Agenda and Action Items: http://esw.w3.org/topic/QaDev Meeting log ************************* Review of Action Items ************************* [00:42:41:] * yod notes he has a huge pile of AIs undone, mostly because I just wasn't around at all in the past 10 days [00:44:10:] * yod has issues with AI: [[ ACTION: Olivier to modify ?ErrorDocument 500 to also mention w-v (public) ]] [00:45:42:] regarding AI: I think 1) there were technical issues making it difficult to modify the errordoc - discussed on the list and 2) not truly convinced it's such a pain to have the webmaster as proxy, it's rather rare anyway [00:46:14:] or did I miss an episode when we discussed that further on the list? [00:46:21:] * xover can't recall any techincal issues, but agrees with the latter... [00:46:31:] xover++ [00:46:46:] But Vivien did seem to want the messages rerouted... [00:46:57:] tech issues with errordoc? [00:47:32:] surely 500 is only ever something-bad-happened? [00:47:46:] (and I think Bjoern felt rather strongly that they should be rerouted too) [00:47:51:] hmm, it's fuzzy, but I seem to remember a discussion, possibly between Bjoern and Ville about it [00:47:58:] I could be wrong [00:48:42:] I remember some talk somewhere but not that much anyway. I have some experimental stuff for $SIG{__DIE__} handling, but only for server logs [00:49:48:] how does that impact on errordocs? When perl dies it hands control straight back to httpd [00:50:56:] niq, not necessarily, if we want we can do stuff inside the handler [00:51:19:] scop: that breaks modularity and KISS [00:51:31:] so it had better have a good reason [00:52:28:] of course, point being that it is _possible_, perl does not necessarily hand back control [00:50:39:] * xover would like to add the SVG bit to the "Quality Badges" AI... [00:51:25:] xover: re- badges, I talked to Dom and we agreed to regenerate the whole, including with SVG versions [00:52:27:] yod: YM creating SVG versions and then regenerating the rest from that, right? [00:53:26:] xover: that's the fuzzy part, what source will be used, either SVG we create or the other types of vector images the Comm has [00:53:45:] * scop has just added the CSS icon to the "transparent icon" (1px white vertical bar on the right) [00:53:59:] (..to the AI, that is) [00:54:49:] I think everyone is in agreement that the SVG versions (probably based on Jim's and Bjoern's work) should be the masters and live in CVS. [00:55:28:] And the PNG and GIF versions, and any Illustrator files Comms may want, are all generated versions. [00:55:45:] Am I wrong? (i.e. anyone disagree?) [00:56:29:] I agree, but will give Dom the choice not to if that's an issue with him [00:56:36:] IOW I'll followup with him [00:56:43:] ok [00:56:46:] xover: in principle; that relies on someone being willing&able to do the work ************************** Markup Validator ************************** ** Guest topic - Ryan and validator's style ** [01:01:29:] Ryan and I discussed a bit on Ryan's blog a while ago [01:01:30:] http://www.ryanbrill.com/archives/w3c-validator-redesign/ [01:02:00:] and Ryan followed-up by e-mail, suggesting he could try and gather a few web designers to help on improving the validator's style [01:02:08:] (and usability) [01:02:49:] so I invited Ryan to join this meeting to discuss the idea, and so that Ryan gets a quick idea of how the team works [01:03:28:] Perhaps Ryan might say a few words about what he's got in mind? [01:04:22:] I was hoping there'd be a possibility for me to enlist the help of a few other designers, for the purpose of reworking the validators current design [01:05:11:] I didn't want to talk to any other designers yet, as I wanted to wait to hear there'd be a possibility of our design(s) being taken seriously first [01:05:31:] As I mentioned to Olivier earlier, it would be a waste of everyone's time if this is gone about in the wrong way [01:05:43:] Whereabouts? Are you contemplating the frontpage, or the reports [01:05:59:] Both, probably. Starting with the front page, though [01:06:12:] (given that the reports are large and complex, so usability is indeed an issue) [01:07:03:] Well I think that the position of all involved is that contributions are always welcome! [01:07:23:] the challenge, I reckon, would be twofold... the current style is a heavy patchwork (although Terje and Ville have made a lot of cleaning up) and adoption - can't easily come to www-validator with a whole new style and be greeted, as we've seen a few times already [01:07:31:] Do you subscribe to the mailinglist, so