- From: Francois Daoust <fd@w3.org>
- Date: Tue, 29 Jan 2008 17:17:14 +0100
- To: public-bpwg-ct <public-bpwg-ct@w3.org>
The minutes of today's discussion are available at:
http://www.w3.org/2008/01/29-bpwg-minutes.html
... and copied as text below.
Thanks Sean for scribing!
François.
29 Jan 2008
[2]Agenda
[2] http://lists.w3.org/Archives/Public/public-bpwg-ct/2008Jan/0028.html
See also: [3]IRC log
[3] http://www.w3.org/2008/01/29-bpwg-irc
Attendees
Present
francois, Bryan_Sullivan, AndrewS, rob, Heiko, SeanP, Magnus
Regrets
jo
Chair
francois
Scribe
SeanP, SeanPatterson
Contents
* [4]Topics
1. [5]New draft is here
2. [6]HTTP Cache-Control extensions
3. [7]CT-proxy and HTTP POST (part 3.2)
4. [8]Detection of non-browser environment
5. [9]Summary of proposed features (part 3.7)
6. [10]CT-proxy-aware
7. [11]reload-untransformed directive
* [12]Summary of Action Items
_________________________________________________________
New draft is here
Francois: Any comments on the draft?
<francois> Close ACTION-628
<trackbot-ng> ACTION-628 Produce draft 1d by Friday closed
HTTP Cache-Control extensions
<hgerlach> heiko has to redail in
<francois> Yves Lafon
Francois: Talked with Yves Lafon of the W3c about Cache-Control
... He has been involved with HTTP
... He said we should not recommend extensions to HTTP that would
require all servers to change
... He said we should not recommend any extesions to Cache-Control
header
... The CP either enables content transformation or doesn't with
Cache-Control: no-transform
... If we decide to do extensions to Cache-Control we need to write
an IETF draft
... There is an example
<francois> [13]Mark Nottingham example
[13] http://www.mnot.net/drafts/draft-nottingham-http-stale-while-revalidate-00.txt
Francois: This is the kind of thing we could write to propose
extensions to Cache-Control
... Will talk to Yves F2F this week and come back with details next
week.
... I think it is a good idea to do this--if we don't the document
may not be as useful
CT-proxy and HTTP POST (part 3.2)
Francois: The most important part of the doc is CP to proxy
communication.
... Jo mentioned that there was some discussion about HTTP POST
Magnus: Is beyond our scope.
... An example would be a picture from the phone uploaded to the
server.
... The proxy could transform the photo if it was weird format.
Francois: Is there any case where CT proxy should not do anything
with a post?
Magnus: We could come up with examples but they are too esoteric.
Bryan: This represents value added services that are beyond what we
should say something about.
Francois: Jo removed that part about POST from the draft.
Detection of non-browser environment
Bryan: Have comments on this. The user agent should be the primary
way to detect non-browser unless there is secondary info.
... Jo said something about using heuristics, etc. for detecting
non-browser environment.
Heiko: That comment was quite useful.
<Bryan> Jo proposed "the proxy SHOULD make "reasonable efforts" to
determine whether a user agent is a browser, using heuristics
applied to an a priori knowledge base"
Heiko: We are not able to always understand the UA from the UA
string because there is no standardization
Bryan: AT&T has been able to get useful information from UA.
... We do see just "Mozilla" sometime however.
<francois> ACTION: bryan to propose some recommendation on
user-agent detection from a proxy and browser's (format) point of
view [recorded in
[14]http://www.w3.org/2008/01/29-bpwg-minutes.html#action01]
<trackbot-ng> Created ACTION-632 - Propose some recommendation on
user-agent detection from a proxy and browser's (format) point of
view [on Bryan Sullivan - due 2008-02-05].
<francois> Close ACTION-626
<trackbot-ng> ACTION-626 Contribute text on detection of non-browser
user agent closed
Summary of proposed features (part 3.7)
Francois: This was added by Jo in the current draft.
... Summarize the extensions for Cache-control and other extensions
... Want to talk about https rewrite.
Bryan: I said that rewrite of https URLs doesn't work.
... Rewriting all links on an HTTPS page may have some uses.
Francois: Could be dangerous to rewrite HTTPS URLs.
Bryan: Example: CT Proxy could recreate the "WAP GAP"
... Connection between Browser and proxy is secure.
Andrew: We should put in the guidelines that if the proxy intercepts
HTTPS, the user should be notified and prompted.
Bryan: Needs to be clarified that if the user refuses to allow proxy
to intercept HTTPS, it may not work.
