W3C home > Mailing lists > Public > public-bpwg@w3.org > January 2009

[minutes] Tuesday 20 January 2009

From: Francois Daoust <fd@w3.org>
Date: Tue, 20 Jan 2009 17:01:26 +0100
Message-ID: <4975F556.9020805@w3.org>
To: Mobile Web Best Practices Working Group WG <public-bpwg@w3.org>

Hi,

The minutes of today's call are available at:
  http://www.w3.org/2009/01/20-bpwg-minutes.html

... and copied as text below.

In short:
- Next F2F meeting will be in London, 18-20 March 2009. Host to be 
determined. I will prepare a registration poll.

- There will likely be an editorial meeting on Mobile Web Application 
Best Practices on Monday 2 February 2009 afternoon in London. Open to 
any participant in the Working Group. Raise your hand if you think you 
will be coming (it should be possible to attend the meeting remotely).

- Adam should raise issues triggered by Jo's comments on MWABP by the 
end of the week.

- Discussion progresses on CT hot topics. Not over yet. Rationalization 
needed.

Thanks,
Francois.


-----
20 Jan 2009

    [2]Agenda

       [2] http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0040.html

    See also: [3]IRC log

       [3] http://www.w3.org/2009/01/20-bpwg-irc

Attendees

    Present
           adam, jo, Francois, Sangwhan_Moon, Jeff, dom, yeliz, EdC,
           SeanP, achuter

    Regrets
           BruceLawson, tom, rob, manrique, nacho, abel, miguel

    Chair
           Jo

    Scribe
           francois

Contents

      * [4]Topics
          1. [5]Poll on possible next F2F
          2. [6]Update on Mobile Accessibility
          3. [7]MWABP aka BP2
          4. [8]CT - mandating heuristics
          5. [9]CT - X- HTTP Headers
          6. [10]CT - HTTPS Link Re-Writing
          7. [11]Feedback to Web Apps WG on Widget Spec
      * [12]Summary of Action Items
      _________________________________________________________

Poll on possible next F2F

    ->
    [13]http://www.w3.org/2002/09/wbs/37584/BPWG-Possible-F2F-March-2009
    /results Results of the questionnaire

      [13] 
http://www.w3.org/2002/09/wbs/37584/BPWG-Possible-F2F-March-2009/results

    jo: it's going to be in London
    ... comments?

    francois: wonder if Dan can join

    jo: yes, he answered the questionnaire
    ... OK, so next F2F will be in London 18-20 March 2009

    francois: any location?

    jo: I think Dan proposed to host it.

    adam: It's possible that Google can host it as well.

Update on Mobile Accessibility

    jo: Alan posted an update. Self-explanatory.

    ->
    [14]http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0038.htm
    l Alan's email

      [14] http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0038.html

    <jo> [15]Alan's update

      [15] http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0038.html

    jo: Yeliz, something to add?

    yeliz: nothing to add, no.

MWABP aka BP2

    adam: Main thing I've done is to go through the doc and integrate
    your comments jo.
    ... In terms of editorial comments, I'm fine.
    ... In terms of broader comments, this translates into actions to
    investigate your points.
    ... Maybe we can raise issues on each of them

    jo: Why don't we raise issues, and see how to action them?

    adam: OK, I'll do it by the end of the week.
    ... section 3.2.1 is asking for more advice on security.
    ... I'd appreciate if we could get the advice of the Team, and in
    particular security folks.

    <jeffs> hope security folks take a good hard long look at this... is
    worrisome

    <EdC> The practice seems to provide authentication, but no
    confidentiality, nor integrity. (at first sight).

    <jo> ACTION: daoust to contact WSC team (Thomas) to obtain a view on
    the secure hash mechanism discussed under 3.2.1 in BP2 [recorded in
    [16]http://www.w3.org/2009/01/20-bpwg-minutes.html#action01]

    <trackbot> Created ACTION-899 - Contact WSC team (Thomas) to obtain
    a view on the secure hash mechanism discussed under 3.2.1 in BP2 [on
    Fran├žois Daoust - due 2009-01-27].

    jo: we should probably go back to Thomas and folks of WSC WG.

    francois: OK. Will do that.

    jo: Anything else on BP2?

