- From: Francois Daoust <fd@w3.org>
- Date: Tue, 20 Jan 2009 17:01:26 +0100
- To: Mobile Web Best Practices Working Group WG <public-bpwg@w3.org>
Hi,
The minutes of today's call are available at:
http://www.w3.org/2009/01/20-bpwg-minutes.html
... and copied as text below.
In short:
- Next F2F meeting will be in London, 18-20 March 2009. Host to be
determined. I will prepare a registration poll.
- There will likely be an editorial meeting on Mobile Web Application
Best Practices on Monday 2 February 2009 afternoon in London. Open to
any participant in the Working Group. Raise your hand if you think you
will be coming (it should be possible to attend the meeting remotely).
- Adam should raise issues triggered by Jo's comments on MWABP by the
end of the week.
- Discussion progresses on CT hot topics. Not over yet. Rationalization
needed.
Thanks,
Francois.
-----
20 Jan 2009
[2]Agenda
[2] http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0040.html
See also: [3]IRC log
[3] http://www.w3.org/2009/01/20-bpwg-irc
Attendees
Present
adam, jo, Francois, Sangwhan_Moon, Jeff, dom, yeliz, EdC,
SeanP, achuter
Regrets
BruceLawson, tom, rob, manrique, nacho, abel, miguel
Chair
Jo
Scribe
francois
Contents
* [4]Topics
1. [5]Poll on possible next F2F
2. [6]Update on Mobile Accessibility
3. [7]MWABP aka BP2
4. [8]CT - mandating heuristics
5. [9]CT - X- HTTP Headers
6. [10]CT - HTTPS Link Re-Writing
7. [11]Feedback to Web Apps WG on Widget Spec
* [12]Summary of Action Items
_________________________________________________________
Poll on possible next F2F
->
[13]http://www.w3.org/2002/09/wbs/37584/BPWG-Possible-F2F-March-2009
/results Results of the questionnaire
[13]
http://www.w3.org/2002/09/wbs/37584/BPWG-Possible-F2F-March-2009/results
jo: it's going to be in London
... comments?
francois: wonder if Dan can join
jo: yes, he answered the questionnaire
... OK, so next F2F will be in London 18-20 March 2009
francois: any location?
jo: I think Dan proposed to host it.
adam: It's possible that Google can host it as well.
Update on Mobile Accessibility
jo: Alan posted an update. Self-explanatory.
->
[14]http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0038.htm
l Alan's email
[14] http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0038.html
<jo> [15]Alan's update
[15] http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0038.html
jo: Yeliz, something to add?
yeliz: nothing to add, no.
MWABP aka BP2
adam: Main thing I've done is to go through the doc and integrate
your comments jo.
... In terms of editorial comments, I'm fine.
... In terms of broader comments, this translates into actions to
investigate your points.
... Maybe we can raise issues on each of them
jo: Why don't we raise issues, and see how to action them?
adam: OK, I'll do it by the end of the week.
... section 3.2.1 is asking for more advice on security.
... I'd appreciate if we could get the advice of the Team, and in
particular security folks.
<jeffs> hope security folks take a good hard long look at this... is
worrisome
<EdC> The practice seems to provide authentication, but no
confidentiality, nor integrity. (at first sight).
<jo> ACTION: daoust to contact WSC team (Thomas) to obtain a view on
the secure hash mechanism discussed under 3.2.1 in BP2 [recorded in
[16]http://www.w3.org/2009/01/20-bpwg-minutes.html#action01]
<trackbot> Created ACTION-899 - Contact WSC team (Thomas) to obtain
a view on the secure hash mechanism discussed under 3.2.1 in BP2 [on
François Daoust - due 2009-01-27].
jo: we should probably go back to Thomas and folks of WSC WG.
francois: OK. Will do that.
jo: Anything else on BP2?
<Sangwhan_Moon> I will check if our browser security team has
anything particular to provide for feedback for 899
francois: Dan mentioned the idea that we could have an editorial
meeting on Monday 2 Feb 2009 afternoon in London on MWABP. I'll
probably be there.
jo: OK, good idea.