Andrew: User should be given the option, and then it should work
end-to-end; i.e., not through proxy.
Bryan: In this case the page is not formatted for the phone.
Andrew: Correct, but user should have the option.
Francois: Is this feasable for users?
Andrew: Most users don't know much about this, but it is good to
give option. It is what VF UK is doing.
Bryan: Make sure this is very clear in "terms and conditions." Don't
make the user answer too many questions.
... Could make these kinds of decisions available through a desktop
browser link.
Francois: Summary: Should make it clear in the document that proxy
should ask the user about HTTPS.
Andrew: If not proxy could create man-in-the-middle attack.
Bryan: This preference should be remembered.
<francois> ACTION: Andrew to write a clear draft on
@@allow-https-rewrite and the need for the end-user to be aware of
the situation [recorded in
[15]http://www.w3.org/2008/01/29-bpwg-minutes.html#action02]
<trackbot-ng> Created ACTION-633 - Write a clear draft on
@@allow-https-rewrite and the need for the end-user to be aware of
the situation [on Andrew Swainston - due 2008-02-05].
CT-proxy-aware
Francois: How could the browser say it was CT-proxy-aware?
Heiko: Most browsers that need CT-proxy are old browsers that are
not CT-aware.
Francois: Say we did have a browser that CT-aware. How would we tell
the proxy this?
<francois> In the absence any of the previous directives elaborating
the no-transform directive, the client should indicate that it
understands the conventions of this document by including a
[@@ct-proxy-aware directive].
Heiko: Why? Should only do transformation for low-end browsers.
Francois: The document currently talks about CT-aware browsers.
Bryan: The most common case right now is legacy browsers.
... If we have control commands for CT, then the browser needs to
know that the browser is CT-aware.
... Could use DDR to know if a browser is CT-aware.
... Need an attribute in DDR that specifies CT-aware.
Value of CT-awareness: Browser can control CT without user
interaction.
Heiko: We are talking about a config string sent from browser to
proxy
Bryan: Think that DDR would be best for handling CT-aware to reduce
network overhead of sending a header each time.
Francois: Lots of content in the document that talks about
interaction between CT proxy and browser.
Heiko: Don't think we need this. 90% of value of CT proxy is for
legacy browsers.
Francois: Question: Will any CT-aware browsers ever be implemented?
... Is this something browser makers are even interested in doing?
Bryan: As browsers become more capable, the need for CT services
will diminish.
... Less transformation will be done on the network and more on the
device.
... Don't see that CT-awareness will be high priority for browser
makers.
Heiko: Low tier browsers are not high priority for phone makers.
... For the future, optimation and acceleration will be the main use
of CT proxies
Bryan: The are hundreds of millions of devices out there and the
turnover is such that CT proxies could be needed for 5 years or so.
reload-untransformed directive
Francois: Jo mentioned that there could be some problems.
... Directive is between CT-aware browser and proxy.
... Not sure what the priority is.
<SeanPatterson> scribe: SeanPatterson
<scribe> scribenick: SeanPatterson
Andrew: Expect to see legacy devices used for several years.
<hgerlach> just a short questio: how to register for the speaker
queue???
<francois> francois: One last thing about the impossible
conciliation of the Cache-Control: no-transform directive and the
WAP gateways. Should we drop a note stating that these guidelines
won't work in that case?
<inserted> Andrew: yes, I think that's a good idea
<francois> ACTION: daoust to write a note to say something about
Cache-Control: no-transform and WAP gateways [recorded in
[16]http://www.w3.org/2008/01/29-bpwg-minutes.html#action03]
<trackbot-ng> Created ACTION-634 - Write a note to say something
about Cache-Control: no-transform and WAP gateways [on François
Daoust - due 2008-02-05].
<hgerlach> great, thanks!
Summary of Action Items
[NEW] ACTION: Andrew to write a clear draft on @@allow-https-rewrite
and the need for the end-user to be aware of the situation [recorded
in [17]http://www.w3.org/2008/01/29-bpwg-minutes.html#action02]
[NEW] ACTION: bryan to propose some recommendation on user-agent
detection from a proxy and browser's (format) point of view
[recorded in
[18]http://www.w3.org/2008/01/29-bpwg-minutes.html#action01]
[NEW] ACTION: daoust to write a note to say something about
Cache-Control: no-transform and WAP gateways [recorded in
[19]http://www.w3.org/2008/01/29-bpwg-minutes.html#action03]
[End of minutes]
Received on Tuesday, 29 January 2008 16:17:32 UTC