Teleconference Agenda for Tuesday, Dec 17th. from Mike West on 2019-12-12 (public-webappsec@w3.org from December 2019)

From: Mike West <mkwst@google.com>
Date: Thu, 12 Dec 2019 16:56:41 +0100
To: Web Application Security Working Group <public-webappsec@w3.org>
Cc: Dan Veditz <dveditz@mozilla.com>, Wendy Seltzer <wseltzer@w3.org>
Message-ID: <CAKXHy=cd-4ZhUyCOKCp460s0gGqTqjmn_1p2_aZqbTMARXe1Yw@mail.gmail.com>

Hey folks, +Dan Veditz <dveditz@mozilla.com> and I double-checked the
schedule this time around, and I'm 73% sure that we're sending out correct
information. Let's see how it goes. :)

(This is a copy/paste of the agenda at
https://github.com/w3c/webappsec/blob/master/meetings/2019/2019-12-17-agenda.md
).

Tuesday, December 17th: 19:00 UTC
<https://www.timeanddate.com/worldclock/fixedtime.html?iso=20191217T1900>
(11:00
California, 14:00 Boston, 19:00 London, 20:00 Berlin).
<https://github.com/w3c/webappsec/blob/master/meetings/2019/2019-12-17-agenda.md#call-agenda>Call
Agenda

   - Fetch Metadata (https://w3c.github.io/webappsec-fetch-metadata/)
      - Recent changes:
         - nested-navigate => navigate + Sec-Fetch-Dest (
         - <embed>/<object> mode => navigate (
         https://github.com/whatwg/fetch/pull/948)
      - Blink is likely to send an intent to ship Sec-Fetch-Dest shortly.
      - Next steps: FPWD => CR? FPWD => NOTE + Upstreaming everything to
      Fetch/HTML?
   - Origin Policy (https://github.com/WICG/origin-policy)
      - Actively working on the spec again
      - Feedback on issues welcome.
   - COOP <https://gist.github.com/annevk/6f2dd8c79c77123f39797f6bdac43f3e>
    / COEP <https://mikewest.github.io/corpp/>
   - Referrer Policy (https://w3c.github.io/webappsec-referrer-policy/)
      - unsafe-url => no-referrer-when-downgrade (
      https://github.com/w3c/webappsec-referrer-policy/pull/124)
      - Default to strict-origin-when-cross-origin (
      https://github.com/w3c/webappsec-referrer-policy/pull/125)
      - Non-secure requests? (
      https://github.com/w3c/webappsec-referrer-policy/pull/126)
   - Mixed Content
      -
      https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
      - MIX => REC, MIX2 => FPWD?
   - Permissions
      -
      https://hacks.mozilla.org/2019/11/upcoming-notification-permission-changes-in-firefox-72/
   - Trusted Types
   - IsLoggedIn()
   - wasm-unsafe-eval
   - WebCrypto

If you would like to add an item to the agenda, please open a PR against this
document
<https://github.com/w3c/webappsec/blob/master/meetings/2019/2019-12-17-agenda.md>
.
<https://github.com/w3c/webappsec/blob/master/meetings/2019/2019-12-17-agenda.md#logistics>
Logistics

   - IRC : irc.w3.org / #webappsec
   - Voice: https://www.w3.org/2011/webappsec/webex.html
   - Minutes:
   https://cryptpad.w3ctag.org/code/#/2/code/edit/z6J53KHkZNayYLDcjp25GT2i/


-mike

Received on Thursday, 12 December 2019 15:56:57 UTC