See minutes online for a more detailed record of the discussions.
The question on “origin” came up in the discussions and issues (e.g., #321) in the past. Daniel Weck gave an overview (completed by Leonard Rosenthol) of what “origin” means in the context of the Web and what effect it may have on our specifications. It is closely related to the security issues and model on the Web. It does raise questions like “does the manifest have to be same origin as entry page?” or “if WP is just a collection of stuff that are glued together with a manifest, then it leaves open the possibility of someone creating a publication without my consent.” A typical issue may be whether the group should consider whether some pieces MUST be same origin.
The discussion did not draw a final conclusion on what of the origin issue should be reflected in the (normative) part of a standard, and what should be more in a possible document on deployment and implementation choices. It is also a question whether any restriction should be made based on today’s security model, which may cause problems in the future. A smaller group will explore the problem area further.
Note the related issue 104 around browsing contexts, that is still open.
There is a long standing issue on TOC; one of the aspect of that issue is what type of prescribed HTML structure is useful and realistic to provide a framework for an HTML based TOC. Juan Corona made an online demo of an algorithm he was looking at (available on github) exploring the space. It seems that a more general HTML structure may be defined for a TOC, though it does need further work to specify it.
A proposal for a F2F meeting was made for the 6-7 May, 2019, in Cambridge, MA, USA, hosted in the Kendall Square offices of Google. To be decided.