    <Sangwhan_Moon> I will check if our browser security team has
    anything particular to provide for feedback for 899

    francois: Dan mentioned the idea that we could have an editorial
    meeting on Monday 2 Feb 2009 afternoon in London on MWABP. I'll
    probably be there.

    jo: OK, good idea.

CT - mandating heuristics

    <dom> ACTION-896?

    <trackbot> ACTION-896 -- Fran├žois Daoust to stimulate discussion on
    the SHOULD NOT question ref mobile heuristics -- due 2009-01-20 --
    OPEN

    <trackbot>
    [17]http://www.w3.org/2005/MWI/BPWG/Group/track/actions/896

      [17] http://www.w3.org/2005/MWI/BPWG/Group/track/actions/896

    <jo> [18]ACTION-896

      [18] http://www.w3.org/2005/MWI/BPWG/Group/track/actions/896

    francois: I can just apologize. I haven't done my action. Sean
    replied.

    SeanP: I replied with a list of exceptions to the rule. I mentioned
    the possibility for users to choose for the transcoder to transcode
    responses even in that case.

    <dom> but isn't the CT proxy on the network and thus would catch
    requests to other non-mobile sites?

    SeanP: One example: a Web page that links to non-mobile Web pages,
    users may want to see the non-mobile pages transformed.

    <dom> [19]Sean's proposal on interfering with mobile sites

      [19] 
http://lists.w3.org/Archives/Public/public-bpwg-ct/2009Jan/0031.html

    jo: I think we should raise this kind of stuff as real issues

    <EdC> I answered in
    [20]http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0021.htm
    l - basically this seems to fall into the scheme of users specifying
    they want a transformed experience.

      [20] http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0021.html

    <jo> ACTION: jo to raise issues on inconclusive CT threads once the
    new draft of CT is prepared [recorded in
    [21]http://www.w3.org/2009/01/20-bpwg-minutes.html#action02]

    <trackbot> Created ACTION-900 - Raise issues on inconclusive CT
    threads once the new draft of CT is prepared [on Jo Rabin - due
    2009-01-27].

    francois: wonder if we can have a quick overview of points of
    divergence. My understanding is that the only remaining one is this
    case where users may want CT-proxies to transform mobile Web pages.
    Am I missing something?

    SeanP: it sounds to be the case.
    ... Eduardo replied.

    jo: Could you raise a formal issue on where you think the discussion
    is, Sean?
    ... Threads start to be a little difficult to follow.

    <jo> ACTION: patterson to raise issue the thread he started on
    transforming mobile content entitled "RE: [minutes] CT Call 6
    january 2009" [recorded in
    [22]http://www.w3.org/2009/01/20-bpwg-minutes.html#action03]

    <trackbot> Created ACTION-901 - Raise issue the thread he started on
    transforming mobile content entitled \"RE: [minutes] CT Call 6
    january 2009\" [on Sean Patterson - due 2009-01-27].

    <dom> [23]Issue creator

      [23] http://www.w3.org/2005/MWI/BPWG/Group/track/issues/new

    <Zakim> dom, you wanted to ask about CT-on-network

    dom: I was a bit curious about your point Sean on non-mobile pages
    linked from mobile pages. Wouldn't the CT-proxy catch the following
    request and behave accordingly?

    SeanP: You may either look at the request for clues or at the
    response for clues. That's kind of what I had in mind. For
    CT-proxies that work in linked mode, a page that is not transformed
    doesn't go through the proxy anymore, and the non-mobile page cannot
    be transformed.

    dom: is linked-mode the only or default mode?

    SeanP: we have both types of deployment.

    dom: Well, in that case, we could at least enforce the rule on
    deployments that behave as real proxies, if impossible in the
    linked-mode case.

    SeanP: ok, there may still be the problem with the toolbar problem.

    dom: I think that's a separate discussion.

    jo: Something else?

CT - X- HTTP Headers

    EdC: I haven't completed the action entirely. First results on the
    mailing-list.
    ... The interesting thing is that I haven't found anything truly
    concrete on X- header fields, nor anything on deprecation of fields
    ... except in RFC3864.

    ->
    [24]http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0052.htm
    l EdC's first results

      [24] http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0052.html

    EdC: I found an extensive discussion on IETF lists.
    ... but could not really determine the outcome of that.
    ... I intend to send a mail to IETF.
    ... In the meantime, if anyone has any pointer to provide, I'm
    interested!

    jo: I thought X- header fields were governed by a separate RFC, but
    this may actually be a legend.

    dom: I'll see if I can find something.

