See also: IRC log
<scribe> ScribeNick: ArtB
<scribe> Scribe: Art
Date: 4 June 2009
<arve> Zakim: P2 is me
AB: I posted the agenda on June 3 (http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0728.html). The only change I propose is to change the order of 3.b and 3.c. Any change requests?
TR: move f2f preps to end of meeting
AB: OK; we will do that
... add Mark's latest email re DigSig to the agenda
... Robin, will you represent Mark on this call?
<darobin> mpriestl: can you get on the call?
RB: no, not really
AB: I have one short announcement: for those of you following the Draft DAP WG Charter () discussions, Frederick has been designated as a Chair (along with Robin)
DR: what is the Chair selection process?
TR: it is mostly opaque
... and Team driven
DR: if you would direct me to the Proc Doc; I'm not clear on it
TR: sure, I can do that
... I think the only relevant text is "the Director will
appoint the Chair"
AB: any other announcements?
[ None ]
AB: Mark submitted comments this
morning which is 3 days too late
... my recommendation is to postpone the handling of those
comments until after the CR is published
... comments on my proposal?
MP: that is fine for VF
... I am sorry those comments were late
... I don't think any of the comments will affect
Candidate
... one may be a bit problematic
AB: want to emphasize we will
always accept comments
... we do have to be careful though about moving the target
date
... proposed Resolution: we will handle VF's LCWD comments of
June 4 during CR
... any objections?
[ None ]
RESOLUTION: we will handle VF's LCWD comments of June 4 during CR
AB: a few days ago I proposed some text for the WidDigSig's Candidate "exit criteria" (http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0700.html). Any comments about that proposal?
<Marcos_> +a
AB: any objections to the proposed Exit Criteria?
[ None ]
AB: one issue we need to discuss before resolving to publish a DigSig CR is "how far can this spec go in the Recommendation track with a normative dependency on a WD of XML Digital Signatures 1.1?". My understanding is PR but no further. Thomas or Mike, would you please clarify?
TR: I believe your understanding
is correct
... but I'll check
... I think the doc is well hidden
AB: XBL2 has a precedence of this
TR: let's proceed as if this won't be an issue and we can deal with it later if we need to
MS: +1 to TR
AB: we then proceed as planned
AB: the WidDigSig spec is ready to be published as a Candidate Recommendation. Any objections to that?
MC: I have concerns about the
cannoicalization aspects
... have they been resolved?
TR: are these general issues or ones that can be dealt with during CR
<Zakim> MikeSmith, you wanted to say that we have not hard-and-fast rule
MC: I hear cannoicalization doesn't work
TR: the only concern I know of is complexity
<arve> gotta call back in in a minute
TR: the way the spec is used tho, there is no breakage
FH: we profiled it down
MC: so OK, it sholdn't be too
bad
... I heard it is difficult to implement in .NET
TR: which cannonicalization?
MC: the one in the spec
TR: if .NET it could be a 1.0 vs. 1.1 concern
<timeless_mbp> what does that mean?
DR: yes, I think that is true
TR: doesn't matter whether we use 1.0 or 1.1
<fjh> what i said about profiling is this, since the case is narrow enough
<tlr> ... or exclusive
<fjh> sounds like a comment that needs to be on the list
AB: my recommendation is that if this is an issue, it be raised during CR
MC: yes, I think that is OK
TR: this will affect
interop
... it may be worthwhile to shift to Exclusive right now
FH: I think that would be
reasonable
... I don't think we need the features of 1.1
... let me check the spec ...
... 6.3 requires Canon 1.1
<timeless_mbp> fjh: if i want to give feedback, should i to: you and cc: wg?
FH: we can change to Exclusive
and that would address the concern
... TR, is that OK with you?
TR: Exclusive isn't strictly
mandatory
... think Exclusive is the one to take
MP: is there a ref that could be
put in IRC?
... are we confident we'd end up with the same result?
<fjh> http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/
TR: the two disagree with the
handling of namespaces
... and some subset [missed details ...]
... we don't use qnames and content
... only 1 case there could be some diffs and it is if
gratuitous namespaces are used but not needed
<fjh> proposal - change required algorithm in 6.3 from Canonical XML 1.1 omits comments to
<fjh> Exclusive XML Canonicalization 1.0 (omits comments)
<fjh> http://www.w3.org/2001/10/xml-exc-c14n#
AB: can we agree to make this change and also agree to move directly to CR?
TR: the question is if this would "invalidate" a review?
<fjh> also add reference for Exclusive Canonicalization
TR: does anyone think it would?
