WebAppSec agenda for 2024-10-16. from Mike West on 2024-10-10 (public-webappsec@w3.org from October 2024)

From: Mike West <mkwst@google.com>
Date: Thu, 10 Oct 2024 15:28:14 +0200
To: Web Application Security Working Group <public-webappsec@w3.org>
Cc: Dan Veditz <dveditz@mozilla.com>, Simone Onofri <simone@w3.org>
Message-ID: <CAKXHy=fvH1F4b9=75cvDsmfx6kXEU7WHJu3ovY84=xXFFAixyg@mail.gmail.com>

Hey folks!

Here's a set of topics we can discuss on Wednesday, October 16th at 16:00
UTC
<https://www.timeanddate.com/worldclock/fixedtime.html?iso=20241016T1600>
(09:00
California, 12:00 Boston, 17:00 London, 18:00 Berlin):
Draft Agenda
<https://github.com/w3c/webappsec/blob/main/meetings/2024/2024-10-16-agenda.md#draft-agenda>

   -

   CSP Issue Triage: We discussed CSP maintenance
   <https://github.com/w3c/webappsec/blob/main/meetings/2024/2024-09-26-TPAC-minutes.md#csp-maintenance>
(briefly)
   at TPAC, and there are a few folks interested in helping out. Let's talk a
   bit about the goals and how we might organize the work.
   -

   Integrity: Following on our Integrity on the Web
   <https://github.com/w3c/webappsec/blob/main/meetings/2024/2024-09-23-TPAC-Minutes.md#application-integrity>
discussion,
   there's interest in reviving the Signature-based SRI
   <https://github.com/WICG/signature-based-sri> proposal. There's a draft
   spec <https://wicg.github.io/signature-based-sri/> and ongoing
   discussion in GitHub issues that might be worth following up on together.
   -

   Realms-Initialization-Control
   <https://github.com/WICG/Realms-Initialization-Control>: @weizman
   suggested a followup to our TPAC discussion
   <https://github.com/w3c/webappsec/blob/main/meetings/2024/2024-09-26-TPAC-minutes.md#realms-initialization-control>
to
   get more feedback on the proposal and dig into inheritance
   <https://github.com/WICG/Realms-Initialization-Control/issues/10>
    specifically.

If you would like to add an item to the agenda, please open a PR against this
document
<https://github.com/w3c/webappsec/new/main/meetings/2024/2024-10-16-agenda.md>
Logistics
<https://github.com/w3c/webappsec/blob/main/meetings/2024/2024-10-16-agenda.md#logistics>

   - *Minutes*: https://pad.w3.org/p/WebAppSec_2024-10-16 (Use your W3C
   credentials)
   - Add these events
   <https://www.w3.org/groups/wg/webappsec/calendar#export> to your calendar
   - *#webappsec* on W3C's slack instance <https://w3ccommunity.slack.com/>
      - https://www.w3.org/slack-w3ccommunity-invite if you haven't already
      joined.
   - *Zoom*:
      - Details at
      https://auth.w3.org/?url=https://www.w3.org/groups/wg/webappsec/calendar


See you next week!

-mike

Received on Thursday, 10 October 2024 13:28:32 UTC