W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2016

[webappsec] Teleconference Agenda: 27-Jan-2016

From: Brad Hill <hillbrad@gmail.com>
Date: Mon, 25 Jan 2016 19:55:55 +0000
Message-ID: <CAEeYn8gdh4FeyaYohhUDZTxyE0oCxoUP8GBVXf_Xv07bGcT=Fg@mail.gmail.com>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
For this week's call I'd like to set a meta-agenda about how we do our work.

As I look over the set of specs the group is doing to recruit editors to
present at our calls, I see that there is a great deal "in flight" and
unfortunately much of that is "stale" by the W3C's definitions.  (no update
to a public WD in >3 months)

We've been great at coming up with and incubating new ideas, and generally
don't proceed to FPWD unless there is expressed interest from at least two
browser vendors in implementing, but I think we've gotten ahead of our
skis.  I am concerned that we may be spreading our efforts too thin instead
of delivering concrete and usable improvements to the developer community
which they can count on being available in more than one browser.

I think the most important thing we can do to set the pace for the coming
year is to get some feedback from the user agent implementer community on
how the work we are doing here fits with and influences their roadmaps, and
what we can do to be better aligned and drive meaningful change.

I think that Mike has already identified some key areas of improvement with
CSP3 by targeting smaller, more modular specs, but even on some quite small
ones like Mixed Content and Secure Contexts, we're still at something of a
standstill.   Are there things we should officially "put on the shelf"?
Does the model of letting individual editor effort drive the direction of
the group make the most sense going ahead, or should we look at more of an
"incubator" model as is the rest of the W3C, and only start "standardizing"
things once they have at least two prototypical implementations?

How should we proceed with ideas like "Safe Node"?

Please bring your ideas, critiques and enthusiasms on Wednesday for us to




To Join:

#webappsec on irc.w3.org:6665 or http://irc.w3.org/?channels=webappsec

By phone:
US Toll Number: +1-617-324-0000
Meeting Number: 641 834 499
Meeting Password: webappsec

To join the online meeting (Now from mobile devices!)
1. Go to
2. If requested, enter your name and email address.
3. If a password is required, enter the meeting password: webappsec
4. Click "Join".

To view in other time zones or languages, please click the link:

To join the audio conference only
To receive a call back, provide your phone number when you join the
meeting, or call the number below and enter the access code.
US Toll Number: +1-617-324-0000

Access code:641 834 499
Mobile Auto Dial:+1-617-324-0000,,,641834499#

For assistance
1. Go to https://mit.webex.com/mit/mc
2. On the left navigation bar, click "Support".

DRAFT minutes for the teleconference will be available immediately
following the minutes at the following URL: (where [YYYY] is the
four-digit year, e.g. 2015, [MM] is the two-digit month, e.g. 02, and
[DD] is the two-digit day, e.g. 07)

Received on Monday, 25 January 2016 19:56:34 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:54 UTC