you're familiar with what real users find good/bad? [01:07:52:] No, I don't subscribe to the mailinglist [01:08:53:] I realize that there will never be a "perfect" implimentation. There will alwasy be people who don't like the design, and there will always be people who think more should have been done to make it perfectly accessible (these people seem to totally write off design, though) [01:09:27:] My line of thinking is that good design *enhances* usability [01:10:40:] ryan_brill: I don't think our biggest concern is universal adoration of any given design. [01:10:48:] Out of curiosity, what exactly is meant by "the current style is a heavy patchwork"? [01:11:11:] ryan_brill: It's grown organically over time instead of beeing a complete design from scratch. [01:11:23:] Ah, ok [01:11:53:] xover: what is the biggest concern? [01:11:58:] The reservations, that I think yod has expressed, run along the lines if Integration and Maintainability. [01:12:23:] integration with the current source code? [01:12:31:] (markup) [01:12:49:] Yes, as well as integration with the plans we've already made for future versions. [01:13:05:] And the issue of maintenance is very important. [01:13:35:] What are the maintenance concerns? [01:13:59:] Take the Whitespace redesign of the result pages as an example; even if we were to integrate that wholesale, how would we maintain that in the future? [01:14:50:] Ah, so basically the concern is making sure it's easily extended to accomodate future changes, then? [01:14:54:] Like most Open Source projects, if you would like to contribute you are expected to take the time to really get involved with the project and to committ to maintaining your contributions in the future. [01:15:36:] ...would it be possible for the XHTML to be changed, if absolutly needed? [01:15:43:] Yes. [01:15:53:] Everything is fair game in that respect. [01:16:11:] How much of an issue is it? (ie. adding classes or ids, or other simple changes) [01:16:17:] Ah, ok [01:16:47:] Just for my own knowledge, how are the pages generated? Is the XHTML spit out by a server-side language, or are they templates? [01:16:49:] simple chages are no problem, we tend to avoid large ones at least for the results, as many have been scraping it as a way to interface with the validator [01:17:01:] chaNges [01:17:13:] Currently pages are spit out piecemeal by the (Perl) CGI code. [01:17:43:] In a (hopefully soon-to-be Beta) they will be templates (using HTML::Template). [01:17:44:] ryan_brill: a mixture. some of us have muttered about XSLT to offer multiple report formats [01:18:03:] Regarding your previous comment, would you define " you are expected to take the time to really get involved with the project and to committ to maintaining your contributions in the future." [01:20:16:] * xover wonders whether ryan_brill mean to ask "can you define"? [01:21:06:] Both... ;) [01:21:07:] I think what xover was saying was similar to my notes about simply dropping a "new design" to the list... unless the work is done in parallel with discussions on the list (or this team at least) and there is a will to keep helping, the contribution is less likely to be welcome [01:21:24:] that said the level of commitment necessary is not high [01:21:44:] Ok, thanks for clearing that up a bit. [01:22:10:] it's "I would like to help taking care of that aspect of the project" versus "here is what you should do" [01:22:30:] community-based open source development and all that [01:22:41:] Sure, I have no problem with that [01:22:43:] Another issue is, any third-party design will have to get agreement of a lot of fussy people ... and will want at least one advocate before it even gets considered [01:23:03:] that's the entry bar [01:23:12:] Who's ultimatly in charge of making the change? [01:23:50:] ultimately in charge would be this small team, and then me [01:23:57:] hmmm, in theory yod [01:24:24:] It's roughly a consensus process, with some of us making unilateral decisions if circumstances seem to warrant it. [01:24:25:] niq: and in practice? :) [01:24:40:] xover++ [01:24:41:] Ok, well you guys haven't scared me off yet... ;) [01:24:42:] unless someone like dancon puts an oar in ... [01:24:49:] ryan_brill: :-) [01:25:00:] Ryan: W3C has a strong consensus culture, FWIW [01:25:24:] and the validators' development is no exception [01:25:40:] But the W3C is also an Industry Consortium, and in the final analysis "The W3C" _will_ call the shots. [01:25:42:] So, it sounds like none of you would be against my getting involved in some way to try to