CT - mandating heuristics
<dom> ACTION-896?
<trackbot> ACTION-896 -- François Daoust to stimulate discussion on
the SHOULD NOT question ref mobile heuristics -- due 2009-01-20 --
OPEN
<trackbot>
[17]http://www.w3.org/2005/MWI/BPWG/Group/track/actions/896
[17] http://www.w3.org/2005/MWI/BPWG/Group/track/actions/896
<jo> [18]ACTION-896
[18] http://www.w3.org/2005/MWI/BPWG/Group/track/actions/896
francois: I can just apologize. I haven't done my action. Sean
replied.
SeanP: I replied with a list of exceptions to the rule. I mentioned
the possibility for users to choose for the transcoder to transcode
responses even in that case.
<dom> but isn't the CT proxy on the network and thus would catch
requests to other non-mobile sites?
SeanP: One example: a Web page that links to non-mobile Web pages,
users may want to see the non-mobile pages transformed.
<dom> [19]Sean's proposal on interfering with mobile sites
[19]
http://lists.w3.org/Archives/Public/public-bpwg-ct/2009Jan/0031.html
jo: I think we should raise this kind of stuff as real issues
<EdC> I answered in
[20]http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0021.htm
l - basically this seems to fall into the scheme of users specifying
they want a transformed experience.
[20] http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0021.html
<jo> ACTION: jo to raise issues on inconclusive CT threads once the
new draft of CT is prepared [recorded in
[21]http://www.w3.org/2009/01/20-bpwg-minutes.html#action02]
<trackbot> Created ACTION-900 - Raise issues on inconclusive CT
threads once the new draft of CT is prepared [on Jo Rabin - due
2009-01-27].
francois: wonder if we can have a quick overview of points of
divergence. My understanding is that the only remaining one is this
case where users may want CT-proxies to transform mobile Web pages.
Am I missing something?
SeanP: it sounds to be the case.
... Eduardo replied.
jo: Could you raise a formal issue on where you think the discussion
is, Sean?
... Threads start to be a little difficult to follow.
<jo> ACTION: patterson to raise issue the thread he started on
transforming mobile content entitled "RE: [minutes] CT Call 6
january 2009" [recorded in
[22]http://www.w3.org/2009/01/20-bpwg-minutes.html#action03]
<trackbot> Created ACTION-901 - Raise issue the thread he started on
transforming mobile content entitled \"RE: [minutes] CT Call 6
january 2009\" [on Sean Patterson - due 2009-01-27].
<dom> [23]Issue creator
[23] http://www.w3.org/2005/MWI/BPWG/Group/track/issues/new
<Zakim> dom, you wanted to ask about CT-on-network
dom: I was a bit curious about your point Sean on non-mobile pages
linked from mobile pages. Wouldn't the CT-proxy catch the following
request and behave accordingly?
SeanP: You may either look at the request for clues or at the
response for clues. That's kind of what I had in mind. For
CT-proxies that work in linked mode, a page that is not transformed
doesn't go through the proxy anymore, and the non-mobile page cannot
be transformed.
dom: is linked-mode the only or default mode?
SeanP: we have both types of deployment.
dom: Well, in that case, we could at least enforce the rule on
deployments that behave as real proxies, if impossible in the
linked-mode case.
SeanP: ok, there may still be the problem with the toolbar problem.
dom: I think that's a separate discussion.
jo: Something else?
CT - X- HTTP Headers
EdC: I haven't completed the action entirely. First results on the
mailing-list.
... The interesting thing is that I haven't found anything truly
concrete on X- header fields, nor anything on deprecation of fields
... except in RFC3864.
->
[24]http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0052.htm
l EdC's first results
[24] http://lists.w3.org/Archives/Public/public-bpwg/2009Jan/0052.html
EdC: I found an extensive discussion on IETF lists.
... but could not really determine the outcome of that.
... I intend to send a mail to IETF.
