- From: Brad Hill <hillbrad@gmail.com>
- Date: Mon, 25 Jan 2016 19:55:55 +0000
- To: "public-webappsec@w3.org" <public-webappsec@w3.org>
- Message-ID: <CAEeYn8gdh4FeyaYohhUDZTxyE0oCxoUP8GBVXf_Xv07bGcT=Fg@mail.gmail.com>
For this week's call I'd like to set a meta-agenda about how we do our work. As I look over the set of specs the group is doing to recruit editors to present at our calls, I see that there is a great deal "in flight" and unfortunately much of that is "stale" by the W3C's definitions. (no update to a public WD in >3 months) We've been great at coming up with and incubating new ideas, and generally don't proceed to FPWD unless there is expressed interest from at least two browser vendors in implementing, but I think we've gotten ahead of our skis. I am concerned that we may be spreading our efforts too thin instead of delivering concrete and usable improvements to the developer community which they can count on being available in more than one browser. I think the most important thing we can do to set the pace for the coming year is to get some feedback from the user agent implementer community on how the work we are doing here fits with and influences their roadmaps, and what we can do to be better aligned and drive meaningful change. I think that Mike has already identified some key areas of improvement with CSP3 by targeting smaller, more modular specs, but even on some quite small ones like Mixed Content and Secure Contexts, we're still at something of a standstill. Are there things we should officially "put on the shelf"? Does the model of letting individual editor effort drive the direction of the group make the most sense going ahead, or should we look at more of an "incubator" model as is the rest of the W3C, and only start "standardizing" things once they have at least two prototypical implementations? How should we proceed with ideas like "Safe Node"? Please bring your ideas, critiques and enthusiasms on Wednesday for us to discuss. thanks, Brad ==================== To Join: #webappsec on irc.w3.org:6665 or http://irc.w3.org/?channels=webappsec By phone: US Toll Number: +1-617-324-0000 Meeting Number: 641 834 499 Meeting Password: webappsec ------------------------------------------------------- To join the online meeting (Now from mobile devices!) ------------------------------------------------------- 1. Go to https://mit.webex.com/mit/j.php?MTID=m12575b534e506abae4b7a9f445c0e53e 2. If requested, enter your name and email address. 3. If a password is required, enter the meeting password: webappsec 4. Click "Join". To view in other time zones or languages, please click the link: https://mit.webex.com/mit/j.php?MTID=m3f8188061759c9d387834efb90e1335e ------------------------------------------------------- To join the audio conference only ------------------------------------------------------- To receive a call back, provide your phone number when you join the meeting, or call the number below and enter the access code. US Toll Number: +1-617-324-0000 Access code:641 834 499 Mobile Auto Dial:+1-617-324-0000,,,641834499# ------------------------------------------------------- For assistance ------------------------------------------------------- 1. Go to https://mit.webex.com/mit/mc 2. On the left navigation bar, click "Support". DRAFT minutes for the teleconference will be available immediately following the minutes at the following URL: (where [YYYY] is the four-digit year, e.g. 2015, [MM] is the two-digit month, e.g. 02, and [DD] is the two-digit day, e.g. 07) http://www.w3.org/[YYYY]/[MM]/[DD]-webappsec-minutes.html
Received on Monday, 25 January 2016 19:56:34 UTC