Web Security Context (WSC) WG Face-to-face #1 Agenda (v 1.0)

Web Security Context (WSC) WG Face-to-face #1 Agenda (v 1.0)
2006-11-14 through 2006-11-15
New York, New York 

Phone number and IRC channel to be documented on WG administrative home 
page
http://www.w3.org/2006/WSC/Group/

Teleconference time and lengh information, tbd
8:30 - 17:30 both days, local time

Wednesday, 2006-11-14 - Chair, Mary Ellen Zurko

1. Breakfast (8:30)

2. Administrative details (9:00)
Including selection of scribes 
One per 1/4 day (total of 8), through some (pseudo) random mechanism 
against the registered participant list 

3. Brief roll call/introductions (9:10)
We've all introduced ourselves by email by then; take up to a minute to 
remind us who you are 

4. Agenda bashing (9:30)

5. W3C WG process overview - Thomas (9:45)
To include:
WG tools (IRC, Zakim, action item and issue tracking, etc.)
Management and enforcement of good standing
http://www.w3.org/2005/10/Process-20051014/groups.html#good-standing 

6. WG schedule review (10:15)
Polls will be sent beforehand so all WG participants can ring in, even if 
they have conflicts for the f2f

Distributed meeting time slot
Tentatively, weekly, 2 hour slot

F2F meeting time slots
Tentatively:
January 2007
June 2007

7. Break (10:45)

8. Charter review (11:15)

Background
Schedule

Dependencies:
W3C Groups
External Groups (Liaisons)

9: Lunch (12:15)

10. Discussion of first chartered deliverable (13:15)

A Working Group Note that documents the use cases and scenarios that the 
group elects to address, and the assumptions that it will make. The 
Working Group will use this document to establish the scope of its 
Recommendation-track deliverables. 

Discussion of the shape of the document (what will be in it, beyond use 
cases and scenarios to be addressed and assumptions of the note)
Discussion/brainstorming on contents of the note
Timeline sanity check on the note 

11. Break (15:15)

12. More of the same from 10. (15:45)

13. Recess (17:30)

Thursday, 2006-11-15 - Chair, Mary Ellen Zurko

14. Breakfast (8:30)

15. Agenda bashing for day 2 (9:00)

16. Discussion of second chartered deliverable (9:15)

A W3C Recommendation that specifies a minimal set of security context 
information to be made accessible to users, and best practices for the 
usable presentation of this information

Discussion/brainstorming on security context information available or 
within scope 
Discussion/brainstorming on how "best practices for usable presentation" 
will be determined 

17. Break (10:30)

18. More of the same from 16. (10:45)

19. Lunch (12:00)

20. Discussion of third chartered deliverable (13:00)

A W3C Recommendation that specifies techniques that render the 
presentation of security context information more robust against spoofing 
attacks. The Group expects to establish two levels of conformance to these 
techniques: required and recommended. One example of a possible required 
technique are limitations to scripting capabilities; one example of a 
possible recommended technique are interactive ceremonies that can help 
establish a trusted path from the web user agent to the user. An example 
of an authoring technique that could be proposed as mandatory-to-implement 
would be the use of TLS when soliciting user credentials. 

Discussion/brainstorming of spoofing attacks 
Discussion/brainstorming of techniques aimed at blunting, minimizing, and 
preventing spoofing attacks

21. Break (14:30)

22. More of the same from 20. (14:45)

23. Recap of plans, progress, and next steps (16:00)

24. Recess (16:30)