20:24:09 RRSAgent has joined #svg 20:24:09 logging to http://www.w3.org/2016/08/11-svg-irc 20:24:11 RRSAgent, make logs public 20:24:13 Zakim, this will be GA_SVGWG 20:24:13 ok, trackbot 20:24:14 Meeting: SVG Working Group Teleconference 20:24:14 Date: 11 August 2016 20:24:54 Agenda: https://lists.w3.org/Archives/Public/www-svg/2016Aug/0014.html 20:25:01 Chair: Nikos 20:25:02 Agenda: https://lists.w3.org/Archives/Public/www-svg/2016Aug/0014.html 20:33:12 present+ nikos 20:33:55 present+ Tav 20:34:03 present+ shepazu 20:35:33 Scribe: Nikos 20:35:35 scribenick: nikos 20:35:36 Topic: SVG 2 CR publication update 20:35:47 present+ stakagi 20:37:55 present+ AmeliaBR 20:38:29 nikos: Disposition of comments: https://nikosandronikos.github.io/svg2-cr-doc/ 20:48:06 nikos: I've put together the DoC 20:48:27 ... it's currently being compiled from Github 20:50:09 ... but I'll make it a static page to send off 20:50:38 ... The one thing I haven't done is include the things in the 'clean up' milestone as deferred 20:51:03 AmeliaBR: think there's a few we should add - including some 'future wish list' stuff 20:51:38 nikos: I also sent out request for review to i18n and a11y 20:51:42 https://lists.w3.org/Archives/Public/www-svg/2016Aug/0016.html 20:51:49 AmeliaBR: we got a response on a11y this morning, I've replied 20:52:21 ... I'm not expecting a lot of questions because we have people working on the SVG TF 20:53:52 shepazu: Good answer regarding SVG fonts 20:54:06 Tav: I've been playing with SVG fonts a lot. We support creation of fonts 20:54:15 shepazu: Is there any way to export to SVG in OT ? 20:54:18 Tav: not yet 20:54:54 nikos: So we're really just waiting now for review comments 20:56:03 https://svgwg.org/svg2-draft/conform.html 20:56:51 Topic: Bringing bits in from Integration to the Conformance chapter 20:57:04 shepazu: There's a few open issues 20:57:16 ... I have come around to the view point that conformance should be part of the spec 20:57:36 nikos: For the issue 'Should animations run in the resource document?', I think that's defined elsewhere 20:57:43 AmeliaBR: Yes, I'll review the chapter 20:59:19 shepazu: How do we change something from appendix to chapter? 20:59:31 AmeliaBR: Somewhere in the build script this is all controlled 20:59:37 nikos: I can take a look at that next week 20:59:51 AmeliaBR: The other thing we need to do is add stub files for the moved and removed chapters 21:00:25 nikos: I was going to do that as a manual step during publication 21:00:37 AmeliaBR: For animation, it would be nice to have a short appendix pointing out the three ways you can animate SVG 21:02:02 ACTION: Nikos to make conformance appendix a chapter 21:02:03 Created ACTION-3855 - Make conformance appendix a chapter [on Nikos Andronikos - due 2016-08-18]. 21:02:16 ACTION: Nikos to add stub chapters 21:02:18 Created ACTION-3856 - Add stub chapters [on Nikos Andronikos - due 2016-08-18]. 21:02:32 Topic: SVG 2 publication 21:03:10 shepazu: Regarding deferred issues. It's not a problem to list them - there's many issues so it's right to defer them to SVG next 21:05:01 nikos: So next week we finish these little spec tidy ups while waiting for review comments, and I'll finish off those extra things for DoC 21:05:19 shepazu: We have a few issues in the spec still. Do we want to make them Github issues? 21:05:33 AmeliaBR: anything in the spec should should already be in Github or be an 'at risk' comment 21:05:56 shepazu: Ok, I just introduced a few new ones by bringing the integration spec text in 21:06:57 shepazu: The thing about fetch is probably the most substantive 21:07:16 AmeliaBR: I've fixed a lot of issues about Fetch so we can reference that 21:07:24 https://svgwg.org/svg2-draft/linking.html#processingURL-fetch 21:08:10 AmeliaBR: Doug, you do a review, and then I'll do one as well afterwards 21:09:02 Topic: Security and privacy questionnaire review 21:10:38 https://github.com/w3c/svgwg/wiki/SVG-2-Security-&-Privacy-Review 21:11:03 nikos: Does this specification deal with personally-identifiable information 21:11:21 nikos: I couldn't think of anything 21:11:28 AmeliaBR: No more than what exists for web pages in general 21:11:35 nikos: Does this specification deal with high-value data? 21:11:50 nikos: No 21:12:01 ... Does this specification introduce new state for an origin that persists across browsing sessions? 21:12:04 shepazu: No 21:12:16 nikos: Does this specification expose persistent, cross-origin state to the web? 21:12:58 nikos: So I thought that language preference could expose some state, but it's low risk 21:13:11 ... I suppose if you have a lot of binary tests you might be able to build up a fairly detailed picture 21:13:35 shepazu: A few years ago there was a big push to avoid fingerprinting, but at this point fingerprinting is too far advanced 21:13:58 ... Is there anything about the fact you can reference an external SVG via use that might fall into this category? 