[webappsec] Agenda for Teleconference, 12 Feb 2014

+1.617.761.6200; PIN 92794 ('WASWG') and  #webappsec on irc.w3.org:6665
(Or VoIP via the Zakim SIP bridge:
http://www.w3.org/2006/tools/wiki/Zakim-SIP)

16:00 - 16:03    Scribe Selection (Default -> Dan Veditz)
16:03 - 16:05    Roll Call
16:05 - 16:06    Minutes Approval
       http://www.w3.org/2014/01/14-webappsec-minutes.html

16:06 - 16:07    Agenda Bashing

16:07 - 16:08    News: New CSP 1.1. WD

16:08 - 16:10    Review of open actions in tracker
       https://www.w3.org/2011/webappsec/track/actions/open?sort=owner

16:10 - 16:15    CSP Formal Objection

http://lists.w3.org/Archives/Public/public-webappsec/2014Jan/0165.html

16:15 - 16:20     Processing of meta element

http://lists.w3.org/Archives/Public/public-webappsec/2014Feb/0014.html

16:20 - 16:25     Referrer directive expressiveness

http://lists.w3.org/Archives/Public/public-webappsec/2014Feb/0028.html

16: 25  - 16:28   child-src an popups

http://lists.w3.org/Archives/Public/public-webappsec/2014Feb/0026.html

16:28 -  16:30   Beacon and CSP

http://lists.w3.org/Archives/Public/public-webappsec/2014Feb/0012.html

16:30 - 16:35    Any other outstanding work on CSP 1.1 before Last Call
Working Draft?

16:35 - 17:00   The DAP Working Group  has requested some of our time to
review
                  the use of CORS and whitelisting, exposure of local
network IP address
                 information in URLs, caching issues etc, in their
specification:

  Editors draft:
https://dvcs.w3.org/hg/dap/raw-file/default/discovery-api/Overview.html

  Issues:  http://www.w3.org/2009/dap/track/products/31


Frederick Hirsch and Rich Tibbett will be joining the call to give us an
overview,
call out top issues and give us some time to respond and discuss.

Please take a chance to review the specs before the call if you are able:

Extract from non-normative introduction text:

[[


This specification defines the NavigatorNetworkService<
https://dvcs.w3.org/hg/dap/raw-file/default/discovery-api/Overview.html#navigatornetworkservice>
interface to enable Web pages to connect and communicate with
Local-networked Services provided over HTTP. This enables access to
services and content provided by home network devices, including the
discovery and playback of content available to those devices, both from
services such as traditional broadcast media and internet based services as
well as local services. Initial design goals and requirements provided by
the W3C Web & TV interest group<http://www.w3.org/2011/webtv/> are
documented in [hnreq<
https://dvcs.w3.org/hg/dap/raw-file/default/discovery-api/Overview.html#bib-hnreq
>].

Using this API consists of requesting a well-known service type, known by
developers and advertised by Local-networked Devices. User authorization,
where the user connects the web page to discovered services, is expected
before the web page is able to interact with any Local-networked Services.

A web page creates a request to obtain connectivity to services running in
the network by specifying a well-known discovery service type that it
wishes to interact with.

...

]]


Adam Barth
Jeff Hodges
David Huang
Gopal Raghavan
Eric Rescorla
Jacob Rossi
Peleus Uhley
Neil Matatall
Mike West
Dan Veditz <--
Cory Carson
Garrett Robinson

Received on Tuesday, 11 February 2014 17:00:34 UTC