    <dom> RFC 2169 ?

    francois: just to remind I asked for advice within W3C. No mention
    to RFC on X- header fields, but I was told one cannot register X-
    fields.

    jo: OK, right, let's continue the search.

CT - HTTPS Link Re-Writing

    jo: Rob and Tom are active participants in that discussion and
    neither are on the call today.
    ... What's been much on my mind here, is that we were asked to
    review the OPES draft.

    <jo> [25]OPES

      [25] http://tools.ietf.org/html/rfc3238

    jo: We need to keep that in mind, and make sure we're compliant with
    it.

    francois: didn't we review the spec before?

    jo: yes, but not really with HTTPS in mind

    francois: what I recall is that, in short, agreement from both ends
    was better, but that agreement from one end was enough.

    <dom> RFC 822 has the stuff about X- headers, AFAICT:
    [26]http://www.w3.org/Protocols/rfc822/#z26 "extension-field = <Any
    field which is defined in a document published as a formal extension
    to this specification; none will have names beginning with the
    string "X-">

      [26] http://www.w3.org/Protocols/rfc822/#z26

    jo: yes, but I think there was a need to have an explicit agreement.

    <jo> [27]rfc search

      [27] http://www.rfc-editor.org/cgi-bin/rfcsearch.pl

    <dom> (thus an X- header cannot be considered as a formal MIME
    header)

    <jo> enter "OPES" to find all references

    jo: Do you want to comment on X- header fields?

    dom: yes. Apparently, the grammar defined in RFC822 forbids header
    fields that start with "X-" headers.

    jo: OK. Thanks for the pointer, dom.
    ... Back to HTTPS links rewriting.
    ... any idea to move forward?

    francois: I'd love to see the issue rationalized. The discussion
    covers many aspects. Hard to focus, follow and resolve.

    SeanP: Quick question: how did OPES come into the discussion?

    <jo> ACTION: jo to summarise current discussions on https link re
    writing [recorded in
    [28]http://www.w3.org/2009/01/20-bpwg-minutes.html#action04]

    <trackbot> Created ACTION-902 - Summarise current discussions on
    https link re writing [on Jo Rabin - due 2009-01-27].

    jo: we received a last call from the IAB asking us to review the
    specification.

    <jo> IAB Said: In its preview and review of OPES work, the IAB
    expressed its concerns about privacy, control, monitoring, and
    accountability of such services in RFC 3238
    [29]http://tools.ietf.org/html/rfc3238 ].

      [29] http://tools.ietf.org/html/rfc3238

    <EdC> There is a dozen RFC related to OPES at
    [30]http://tools.ietf.org/wg/opes !

      [30] http://tools.ietf.org/wg/opes

    jo: Anything else on HTTPS links rewriting?

    francois: just wanted to raise the fact that it's not only HTTPS
    links rewriting. It's HTTPS and links rewriting, combined or not.

    jo: OK. And I remember Eduardo posted a thorough analysis on that.
    Thanks!

Feedback to Web Apps WG on Widget Spec

    jo: Bruce is not on the call.
    ... Other business?
    ... OK, in that case, thanks and bye!

Summary of Action Items

    [NEW] ACTION: daoust to contact WSC team (Thomas) to obtain a view
    on the secure hash mechanism discussed under 3.2.1 in BP2 [recorded
    in [31]http://www.w3.org/2009/01/20-bpwg-minutes.html#action01]
    [NEW] ACTION: jo to raise issues on inconclusive CT threads once the
    new draft of CT is prepared [recorded in
    [32]http://www.w3.org/2009/01/20-bpwg-minutes.html#action02]
    [NEW] ACTION: jo to summarise current discussions on https link re
    writing [recorded in
    [33]http://www.w3.org/2009/01/20-bpwg-minutes.html#action04]
    [NEW] ACTION: patterson to raise issue the thread he started on
    transforming mobile content entitled "RE: [minutes] CT Call 6
    january 2009" [recorded in
    [34]http://www.w3.org/2009/01/20-bpwg-minutes.html#action03]

    [End of minutes]
Received on Tuesday, 20 January 2009 16:02:00 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:42:59 UTC