at hotel etc.
<DanC> how many CA to the EUR? 1.5?
TBL: Could go either way on Vancouver vs. Venice.
<DanC> 200.00 EUR = 277.648 CAD
<dorchard> I think it's around 1.5 CA/Euro
DO: We had a meeting in Vancouver in January in which costs were about 170 CAD per night.
NW: Note clear which location gives me more trouble in terms of getting approvals for cost.
VQ: Should we ask Massimo for more information.
TBL: Could we find 2 star hotel and meeting room in center of Venice.
VQ: I think meeting rooms in Venice may be hard. Mostly tourist hotels.
Noah wonders about network access in modest hotels.
VQ: We can defer for awhile.
... I'm not hearing strong push for Venice.
... Should we get more info on Venice, or decide now Vancouver?
... 2 OR 3 days
DC: 2 days
HT: I can't get out until late afternoon.
<DanC> sounds like Europeans arrive in Vancouver in the afternoon/evening and leave in the afternoon/evening
<dorchard> My stereotypical travel to/from Europe is the YVR->LHR at 6pm or 8pm, then LHR->YVR arriving 4pm.
<timbl> So .... how did expedia know I wanetd to fly to vancouver ?!
VQ: We'll meet at least Wed and Thurs, and if flights work, Friday.
<Norm> I'll be taking the red-eye on Thursday night, I expect
<DanC> very well, meeting starts Wed 4 Oct am in Vancouver
VQ: We will meet starting Wed 4 Oct AM in Vancouver. Will decide later whether to meet into Friday morning or wrap up end of day Thursday. Please prepare to discuss on the call next week your travel constraints leaving Vancouver.
VQ: Who will present and what will we discuss?
... Who will be there? I know that Noah will not.
<DanC> I have vague plans to attend the May 2006 AC meeting
DC: I think so.
DO: No.
ED: No.
HT: I'll be there, but I did last one.
NW: Can't go.
TBL: I'll be there.
HT: I think T.V. is coming, but we should check with him.
<Zakim> DanC, you wanted to suggest written-only report
DC: I'm suggesting we give a written report only.
DO: Seems we should have someone on stage.
DC: I'm willing but not quite inspired. I may discuss historical statistics on issues, etc. if it falls to me.
VQ: Anyone involved in AC meeting preparation?
TBL: Reviewing...
... We've got two findings.
<timbl> We have two findings
TBL: Prepared to present overview of what we've done.
<DanC> (it would be nice to have dates in list of approved findings http://www.w3.org/2001/tag/findings )
HT: There was email discussion following publication of the Rule of Least Power (http://www.w3.org/2001/tag/doc/leastpower-2006-02-23.html ).
Noah agrees it might be interesting topic, but regrets that he won't be there to help.
TBL: One can easily rathole on that one. Not sure it will be productive.
<Norm> CURIEs
<DanC> 4.4 Compact URIs (CURIEs)
TBL: I think Curies might be a good TAG issue.
DC: In principle, HTML doesn't have a special place in the architecture, but in practice it does.
... Maybe we can get to the right place by pursuing established issues.
... E.g., Vincent was going to look at CSS and versioning.
VQ: No progress so far.
TBL: Steve really wanted us to lead a discussion.
... I could be on or moderate a panel.
... Might get the NewsML folks involved, as they're interested in Curie.
... I would have a position expressing my concerns.
... Getting the AC involved early is a good idea.
VQ: Tim, maybe you can moderate a session, perhaps inviting Mischa Wolf and some others?
NW: I have concerns, but couldn't convince the Core WG to formally raise them.
HT: Lets go for it.
NW: Regret I won't be there.
(Noah says "me too" on regrets.)
(Noah notes that Reuters is indeed not a W3C member at this point.)
VQ: Tim, would you be the moderator?
HT: I could be on the opposed side, but I thought it was going to just be Tim & Mischa.
DC: Steve could moderate?
HT: Yes, with Misha pro and Tim con. Sounds good.
VQ: Sounds like a good proposal.
TBL: Hmm, I sometimes prefer to listen rather than talk at the AC. I counterpropose Henry to take the "con" side.
HT: The AC meeting always welcomes seeing Tim on the podium, but I'm willing.
TBL: I always get a slot to myself.
<scribe> ACTION: Vincent to update Steve Bratt about AC and decide about invitations for Curie discussion. [recorded in http://www.w3.org/2006/04/11-tagmem-irc]
VQ: Anything else on AC Meeting?
VQ: mostly on the agenda at T.V.'s request, so we'll skip it this week.
The draft we are discussing is at: http://www.w3.org/2001/tag/doc/mime-respect-20060307
VQ: Ed, please summarize status.
ED: I'm trying to put together a paragraph emphasizing that we're looking at documents in isolation. The problem I'm having is that every one I've tried to draft has had the downside of seeming to trivialize the finding, which is not my intention.
<DanC> (hmm... drop it... I thought it was a good idea, but if Ed's no inspired, I'm OK to drop it.)
ED: I was the only one concerned in the first place, and am willing to drop it.
VQ: We had two reviewers, with T.V. being the other one. He was fine with it.
ED: Yes, he thought it was OK.
VQ: Ed, are you ready to formally approve the finding as it stands now.