help improve the design of the validator? [01:25:56:] THis is why I can move faster with Valet, which is independent [01:25:57:] * xover gets NMi back in a jiffy.. [01:26:11:] Ryan: quite the contrary [01:26:20:] ryan_brill, not at all [01:26:55:] niq has a point: building consensus can be slow and frustrating [01:27:19:] * niq reserves judgement until he sees some real proposals [01:27:41:] ryan_brill: Quite the contrary! We'd love to see you get involved. Mainly we'd like to make sure you get _more_ involved. :-) [01:27:46:] Great, so what would be the best plan of action for me to take from this point? As I previously said, the method I'd take if it were up to me would be to learn the project constraints, and then get a few other designers involved (if willing) and submit some potential designs [01:28:14:] go ahead ... [01:28:32:] * yod is a bit wary of the idea of asking www-validator for requirements [01:28:50:] yod: why's that? [01:28:53:] heh [01:29:39:] But any submissions should begin to address the more difficult issues, like usability of complex reports [01:29:48:] the list is full of opinionated people (not necessarily meant negatively), and that could be overwhelming [01:30:01:] * niq nods [01:30:01:] Ah... lol [01:30:23:] niq, that requires changes in the backend which is unlikely to happen soon... [01:30:24:] Ok, perhaps I should have worded it like this: "What can I do, and what can I not do?" ;) [01:30:35:] I would suggest you interact first with our limited subset to get ideas of what areas would need to be tackled [01:31:21:] (a good bunch of opinionated people already ;) ) [01:31:26:] ok [01:31:43:] we have a (public) sublist at public-qa-dev@w3.org [01:32:05:] ryan_brill: I think the main thing to keep in mind here is that "Redesigns" are likely to be met with "Wow, nice. Now lets do some real work.", while small evolutionary changes are more likely to me immediately implemented. [01:32:09:] perhaps you could start a thread there by sending in ideas of areas you think could be improved? [01:32:32:] I would like to point out that I have previously suggested to add some classes and ids to the markup and introduce some ;stylesheet=http://... parameter [01:32:44:] that would ease alternate layouts and experiments [01:32:57:] Sure, that sounds like a good place to start [01:33:23:] Is there a link to the mailing list where I could see the format? [01:33:58:] ym http://lists.w3.org/Archives/Public/public-qa-dev/ and http://lists.w3.org/Archives/Public/www-validator/ ? [01:36:11:] Ok, I'll start by outlining some of my ideas for improvement on the mailing list [01:36:20:] great [01:36:25:] thanks! [01:36:28:] ryan_brill++ [01:36:43:] You bet, thanks for considering my ideas ;) [01:36:45:] * niq looks forward tuit ** suggestion link only used for suggestions + specific list ** [02:03:22:] I think we have achieved that for now [02:03:30:] haven't compared very seriously, but the display tweak seems to have done a good temp job, yes? [02:03:47:] list traffic is better [02:04:04:] so is community mood [02:04:45:] good to hear [02:04:58:] should we start fighting over the best long-term solution then? [02:05:26:] * xover thinks that can wait... [02:05:40:] * bjoern_ agrees with xover [02:06:35:] fair enough, not considering it a priority for now [02:07:42:] that leaves us a bit colder-headed to discuss validation-problems@ ? [02:08:12:] or is that one also moot now the list traffic/community morale is back to normal? [02:08:42:] I think those two are rather unrelated, but I would rather discuss this on the list [02:08:45:] hmmm, not too much balkanisation [02:09:56:] could fu2 http://www.w3.org/mid/ACC0A8BB-B600-11D8-A0EA-000A95E54002@w3.org if on list [02:10:11:] niq: that was xover's argument too, IIRC [02:10:47:] Ok. Lets try to do it in email then, and move on to next item. ** That would be Status of SSL/TLS for www.w3.org ** [02:12:34:] I haven't followed-up after the systeam basically gave up on the idea of getting "first grade" certificates [02:13:19:] W3C has no Root CAs as Members? [02:13:57:] It does [02:14:11:] I think so [02:14:40:] Well, VeriSign Inc. is a Member... [02:14:40:] And yet w3.org can't get a first-tier certificate? [02:15:19:] I'd rather say systeam does not see a need to go into the trouble of setting this up... [02:15:34:] and w3m bothering members for a certificate [02:15:40:] I do not see the need either [02:15:50:] me2 [02:16:10:] MIT is a certificate provider [02:16:28:] though probably not a "well-known" one [02:17:17:] is the general idea that