W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2016

[webappsec] Teleconference Agenda, 15-Nov-2016, 09:00 PST

From: Brad Hill <hillbrad@gmail.com>
Date: Tue, 15 Nov 2016 21:22:47 +0000
Message-ID: <CAEeYn8jzGW+JW5WHm+Lff4_7khLA2DbNC1VdSQQZNr13tiTVCA@mail.gmail.com>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
https://mit.webex.com/mit/j.php?MTID=mf4fa89ca549c64f744175146bd51a491
Meeting number: 643 678 745
Meeting password: [Consortium abbreviation, lowercase]

JOIN BY PHONE
+1-617-324-0000 US Toll Number
Access code: 643 678 745

Note: USA daylight savings time has ended and times are in PST now.

The last meeting's minutes are have not been published at the usual spot,
apologies.  The AWS instance I kept my minutes processing toolchain on has
failed and I haven't rebuilt it yet.


AGENDA:
========
TOPIC: Agenda bashing

TOPIC: News:
 * CSP Level 2 is a Proposed Recommendation (at last)
   https://www.w3.org/blog/news/archives/5957
 * Initial implementation of Content-Security-Policy: Embedded Enforcement
    https://lists.w3.org/Archives/Public/public-webappsec/2016Nov/0002.html

  Related: CSP-Allow-Origin

https://github.com/w3c/webappsec-csp/commit/0e6481f5613e39e82173dbfc3570619c2fb7a62c


 * Requesting wide review of Screen Orientation API
    https://lists.w3.org/Archives/Public/public-webappsec/2016Nov/0003.html
 * Requesting security review of IndexedDB API
    https://lists.w3.org/Archives/Public/public-webappsec/2016Nov/0004.html

TOPIC: Rechartering
https://lists.w3.org/Archives/Public/public-webappsec/2016Oct/0044.html

TOPIC: Restrict window.name on cross-origin navigation,
https://lists.w3.org/Archives/Public/public-webappsec/2016Jul/0006.html

TOPIC: Restrict CORS-safelisted request headers according to RFC 7231,
filed here: https://github.com/whatwg/fetch/issues/382 , currently
discussed here: https://github.com/w3c/webappsec-csp/issues/115

TOPIC: Restrict the loopback address to same-origin or Secure Contexts,
https://lists.w3.org/Archives/Public/public-webappsec/2016Sep/0089.html

TOPIC: Clarify worker-src goals
https://github.com/w3c/webappsec-csp/issues/146

TOPIC: Redacting ancestorOrigins according to Referrer Policy?
https://github.com/w3c/webappsec-referrer-policy/pull/77
Received on Tuesday, 15 November 2016 21:23:29 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:21 UTC