... In the meantime, if anyone has any pointer to provide, I'm
interested!
jo: I thought X- header fields were governed by a separate RFC, but
this may actually be a legend.
dom: I'll see if I can find something.
<dom> RFC 2169 ?
francois: just to remind I asked for advice within W3C. No mention
to RFC on X- header fields, but I was told one cannot register X-
fields.
jo: OK, right, let's continue the search.
CT - HTTPS Link Re-Writing
jo: Rob and Tom are active participants in that discussion and
neither are on the call today.
... What's been much on my mind here, is that we were asked to
review the OPES draft.
<jo> [25]OPES
[25] http://tools.ietf.org/html/rfc3238
jo: We need to keep that in mind, and make sure we're compliant with
it.
francois: didn't we review the spec before?
jo: yes, but not really with HTTPS in mind
francois: what I recall is that, in short, agreement from both ends
was better, but that agreement from one end was enough.
<dom> RFC 822 has the stuff about X- headers, AFAICT:
[26]http://www.w3.org/Protocols/rfc822/#z26 "extension-field = <Any
field which is defined in a document published as a formal extension
to this specification; none will have names beginning with the
string "X-">
[26] http://www.w3.org/Protocols/rfc822/#z26
jo: yes, but I think there was a need to have an explicit agreement.
<jo> [27]rfc search
[27] http://www.rfc-editor.org/cgi-bin/rfcsearch.pl
<dom> (thus an X- header cannot be considered as a formal MIME
header)
<jo> enter "OPES" to find all references
jo: Do you want to comment on X- header fields?
dom: yes. Apparently, the grammar defined in RFC822 forbids header
fields that start with "X-" headers.
jo: OK. Thanks for the pointer, dom.
... Back to HTTPS links rewriting.
... any idea to move forward?
francois: I'd love to see the issue rationalized. The discussion
covers many aspects. Hard to focus, follow and resolve.
SeanP: Quick question: how did OPES come into the discussion?
<jo> ACTION: jo to summarise current discussions on https link re
writing [recorded in
[28]http://www.w3.org/2009/01/20-bpwg-minutes.html#action04]
<trackbot> Created ACTION-902 - Summarise current discussions on
https link re writing [on Jo Rabin - due 2009-01-27].
jo: we received a last call from the IAB asking us to review the
specification.
<jo> IAB Said: In its preview and review of OPES work, the IAB
expressed its concerns about privacy, control, monitoring, and
accountability of such services in RFC 3238
[29]http://tools.ietf.org/html/rfc3238 ].
[29] http://tools.ietf.org/html/rfc3238
<EdC> There is a dozen RFC related to OPES at
[30]http://tools.ietf.org/wg/opes !
[30] http://tools.ietf.org/wg/opes
jo: Anything else on HTTPS links rewriting?
francois: just wanted to raise the fact that it's not only HTTPS
links rewriting. It's HTTPS and links rewriting, combined or not.
jo: OK. And I remember Eduardo posted a thorough analysis on that.
Thanks!
Feedback to Web Apps WG on Widget Spec
jo: Bruce is not on the call.
... Other business?
... OK, in that case, thanks and bye!
Summary of Action Items
[NEW] ACTION: daoust to contact WSC team (Thomas) to obtain a view
on the secure hash mechanism discussed under 3.2.1 in BP2 [recorded
in [31]http://www.w3.org/2009/01/20-bpwg-minutes.html#action01]
[NEW] ACTION: jo to raise issues on inconclusive CT threads once the
new draft of CT is prepared [recorded in
[32]http://www.w3.org/2009/01/20-bpwg-minutes.html#action02]
[NEW] ACTION: jo to summarise current discussions on https link re
writing [recorded in
[33]http://www.w3.org/2009/01/20-bpwg-minutes.html#action04]
[NEW] ACTION: patterson to raise issue the thread he started on
transforming mobile content entitled "RE: [minutes] CT Call 6
january 2009" [recorded in
[34]http://www.w3.org/2009/01/20-bpwg-minutes.html#action03]
[End of minutes]
Received on Tuesday, 20 January 2009 16:02:00 UTC