TPAC 2011 WebAppSec Agenda from Hill, Brad on 2011-10-27 (public-webappsec@w3.org from October 2011)

From: Hill, Brad <bhill@paypal-inc.com>
Date: Wed, 26 Oct 2011 18:39:47 -0600
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <213E0EC97FE58F469BB618245B3118BB5548D18F7C@DEN-MEXMS-001.corp.ebay.com>

The agenda for the WebAppSec meeting at TPAC 2011 is now available on the WG's site at:

http://www.w3.org/2011/webappsec/TPAC2011.htm

Please send comments, suggestions, etc. to public-webappsec@w3.org<mailto:public-webappsec@w3.org>.

Thank you,

Brad Hill

From: Hill, Brad
Sent: Monday, October 24, 2011 10:25 AM
To: public-webappsec@w3.org
Subject: Draft schedule

WebAppSec WG members:  Below find a draft schedule for the WG's first F2F at TPAC 2011, next week in Santa Clara, CA.
We'll get this on the website as soon as I get some tooling issues worked through.

Please send additions, corrections and suggestions to this list.

Thank you,

Brad Hill
WebAppSec WG co-chair

Potential Topics
Testing
Joint Meetings with other WGs
WebApps and Fonts on CORS and From-Origin
CORS and UMP
Proposed sandbox directive in CSP: WHATWG has dropped text/html-sandboxed
Use case development for secure cross-origin framing

Agenda Monday, October 31
09:00 - 09:30 Introductions, charter reading
09:30 - 10:00 Tweak agenda à la an unconference style meeting
10:00 - 11:00 Status and Plans for CORS/UMP (ahead of joint meeting @ 11)
11:00 - 12:00 Joint meeting with WebFonts, WebAppSec and CSS WGs regarding CORS and From-Origin specs
12:00 - 13:00 Lunch
13:00 - 13:30 WebAppSec's Work Mode; tooling review, suggestions on process or tooling preferences
13:30 - 15:00 Spec status and plans; documenting expectations
* Announcement of Editors, Status and Plans for CSP
15:00 - 15:15 Break
15:15 - 16:00 Charter review, adjusting deliverable timelines
16:00 - 16:30 Report on IETF activity in WebSec WG (Peter Saint-Andre)
16:30 - 18:00

Agenda Tuesday, November 1
09:00 - 09:15 Tweak agenda à la an unconference style meeting
09:15 - 10:15 Use case / requirements development for Secure Cross-Origin Framing
10:00 - 11:00 Straw man proposals (if any) for Secure Cross-Origin Framing
11:00 - 12:00 Discussion with Federated Social Web XG on Crypto APIs
12:00 - 13:00 Lunch
13:00 - 15:00 CSP Issues
* Enter existing minor issues from Brandon Sterne, =JeffH into WG tracker
* Sandbox directive
* Workers
* XSLT
* SVG
* Handling plugin content with no origin
* Policy intersection algorithm
* Behavior for user-saved content, local app-caches, etc.
* frame-src and frame navigation
* Reporting
15:00 - 15:15 Break
15:00 - 16:00 Continue CSP discussion as needed
16:00 - 17:00

Received on Thursday, 27 October 2011 00:40:17 UTC