- From: Brad Hill <hillbrad@gmail.com>
- Date: Tue, 11 Feb 2014 09:00:01 -0800
- To: "public-webappsec@w3.org" <public-webappsec@w3.org>, "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>, Rich Tibbett <rich.tibbett@gmail.com>
- Message-ID: <CAEeYn8jTH9kh9+Av7KMykQzuU1a2tWqgcekvxF=B4fb=L9Knkg@mail.gmail.com>
+1.617.761.6200; PIN 92794 ('WASWG') and #webappsec on irc.w3.org:6665 (Or VoIP via the Zakim SIP bridge: http://www.w3.org/2006/tools/wiki/Zakim-SIP) 16:00 - 16:03 Scribe Selection (Default -> Dan Veditz) 16:03 - 16:05 Roll Call 16:05 - 16:06 Minutes Approval http://www.w3.org/2014/01/14-webappsec-minutes.html 16:06 - 16:07 Agenda Bashing 16:07 - 16:08 News: New CSP 1.1. WD 16:08 - 16:10 Review of open actions in tracker https://www.w3.org/2011/webappsec/track/actions/open?sort=owner 16:10 - 16:15 CSP Formal Objection http://lists.w3.org/Archives/Public/public-webappsec/2014Jan/0165.html 16:15 - 16:20 Processing of meta element http://lists.w3.org/Archives/Public/public-webappsec/2014Feb/0014.html 16:20 - 16:25 Referrer directive expressiveness http://lists.w3.org/Archives/Public/public-webappsec/2014Feb/0028.html 16: 25 - 16:28 child-src an popups http://lists.w3.org/Archives/Public/public-webappsec/2014Feb/0026.html 16:28 - 16:30 Beacon and CSP http://lists.w3.org/Archives/Public/public-webappsec/2014Feb/0012.html 16:30 - 16:35 Any other outstanding work on CSP 1.1 before Last Call Working Draft? 16:35 - 17:00 The DAP Working Group has requested some of our time to review the use of CORS and whitelisting, exposure of local network IP address information in URLs, caching issues etc, in their specification: Editors draft: https://dvcs.w3.org/hg/dap/raw-file/default/discovery-api/Overview.html Issues: http://www.w3.org/2009/dap/track/products/31 Frederick Hirsch and Rich Tibbett will be joining the call to give us an overview, call out top issues and give us some time to respond and discuss. Please take a chance to review the specs before the call if you are able: Extract from non-normative introduction text: [[ This specification defines the NavigatorNetworkService< https://dvcs.w3.org/hg/dap/raw-file/default/discovery-api/Overview.html#navigatornetworkservice> interface to enable Web pages to connect and communicate with Local-networked Services provided over HTTP. This enables access to services and content provided by home network devices, including the discovery and playback of content available to those devices, both from services such as traditional broadcast media and internet based services as well as local services. Initial design goals and requirements provided by the W3C Web & TV interest group<http://www.w3.org/2011/webtv/> are documented in [hnreq< https://dvcs.w3.org/hg/dap/raw-file/default/discovery-api/Overview.html#bib-hnreq >]. Using this API consists of requesting a well-known service type, known by developers and advertised by Local-networked Devices. User authorization, where the user connects the web page to discovered services, is expected before the web page is able to interact with any Local-networked Services. A web page creates a request to obtain connectivity to services running in the network by specifying a well-known discovery service type that it wishes to interact with. ... ]] Adam Barth Jeff Hodges David Huang Gopal Raghavan Eric Rescorla Jacob Rossi Peleus Uhley Neil Matatall Mike West Dan Veditz <-- Cory Carson Garrett Robinson
Received on Tuesday, 11 February 2014 17:00:34 UTC