21:14:20 ... Also language preference isn't stored in the SVG per se 21:14:32 nikos: Does this specification expose any other data to an origin that it doesn’t currently have access to? 21:14:48 ... I don't think we're doing anything unique 21:15:01 AmeliaBR: We might at that point say we allow CORS 21:15:06 ... but only in a matter consistent with HTML 21:15:16 nikos: Doesn't hurt to point that out 21:15:28 ... Does this specification enable new script execution/loading mechanisms? 21:15:47 ... Again, we're the same as HTML 21:15:57 nikos: Does this specification allow an origin access to a user’s location? 21:15:59 ... Definitely a no 21:16:09 ... Does this specification allow an origin access to sensors on a user’s device? 21:16:10 ... no 21:16:21 ... Does this specification allow an origin access to aspects of a user’s local computing environment? 21:16:31 ... Again here, I said yes via language preference 21:16:45 AmeliaBR: Could also say something about other required features switches and video/audio codec support 21:16:57 nikos: Does this specification allow an origin access to other devices? 21:17:20 ... No 21:17:30 ... Does this specification allow an origin some measure of control over a user agent’s native UI? 21:17:35 ... no 21:17:42 ... Does this specification expose temporary identifiers to the web? 21:17:50 ... no 21:17:54 ... Does this specification distinguish between behavior in first-party and third-party contexts? 21:18:35 AmeliaBR: wasn't sure about this one. We do talk about different behaviours in a reference document compared to an original document 21:18:49 ... some of that is linked to CORS, but not sure if that's what they mean 21:19:01 shepazu: Think we should say that we allow more restricted uses of the thing and link to the chapter 21:19:28 nikos: I don't think this is what that's about but we should say it 21:19:41 AmeliaBR: we do discuss anonymous vs credentials mode for CORS 21:19:52 ... think that's a little relevant 21:20:05 ... as Doug said, mention that there's a distinction and let them come back with questions if there's concerns 21:20:12 nikos: How should this specification work in the context of a user agent’s "incognito" mode? 21:20:30 ... I said no 21:20:37 shepazu: is that true even in the context of referencing modes? 21:20:50 AmeliaBR: only difference is the browser wouldn't supply cookies to the server. But rendering of SVg would be the same 21:21:00 nikos: Does this specification persist data to a user’s local device? 21:21:01 ... no 21:21:11 ... Does this specification have a "Security Considerations" and "Privacy Considerations" section? 21:21:24 nikos: It does 21:21:25 https://svgwg.org/svg2-draft/single-page.html#mimereg-mime-registration 21:21:34 ... it was just copied from SVG TIny 1.2 21:21:48 ... may need updating 21:22:00 ... Does this specification allow downgrading default security characteristics? 21:22:24 ... I wasn't sure about this one 21:22:31 AmeliaBR: talking about CORS, domain matching, etc 21:22:45 ... You can mention that we do use CORS features similarly to HTML 21:22:52 ... or based on the HTML spec 21:23:07 ... and therefore it can be affected by sand boxing 21:23:18 ... which may what they're talking about 21:24:04 nikos: I'll update it. Don't really want to put it in a spec, but will link to it from the Security considerations section 21:25:14 Topic: Next F2F 21:25:28 Tav: Are we meeting at Graphical Web? 21:25:45 nikos: It's very unclear whether i'll be able to go to graphical web 21:25:52 shepazu: Next opportunity is TPAC 21:25:56 nikos: I'll be at TPAC 21:26:18 AmeliaBR: I'm hoping you and Doug can get feedback and work out with other members what will happen next 21:26:36 ... especially looking at the test suite creation 21:26:55 ... other thing to talk about at TPAC - the HTML / web platform group is still hoping we take responsibility for Canvas 2d context 21:27:31 ... that would be something to discuss wrt to SVG WG charter which is due in Fall 21:30:06 nikos: In terms of meeting at the graphical web, I think we should cancel that one because the date isn't that far off and it's too hard to confirm whether I'll be able to go 21:30:27 RRSAgent, make minutes 21:30:27 I have made the request to generate http://www.w3.org/2016/08/11-svg-minutes.html nikos 22:05:07 stakagi_ has joined #svg 23:34:46 chaals has joined #svg 23:58:41 chaals1 has joined #svg