any certificate would be enough? [02:18:03:] No. Wowsers put up annoying dialogs when the certificate isn't top-tier signed. [02:18:17:] so? [02:18:37:] I'll take that is a rhetorical question. [02:18:44:] we're not asking people to trust us with their sensitive data ... [02:19:20:] Well, if we do this for the quality badges, people would not like to see these dialogs... [02:20:08:] ( http://www.w3.org/Bugs/Public/show_bug.cgi?id=77 http://www.w3.org/Bugs/Public/show_bug.cgi?id=117 btw) [02:21:12:] We need a certificate for v.w3.org that is signed by a CA who's in most browser's existing list. [02:21:24:] For what? [02:21:26:] aha, i see [02:21:34:] the badges are from www.w3.org not validator.w3.org [02:21:49:] for ssl requests we do not need certificates [02:21:53:] To be able to keep serving the badges from the wwww.w3.org round-robin, we also need www.w3.org to be available over https with the same requirements for the certificate. [02:22:32:] v.w3.org needs a certificate to enable /check=referer to work from https: pages. [02:22:50:] xover: that's quite a burden for a small payback. Why not users make local copies instead? [02:23:05:] (re badges) [02:23:26:] You certain that browsers would send the Referer: header then? [02:23:36:] No. [02:23:44:] many don't now. [02:23:50:] especially on https [02:24:15:] even not from https://example.org to https://example.com ? [02:24:17:] http://www.w3.org/Bugs/Public/show_bug.cgi?id=77#c1 [02:24:27:] as both are https in that case? [02:26:23:] anyway, it seems that https://www.w3.org is unlikely to work soon and considering that that is not a real validator issue, I suggest we close bug 117 [02:26:36:] It certainly ain't a blocker for 77 [02:26:51:] which deals with check?uri=https:// [02:27:51:] No, the Blocker relationship is probably reverse or orthogonal. [02:28:19:] Both 77 and 117 block overall SSL support for the Validator. It's just taht the overall bug hasn't been entered yet. [02:28:46:] I've been experimenting somewhat with Referer and https->http, and Mozilla and derivatives are the only ones I haven't been able to fool into sending it from https->http [02:30:13:] So what do we do with 117? [02:30:25:] * xover thinks we shoudl leave it open... [02:31:01:] (and that Olivier should make another effort to get progress on it) [02:31:21:] I agree [02:31:30:] * bjoern_ is somewhat opposed to use the bug tracker as a list for everything that would somehow be nice [02:31:30:] * bjoern_ feels strongly that the systeam has more important things to do... [02:31:36:] AI: Olivier to patch Bugzilla to change all instances of "Bug" to "Issue"... [02:31:57:] AI: xover to write an Issuezilla that does not suck... [02:32:01:] xover: actually I did that... for the team instance [02:32:37:] turns out bugzilla's template behaviour has changed since, and my templates are borken [02:32:42:] but that's another story [02:33:21:] Bugzilla is what we've got. If you have ideas for better tools, or complementary tools, please do suggest them; but until that is in place we still need somewhere to track issues. [02:33:25:] anyway I'll just check whether verisign was a member at the time this was discussed within the systeam, and will ask whether anyone has any issue with my asking a certificate to them [02:33:32:] and we'll see [02:34:27:] you'd need to upgrade all the web servers to use SSL or Apache+SSL... [02:34:50:] And round-robin DNS may cause problems, yes. [02:35:13:] The only reason beeing serving some .gifs for some people who do not want to create local copies of the images [02:35:57:] No Bjoern. You need to read the bug text again. [02:36:03:] the SSL issue is bigger than just icons, no? [02:36:19:] Yes. There are lots of little issues. [02:36:35:] Well, I am talking about #117 [02:36:55:] v.w3.org references images on www.w3.org! [02:38:02:] You mean, this would be an issue once we have https://validator.w3.org? [02:38:10:] Yes. [02:38:38:] Then I suggest we do not introduce https://validator.w3.org... [02:39:02:] * xover watches Bjoern cut off his nose... [02:39:40:] I just don't see the benefit compared to other outstanding issues... [02:39:54:] We can discuss what priority to assign it, sure. [02:40:20:] I don't think it's a critical issue that needs to be adressed yesterday. [02:40:40:] But it's one that will take a long time to resolve so we'd better get moving. [02:41:31:] yes [02:41:35:] So an AI for yod to see whether SSL on www.w3.org will happen soon? [02:41:44:] and then close the bug if the answer is no [02:41:50:] soon beeing 2004-2005 [02:42:09:] * scop notes that we don't need to introduce https://v.w.o; it's already there (as non-working /referer badge code in results page) [02:42:21:] Why in the bleeding blazes would we want to close an issue that has not been resolved? [02:42:28:] will take the AI [02:42:47:] whether the issue can be left dormant or should be closed if the answer is "no"... [02:43:07:] wontfix versus later [02:43:08:] The more issues, the more difficult to use this bugzilla thing [02:44:02:] actually forget what I just said, "later" is a closing state for bugzilla [02:44:31:] anyway, lets see what yod wil report next meeting ** Status of 0.6.7 ** [02:44:51:] How is 0.6.7 coming? [02:45:07:] What blocks a new beta? [02:45:33:] scop has been fixing several bugs in 0.6.6 (most of which are already on v.w3.org I think). [02:46:17:] IOW, a quick 0.6.7 beta followed by a release is probably a good idea (still. as was the status at the last meeting IIRC). [02:46:22:] it would be nice to see the fix for http://www.w3.org/Bugs/Public/show_bug.cgi?id=805 get tested [02:46:30:] agreed [02:46:40:] AFAIK there haven't been many v.w.o updates after 0.6.6, so my fixes aren't there [02:46:49:] Ah, ok. [02:46:57:] there was one two weeks ago [02:47:08:] bug 805: I'm going to ask the submitter for feedback when qa-dev instances have updated [02:47:42:] btw regarding auth proxying, my new code passes all WWW-Authenticate: headers through. should we pass only Basic auth ones? [02:47:58:] Probably only basic/digest [02:48:01:] Are multiple WWW-Auth headers allowed? [02:48:09:] v.w3.org can't do NTLM auth, for example [02:48:15:] xover, yes [02:48:23:] (NTLM auth isn't proxyable AFAIK) [02:48:34:] exactly [02:49:06:] Hmmm. Do we need to "understand" any auth method we support proxying for perhaps? [02:49:37:] That depends. We understand basic and digest... [02:49:50:] maybe more, not sure what schemes are around these days [02:49:51:] digest auth: do we need to/ can we futz something akin to how we do for the basic auth realm? [02:50:26:] no "realm" in digest, IIRC [02:50:51:] There is http://jigsaw.w3.org/HTTP/Digest/ (with guest/guest) that we can use for testing [02:50:58:] note that it does not work in MSIE [02:51:05:] bjoern_, ah, thx [02:51:29:] (and http://jigsaw.w3.org/HTTP/Basic/ for basic auth) [02:51:36:] (see http://jigsaw.w3.org/HTTP/) [02:52:12:] So, an AI for scop to complete the fix for 805 and then a beta? [02:53:12:] sounds good to me [02:53:20:] scop, OK? [02:53:25:] ok [02:53:49:] ACTION Ville complete the fix for bug #805, ask feedback [02:53:57:] (BTW "digest auth" link at http://jigsaw.w3.org/HTTP/ points to old draft, should be updated to RFC2617) **************** Link Checker **************** ** checklink beta ** [01:39:40:] * bjoern_ did not see any feedback on robots stuff... [01:39:59:] yep, no feedback on that, and very little overall [01:41:10:] I could directly ask known heavy users of checklink (Vivien, Susan, Hugo) to give their opinion [01:41:50:] but there *should* be feedback on w-v too, given how the same people were rather vocal when the issue was first raised [01:42:01:] agreed [01:42:44:] are there any issues that block a release? [01:43:40:] bjoern_: not really, I would personnally rather have feedback before the release rather than force it with a release [01:44:14:] looks pretty quiet in :8001 logs, 335 hits since May 6 for checklink (of which 166 since Jun 11) [01:44:15:] but one has to admit the 'fait accompli' is a good incentive to speak up [01:45:13:] scop: ugh. it's been down a couple of times but that's very, very low [01:46:49:] scop: I will contact the users I know in the team [01:47:15:] would you take care of checking the thread back in (feb?) and ask the participants to speak up or be ashamed? [01:48:04:] yod, will do. I'll also check out the couple of recent issue reports on w-v and see if they require action before release. [01:48:06:] Since chairs and staff contacts are typically responsible for checking links in TRs, chairs@ might be a good place to ask... [01:49:23:] hmmm there's a "tools" list for members [01:49:41:] w3c-tools, yes... with 22 subscribers almost staff-only... [01:52:22:] anyway, AI olivier to ping webmaster + team contacts for feedback on checklink beta [01:53:06:] AI Ville to hunt "robots" mail thread participants and ask for feedback [01:53:09:] AI scop harvest earlier threads and contact [01:53:28:] I trust no AI is needed for "I'll also check out the couple of recent issue reports on w-v and see if they require action before release."