- From: Thomas Roessler <tlr@w3.org>
- Date: Mon, 3 Sep 2007 16:32:05 +0200
- To: WSC WG <public-wsc-wg@w3.org>
WSC WG weekly Wednesday 2007-09-05 11am Eastern - 12:30am Eastern http://www.w3.org/2006/WSC/Group/#meetings Chair: Thomas Roessler Regrets: MEZ Scribe: Shawn Duffy 1. Convene Welcome Cristian! http://lists.w3.org/Archives/Member/member-wsc-wg/2007Sep/0000.html Agenda bashing. 2. Approve last meeting's minutes http://www.w3.org/2007/08/29-wsc-minuts 3. Action item review These action items aren't covered under any other agendum. About due: [OPEN] ACTION-282: Anil Saldhana to Obtain disclaimer-style text for Additional Security Context Information - due 2007-08-29 [OPEN] ACTION-283: Serge Egelman to Contribute references to support 5.3.1 - due 2007-08-29 Not yet due: [OPEN] ACTION-248: Johnathan Nightingale to Ensure that the robustness stuff (MozillaCurrentPractises) ends up in the recommendations - due 2007-09-12 [OPEN] ACTION-284: Stephen Farrell to suggest fine-tuning of terminology in section 4 - due 2007-09-12 [OPEN] ACTION-285: Yngve Pettersen to propose list of references on strong/weak algorithms; intent to *reference*, not *import* - due 2007-09-12 [OPEN] ACTION-287: Anil Saldhana to Turn 4.3.4 into "there's a bucket for weak policy OIDS, some of these are intentionally so" style language - due 2007-09-05 4. The Note(s) PROPOSED: To publish current state of wsc-usecases as a regular working draft as soon as possible, to discharge the process obligation of updates every 3 months. http://www.w3.org/2006/WSC/drafts/note/ PROPOSED: To publish the threat trees as a "work in progress" Note, with the title "Web User Interaction: Threat Trees", and the shortname wsc-threats. http://www.w3.org/2006/WSC/drafts/threats There will be no floor time to discuss the short name and title; mailing list discussion prior the call is very welcome. [OPEN] ACTION-274: Bill Doyle to experiment with lc-comments-tracker and report back - due 2007-08-15 [OPEN] ACTION-214: Bill Doyle to solicit commentary on Threat Trees from MITRE INFOSEC community - due 2007-08-20 Review outstanding issues for wsc-usecases. ISSUE-6, User Interface Issues for Constrained / Mobile Devices. ISSUE-77, reference threat trees; editorial. ISSUE-83, latest proposal is here: http://lists.w3.org/Archives/Public/public-wsc-wg/2007Aug/0218.html I suggest to leave substantive discussion of this issue to the mailing list. ISSUE-92 is ready for closure once the edit is in. ISSUE-100, acknowledgements, editorial. ISSUE-101, see the thread starting here: http://lists.w3.org/Archives/Public/public-wsc-wg/2007Aug/0202.html I see no updated proposal for the use case that was suggested, and no clear indication how it could be changed. I propose to continue discussion of this issue on the list. PROPOSED: To freeze wsc-usecases except for the questions currently tracked as open issues. 5. PII Editor Bar http://www.w3.org/2006/WSC/drafts/rec/Overview.html#piieditor Please review the mailing list discussion starting here: http://lists.w3.org/Archives/Public/public-wsc-wg/2007Aug/0127.html The goal of the discussion will be to begin to identify the core aspects of the PII Editor Bar, and separate them from implementation details. Is there a "select, don't enter" theme at the core, connected with a hook that helps steer users toward the site they really want to go to? What role does the petname aspect play? What's the burden to users, and to deployment, if any? What difference does it make whether or not we limit this to credential entry? 6. "Change of Security Level" http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#sec-change-level [OPEN] ACTION-286: Anil Saldhana to Change 4.5.4 into generic "if https typed, then expectation of strong security" text - due 2007-09-05 E-Mail feedback on this section to the list would be most welcome. 7. Next meeting 2007-09-12, MEZ to chair, Bill, George, Yngve likely scribe candidates. I'll propose to follow up further on the PII Editor bar, and start looking in some detail into the Safe Browsing Mode proposal. Regards, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Monday, 3 September 2007 14:32:17 UTC