Web Security Context Working Group -- Face-to-face Meeting 2007-01-30/31

On this page: Infrastructure / Attendance / Minutes

Infrastructure

MeetingTaxisAndDinners includes some travel information.

The BEA Corporate HQ consists of two large 4 story buildings and two smaller buildings. The large buildings are at right angles. Building 2 is on First Street. Building 1 is on Charcot Avenue, which is an extension of Guadalupe Parkway and crosses First Street at right angles.

The main entrance and visitor parking is actually in Building 1, facing Charcot Avenue. You can reach it either by turning onto Charcot Avenue at the light on First Street and then right into the parking lot or, if coming from the North, by entering the parking lot on First Street and driving around to Building 1. There is an entrance to Building 2 on North First Street for the education center, but you should not go in there.

Once inside the main entrance, you will see a reception desk. Just indicate that you are there for the W3C meeting and they will have you sign in and get a visitor badge. Wait in the lobby until you can be escorted to our meeting room, which is actually in the other building.

Attendance

Agenda

Minutes

Materials

Phillip Hallam-Baker, Extended Validation: Hope or Hoax?
Mike Beltzner, Best of Breed anti-phishing Mozilla Extensions, and dos and don'ts
Thomas Roessler, use case structuring exercise

Action Items

ACTION-93: Explain issue raising process on public mailing list [on Thomas Roessler - due 2007-02-06].
ACTION-94: Draft subsections for 8 about \"compelling user interface\", crypto [on Phillip Hallam-Baker - due 2007-02-06].
ACTION-95: Review use cases, suggest reorganization, ... [on Stuart Schechter - due 2007-02-06].
ACTION-96: Draft initial outline of glossary [on Tim Hahn - due 2007-02-06].
ACTION-97: Seed and drive process to document current-generation undocumented safeguards in wiki [on Mike Beltzner - due 2007-02-06].
ACTION-98: Track Rachna adding references for 8.1.2 [on Thomas Roessler - due 2007-02-06].
ACTION-99: Track Rachna to draft text for section 8, covering \"block pages\" [on Thomas Roessler - due 2007-02-06].
ACTION-100: Propose alternative wording for 8.2.3 [on Thomas Roessler - due 2007-02-06].
ACTION-101: Suggest favorite favicon reference [on Mary Ellen Zurko - due 2007-02-06].
ACTION-102: Switch order of 8.2.3 and 8.2.4 [on Tyler Close - due 2007-02-06].
ACTION-103: Propose descriptive text on firefox anti-phishing UI (for 8.2) [on Mike Beltzner - due 2007-02-06].
ACTION-104: Extend 8.2.1 by tab title [on Tyler Close - due 2007-02-06].
ACTION-105: Propose text on notifiaction / information bar [on Mike Beltzner - due 2007-02-06].
ACTION-132: Start discussion on mailing list to draw chrome items out and get analysis completed [on Mary Ellen Zurko - due 2007-02-13].
ACTION-106: Propose clarifying language for 8.2.5 [on Mike Beltzner - due 2007-02-06].
ACTION-107: Create a library of testcases / examples of attacks listed in section 8 [on Mike Beltzner - due 2007-02-06].
ACTION-108: Track rachna to contribute more studies for 8.3 [on Thomas Roessler - due 2007-02-06].
ACTION-109: to propose more elaborate text for 8.3.1 (\"padlock icon\") [on Brandon Porter - due 2007-02-06].
ACTION-110: Create new subsection under 8.2 to classify types of attacks [on Tyler Close - due 2007-02-06].
ACTION-111: Track rob tracking URL scrolling issues [on Tyler Close - due 2007-02-06].
ACTION-133: Offer text suggestion around \"many users\" [on Brandon Porter - due 2007-02-13].
ACTION-112: Rewrite 8.3.2 [on Thomas Roessler - due 2007-02-06].
ACTION-113: Suggest \"page\" definition for Tim\'s glossary [on Stuart Schechter - due 2007-02-06].
ACTION-114: Track rachna suggesting alternative wording for 8.4.1 [on Thomas Roessler - due 2007-02-06].
ACTION-115: Contribute reference on cost/benefit questions in usability [on Mary Ellen Zurko - due 2007-02-07].
ACTION-116: Check whether security usability of form submission is covered in Note [on Phillip Hallam-Baker - due 2007-02-07].
ACTION-117: Contribute material re confirmation bias to note [on Mike Beltzner - due 2007-02-07].
ACTION-118: Reword the first two DesignPrinciples points for possible inclusion in the note [on Maritza Johnson - due 2007-02-07].
ACTION-119: Move consistency bullet point into section 9 [on Tyler Close - due 2007-02-07].
ACTION-120: Contribute further text on \"explanations\" bullet point; provide [Patrick] reference [on Maritza Johnson - due 2007-02-07].
ACTION-121: Propose rewrite of 9.3 [on Mary Ellen Zurko - due 2007-02-07].
ACTION-122: Inquire Stephen Farrell about holding next meeting on 30-31 in Dublin [on Thomas Roessler - due 2007-02-07].
ACTION-123: Send hosting requirements to Tyler [on Thomas Roessler - due 2007-02-07].
ACTION-124: Initiate work on threat tree [on Stuart Schechter - due 2007-02-07].
ACTION-125: Map list from blackboard to existing use cases, possibly add more [on Thomas Roessler - due 2007-02-08].
ACTION-126: Document current practice in terms of security UI robustness [on George Staikos - due 2007-02-08].
ACTION-127: Document current practice in terms of security UI robustness [on Yngve Pettersen - due 2007-02-08].
ACTION-128: Document current practice in terms of security UI robustness [on Mike Beltzner - due 2007-02-08].
ACTION-129: Prod Rob to document current practice in terms of security UI robustness [on Thomas Roessler - due 2007-02-08].
ACTION-130: Set up poll to confirm date. [on Thomas Roessler - due 2007-02-08].
ACTION-131: Start rescheduling exercise for telephone calls [on Thomas Roessler - due 2007-02-08].

Thomas Roessler, Team Contact
$Id: f2f2.html,v 1.5 2007/02/06 13:18:34 roessler Exp $