[minutes] BPWG Call 2009-09-01 from Francois Daoust on 2009-09-01 (public-bpwg@w3.org from September 2009)

From: Francois Daoust <fd@w3.org>
Date: Tue, 01 Sep 2009 16:01:34 +0200
To: Mobile Web Best Practices Working Group WG <public-bpwg@w3.org>
Message-ID: <4A9D293E.80903@w3.org>
Hi,

Minutes of today's short call are available at:
  http://www.w3.org/2009/09/01-bpwg-minutes.html

... and copied as text below.

Thanks,
Francois.


-----
01 Sep 2009

    [2]Agenda

       [2] http://lists.w3.org/Archives/Public/public-bpwg/2009Sep/0000.html

    See also: [3]IRC log

       [3] http://www.w3.org/2009/09/01-bpwg-irc

Attendees

    Present
           Kai_Dietrich, adam, jo, francois, EdC, jeffs, yeliz, SeanP

    Regrets
           tomhume, manrique, achuter

    Chair
           Jo

    Scribe
           Kai

Contents

      * [4]Topics
          1. [5]Mobile Web Application Best Practices (MWABP)
          2. [6]MWBP 1.5
          3. [7]CT Draft
      * [8]Summary of Action Items
      _________________________________________________________

    Jo: Apologies for not not having everything ready on time

Mobile Web Application Best Practices (MWABP)

    Adam: getting there

    Jo: why don't you do the editorial stuff in the mean time

MWBP 1.5

    Kai: I will process the updates and convert the document to a
    regular and consistent HTML document.

    <PhilA2> Hello, that sounds like Kai

    Jo: Do we need another editorial session?

    Kai: not for the time being, let me clean it up, and let's discuss
    the result with the group.

CT Draft

    jo: life is a bit crazy after the holiday. Francois, you have some
    actions to tidy up. Status?

    francois: was waiting on the latest version to do it only once.

    jo: I need to get back into it. Want to do it by Friday...

    francois: there are two topics for discussion. 1) comment from
    Graham Klyne, from ITS, 2) the crossside scripting tests that Chaals
    provided

    jo: Klyne's comments should be covered by the latest draft. Need to
    review that.
    ... we can't prove through tests that crosside scripting is not a
    problem

    francois: I read an article recently mentioning that 80% of existing
    problems were based on crosside scripting attacks

    jo: if we make these tests normative then we freeze them but we want
    people to think about it and be flexible

    francois: we may just provide a few tests

    jo: [getting Bruce uptodate]
    ... we are asking what are trying to say?

    <EdC> My question is: what _exact_ properties are enforced if these
    tests pass successfully? At least, we should be able to state what
    level of security / safety is ensured by these tests (even if not
    100% safety).

    jo: might be useful for Chaals or Opera to formulate a concise
    statement

    <jo> ACTION: bruce to follow up within Opera as to what exactly the
    XSS test scripts supplied by chaals guard against [recorded in
    [9]http://www.w3.org/2009/09/01-bpwg-minutes.html#action01]

    <trackbot> Created ACTION-1003 - Follow up within Opera as to what
    exactly the XSS test scripts supplied by chaals guard against [on
    Bruce Lawson - due 2009-09-08].

    <brucel> groovy

    Jo: We need to think about timelines for finishing documents
    ... we have 4 months. We need to hurry up.

    <jeffs> suggest merging ACTION 910 and ACTION 924

    Jo: any other business?

    <jo> ACTION-910?

    <trackbot> ACTION-910 -- Jeffrey Sonstein to get review canvas tag
    materials and suggest how/if to address in BP -- due 2009-03-10 --
    PENDINGREVIEW

    <trackbot>
    [10]http://www.w3.org/2005/MWI/BPWG/Group/track/actions/910

      [10] http://www.w3.org/2005/MWI/BPWG/Group/track/actions/910

    <jo> ACTION-924?

    <trackbot> ACTION-924 -- Daniel Appelquist to and Jeffs to wander
    the highways and byways of SVG and Canvas and cook something up for
    the group's approval -- due 2009-04-02 -- PENDINGREVIEW

    <trackbot>
    [11]http://www.w3.org/2005/MWI/BPWG/Group/track/actions/924

      [11] http://www.w3.org/2005/MWI/BPWG/Group/track/actions/924

    <jeffs> two diff versions of the same thing addressed by my draft
    materials emailed out today

    <jeffs> I just set to pending review

    <jeffs> +1 to closing 910

    <jo> close ACTION-910

    <trackbot> ACTION-910 Get review canvas tag materials and suggest
    how/if to address in BP closed

    <EdC> +1

    <jeffs> +1

    <yeliz> :)

    <PhilA2> Short and sweet, bye

    <brucel> hugs

Summary of Action Items

    [NEW] ACTION: bruce to follow up within Opera as to what exactly the
    XSS test scripts supplied by chaals guard against [recorded in
    [12]http://www.w3.org/2009/09/01-bpwg-minutes.html#action01]

    [End of minutes]
Received on Tuesday, 1 September 2009 14:02:11 UTC