Agenda for January 29 Teleconference

DATE: Jan, 29 2013
TIME: 22:00-23:00 UTC (14:00-15:00 PST)

+1.617.761.6200; PIN 92794 ('WASWG') and  #webappsec on
(Or VoIP via the Zakim SIP bridge:

22:00 - 22:03    Scribe Selection (Default -> Eric Rescorla)
22:03 - 22:05    Roll Call
22:05 - 22:06    Minutes Approval
22:07 - 22:08    Agenda Bashing
22:08 - 22:09    News: CSP 1.0 to CR
22:10 - 22:15    Review of open actions in tracker
22:15 - 22:30    Review raised+open issues, assign actions
22:30 - 22:35    default-src violation types
22:35 - 22:40    CSP and HSTS
22:40 - 22:45    Defaults for clipping and selectors
22:45 - 22:57    UI Safety ISSUE 2
    "The restriction to a single additional host source value was
    based on the request of the Websec WG as part of moving this
    feature to this document. This decision should be evaluated in the
    context of CSP. For example, while standalone implementations of
    X-Frame-Options may not have wanted to incur the complexity of
    parsing potentially large lists of origins, CSP implementaions
    must already be robust in their handling of such lists. The
    inclusion of multiple origins may reveal details of the security
    model of a resource that chooses to publish such a policy and
    risks associated with this should be discussed in the Security
    Considerations section if any change is made."
22:57 - 23:00    Move of testing repos to github

Scribe Rotation. We go down the list in order. Please advise if you
cannot scribe for some reason, or if you are not listed here and
should be.

Adam Barth
Jeff Hodges
David Huang
Gopal Raghavan
Eric Rescorla <--
Jacob Rossi
Tanvi Vyas
Peleus Uhley
Dan Veditz
Ryan Ware
Jim O'Leary
Adam Bresee
Ian Melven

Received on Tuesday, 29 January 2013 02:02:44 UTC