<DanC> ed, pls confirm?
<Norm> Yes, that's correct
RESOLUTION: The draft "Authoritative Metadata" at http://www.w3.org/2001/tag/doc/mime-respect-20060307 is approved for publication as a TAG finding.
<DanC> (hmm.. publish as WD? I guess I'm not too excited to do that.)
<scribe> ACTION: Vincent to update list of findings to include http://www.w3.org/2001/tag/doc/mime-respect-20060307 and to send announcement. [recorded in http://www.w3.org/2006/04/11-tagmem-irc]
ED: status needs updating.
NM: Will you change the date and the dated URI?
VQ: yes, as part of action above.
<DanC> (Noah, "in date space" often means http://www.w3.org/2006/... , not http://www.w3.org/2001/tag/doc/mime-respect-2006... )
NW: Looks like it's serving the XML and a stylesheet.
NM: Don't we need HTML for non-XSL enabled browsers?
NW: I think so.
Oooh. http://www.w3.org/2001/tag/doc/mime-respect is XML, but http://www.w3.org/2001/tag/doc/mime-respect-20060307 is HTML. Tricky!
<DanC> (fyi, CVS has only mime-respect-20060307.html )
See: http://lists.w3.org/Archives/Public/www-tag/2006Apr/0001.html
From that note:
There are four items which we may want to look into further;
HMAC Digest Authentication;
< http://www.ietf.org/internet-drafts/draft-sayre-http-hmac-digest-00.txt >
The scribe notes that the above document has gone 404, seemingly replaced by http://www.ietf.org/internet-drafts/draft-sayre-http-hmac-digest-01.txt .
SASL in HTTP/1.1
< http://www.ietf.org/internet-drafts/draft-nystrom-http-sasl-12.txt >
Kerberos based HTTP Authentication in windows
< http://www.ietf.org/internet-drafts/draft-jaganathan-kerberos-http-01.txt >
Dix - Digital Identity Exchange
< https://www1.ietf.org/mailman/listinfo/dix >
ED: Kerberos is old, not sure if my employer still cares.
<EdRice> Kerberos : http://www.ietf.org/rfc/rfc1510.txt
DC: That Kerberos internet draft can't be more than 6 months old.
<DanC> indeed, the internet draft is dated July 18, 2005
<EdRice> HMAC : http://www.ietf.org/rfc/rfc2104.txt
<DanC> hmm... more than 6 months old
<EdRice> Kerberos working group link: http://www.ietf.org/html.charters/krb-wg-charter.html
<ht> /me cvs commit -m'finalized' 04-tagmem-minutes.html
<Vincent> Thanks, HT
<DanC> (I don't see any pointers from http://www.ietf.org/html.charters/krb-wg-charter.html to draft-jaganathan-kerberos )
NM: Looks like this is about use of Kerberos in Windows, and by Microsoft authors.
DC: Are they using this to solve the password in the clear problem?
NM: Kerberos itself was designed for more. Key store machine in locked closet hands out tickets, E.g. Noah wants to print, gets a ticket to print on printer 2. Sends job and ticket to printer 2. Printer calls the kerberos server back to check Noah's ticket.
TBL: (scribe missed that, sorry)
<DanC> "WWW-Authenticate: Negotiate". hmm... that's new
DC: I wonder whether they're establishing this as an alternative to digest authentication? Doubt they're changing Kerberos.
NM: I strongly doubt they're changing Kerberos itself.
<timbl> S: HTTP/1.1 401 Unauthorized
<timbl> S: WWW-Authenticate: Negotiate
DC: Hmm, there's nothing about IANA registration for this.
<EdRice> changing passwords; http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-set-passwd-04.txt
ED: Well, we were asked to look at these four docs, but I started with dix as one of the most currently active.
DC: They asked us to look at four?
... Who?
ED: Lisa Dusseault
DC: Looking at Ed's message at http://lists.w3.org/Archives/Public/www-tag/2006Apr/0001.html
... The first 3 are all HTTP authentication mechanisms.
ED: HMAC involves encryption.
DC: Yes, but only of the credentials, not the payload, so these 3 all fit in as HTTP Authentication.
... TAG should say: "anything improves on passwords in the clear, go ahead"
... DIX needs more attention I think.
ED: I'd think we want to read and review in detail before we say "go ahead" on the others.
... Maybe just ignore the first 3.
DC: No, I want to at least say that moving in the direction of getting rid of passwords in the clear is to be actively encouraged.
TBL: May be worth saying in this context, even if we've said it before.
... The alternatives have been around for a long time, and they're not widely used.
NM: In Yahoo you can get https to prompt for your otherwise in the clear password.
NW: Seems like https is now the default at Yahoo.
ED: Email is in the clear over most hops anyway.
NM: Yeah, but not in corporations.
ED: Propose to tell Lisa we approve general investment in more secure passwords, not passing on merits of the 3 in particular.
... Will look in more detail at dix.
VQ: Please look at these and volunteer to review as appropriate.
<DanC> (I'm reasonably confident that Lisa isn't expecting to hear from Ed directly; her job as area director (-to be) is to get the community to review them and send comments to the authors)
VQ: No formal action to Ed at this time.
... We are adjourned.