RB: no
FH: I think this is the right
thing to do
... I don't think we'll have any problems
<fjh> proposal - 1. change required alg in 6.3, 2. add reference to exclusive c14n
AB: are there any objections to FH's proposal?
[ None ]
<fjh> Exclusive XML Canonicalization 1.0 (omits comments)
AB: since we agreed to make this change, are there any objections to going to CR directly?
<fjh> http://www.w3.org/2001/10/xml-exc-c14n#
[ No ]
AB: propose: RESOLUTION: the group agrees Widgets Digital Signature spec is ready for publication as a Candidate Recommendation
<fjh> with additional changes agreed today
AB: any objections?
[ None ]
RESOLUTION: the group agrees Widgets Digital Signature spec is ready for publication as a Candidate Recommendation
<scribe> ACTION: hirsch notify Art when the excl c14n change has been made and the SoTD is updated for CR [recorded in http://www.w3.org/2009/06/04-wam-minutes.html#action01]
AB: we've had a Call for UCs and
Reqs (http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0581.html)
and two related ACTION: Action 347 (http://www.w3.org/2008/webapps/track/actions/347)
and Action 348 (http://www.w3.org/2008/webapps/track/actions/348).
... besides not having agreement on UCs and Reqs, we also do
not have consensus on the definitions of Origin nor Domain of
Trust (http://dev.w3.org/2006/waf/widgets-access/#security-model).
... additionally, there now seems to be an attempt to add UA
behavior for the <feature> element regarding security
policy e.g. Robin's proposal (http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0732.html).
... lastly, I agree with concerns raised by some members of
this WG about us specifying something that is going to "tie the
hands" of the DAP WG's security policy work.
... any status of UCs and Reqs?
[ None ]
<darobin> http://www.w3.org/mid/E3625432-E1AF-42F6-9E5E-73B29EE8DB10@berjon.com
RB: I sent a related email
<timeless_mbp> arve: does http://dev.w3.org/2006/waf/widgets-access/ show "Copyright © 2009 W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C liability, trademark and document use rules apply." in Opera (10beta)?
AB: I wasn't sure how the proposal would be reflected in the spec?
RB: has anyone read it?
[ No responses ]
RB: it supports one of the
options we have discussed
... network access requires <access>
<timeless_mbp> does the widget have access to the iframe?
RB: but <access> does not
provide access to "sensitive APIs"
... Arve, any comments?
<timeless_mbp> we can't hear you
<timeless_mbp> tlr: were you OK or Not OK w/ the original?
Arve: I agree with a model where a doc outside of the widget does not get any additional access rights
<arve> artb's summary is right
RB: is there consensus here?
TR: I only had a superficial
review
... I am OK with this being added to the FPWD
FH: I have not reviewed it
TR: if no one has read it, we can resolve to publish it as FPWD if no objections by some date
RB: I haven't reflected my email into the spec
AB: I would prefer to get RB to reflect his input into the ED, then notify the group and then we can make a decision about FPWD
RB: I can do that tomorrow
TR: OK with me
<timeless_mbp> so basically this spec says that a widget has as much access as the browser?
AB: next Tues we can make a
decision about FPWD
... any last comments about WAR spec for today?
[ None ]
AB: yesterday I tweaked next
week's agenda (http://www.w3.org/2008/webapps/wiki/WidgetsLondonJune2009#Agenda_Items)
and will probably make additional small changes over the next
few days. Any comments?
... the only firm time for a subject is Tues June 9 13:00-14:30
and it will be Security Policy. Priority will be P&C, and
the issues related to advancing W/V Modes, A&E, WAR, and
URI specs.
... any comments on agenda?
TR: I must stop at 15:00 on
Tues
... <access> element is the highest priority
AB: any other comments?
<tlr> (and the widget uri scheme, ugh. Forgot about that one)
[ None ]
<fjh> I also have firm stop at 15:00 on Tuesday
AB: please address Open actions before the f2f meeting: http://www.w3.org/2008/webapps/track/products/8
<timeless_mbp> ArtB: i might be able to make it if i can get some wiggle room w/ managers, i'll pick up transportation and someone will host a room, so i'd just need a manager not to complain about my lack of physical presence
AB: any topics?
... I don't have any
... meeting adjourned
This is scribe.perl Revision: 1.135 of Date: 2009/03/02 03:52:20 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Found ScribeNick: ArtB Found Scribe: Art Present: Art Robin Thomas Arve Marcos Josh Jere David Frederick Mark Agenda: http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0728.html Found Date: 04 Jun 2009 Guessing minutes URL: http://www.w3.org/2009/06/04-wam-minutes.html People with action items: hirsch[End of scribe.perl diagnostic output]