Agenda for WebAppSec WG Call, Nov 22, 22:00-23:00 UTC

Agenda for WebAppSec WG call

DATE: November 22, 2011
TIME: 22:00-23:00 UTC (14:00-15:00 PST)

+1.617.761.6200; PIN 92794 ('WASWG') and  #webappsec on irc.w3.org:6665
(Or VoIP via the Zakim SIP bridge: http://www.w3.org/2006/tools/wiki/Zakim-SIP)

22:00-22:03         1              Scribe Selection
22:03-22:05         2              Roll Call
22:05-22:09         3              Create Scribe Round-Robin List
22:09-22:11         4              Minutes of TPAC F2F, Oct 31, Nov 1
22:11-22:15         5              Agenda bashing
22:15-22:25         6              Review open actions in Tracker
22:25-22:35         7              Approving CSP as FPWD (more below)
22:35-22:45         8              Testing activity
22:45-22:50         9              Status on CORS, schedule to move CORS to FPWD? (ACTION-16)
                                                http://www.w3.org/Bugs/Public/describecomponents.cgi?product=WebAppsSec
22:50-23:00         10           Draft requirements for Anti-Clickjacking work
                                                http://www.w3.org/Security/wiki/Anti-Clickjacking_Requirements


Details on item 6:

A call for consensus was issued (http://lists.w3.org/Archives/Public/public-webappsec/2011Nov/0014.html) to move the CSP draft at http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html to FPWD.

Consensus has so far been positive, with two issues raised:

1. Adding sandbox directive to v1.0, with an ISSUE paragraph indicating that it may not make 1.0 final. (Jacob Rossi)

2. Editorial notes from Robin Berjon: http://lists.w3.org/Archives/Public/public-webappsec/2011Nov/0016.html

Brad Hill
cell: 206.245.7844 / skype: hillbrad
email: bhill@paypal-inc.com<mailto:bhill@paypal-inc.com>

Received on Tuesday, 22 November 2011 01:02:41 UTC