Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-05-21 from Thomas Roessler on 2008-05-20 (public-wsc-wg@w3.org from May 2008)

From: Thomas Roessler <tlr@w3.org>
Date: Tue, 20 May 2008 17:13:31 +0200
To: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Cc: public-wsc-wg@w3.org
Message-ID: <20080520151331.GE292@iCoaster.does-not-exist.org>
Regrets, at a conference.
-- 
Thomas Roessler, W3C  <tlr@w3.org>






On 2008-05-20 09:34:37 -0400, Mary Ellen Zurko wrote:
> From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
> To: public-wsc-wg@w3.org
> Date: Tue, 20 May 2008 09:34:37 -0400
> Subject: Agenda: WSC WG distributed meeting, Wednesday, 2008-05-21
> List-Id: <public-wsc-wg.w3.org>
> Archived-At:
> 	<http://www.w3.org/mid/OFF32B9524.D1853A2D-ON8525744B.004347F5-8525744F.004A9497
> 	@LocalDomain>
> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.1.6
> 
>         Web Security Context (WSC) Call Agenda
> 
> Calling information:
> Wednesday, 21 May 2008
> 11:00 am - 12:30 pm Eastern time
> http://www.w3.org/2006/WSC/Group/#meetings
> http://www.w3.org/Guide/1998/08/teleconference-calendar#D20080521
> 
> 
> Agenda
> 
> 1) Pick a scribe 
> http://www.w3.org/2006/WSC/Group/cheatsheet#Scribing
> http://www.w3.org/2006/WSC/scribes
> 
> 2) Approve minutes from meetings
> http://www.w3.org/2008/05/07-wsc-minutes.html
> 
> 3) Weekly completed action items
> (Usually checkpointed Friday am, US East Coast time) 
> [pending review] ACTION-415: Anil Saldhana to Add above text to 5.5.1 TLS 
> errors - due 2008-05-08
> [pending review] ACTION-417: Stephen Farrell to investigate completeness 
> of error handling wrt TLS extensions - due 2008-05-15
> [pending review] ACTION-422: Anil Saldhana to Incorporate Stephen's 
> suggested change/clarification - due 2008-05-16
> [pending review] ACTION-423: Anil Saldhana to incorporate 
> DangerWillRobinson - due 2008-05-16
> [pending review] ACTION-424: Anil Saldhana to Clean comments out of 
> wsc-xit - due 2008-05-23
> [pending review] ACTION-428: Anil Saldhana to Incorporate ISSUE-183 def to 
> spec - due 2008-05-29
> [pending review] ACTION-431: Mary Ellen Zurko to Draft plugin-related 
> elaboration text (section 4ish?) - due 2008-05-20
> [pending review] ACTION-432: Anil Saldhana to Incorporate the changed 
> industry standard to practices text - due 2008-05-20
> [pending review] ACTION-433: Anil Saldhana to Change 
> robustness-apis-obscure-security-ui to include For visual user agents, 
> browser chrome SHOULD always be present to signal security context 
> information. This requirement does not apply when UI is explicitly 
> dismissed by the user, e.g. by switching to full screen mode." - due 
> 2008-05-20
> [pending review] ACTION-438: Thomas Roessler to Draft alternate text 
> around requiring saved SSL state - due 2008-05-20
> [pending review] ACTION-444: Thomas Roessler to Take XHR-over-https 
> questions to webapi - due 2008-05-20
> [pending review] ACTION-471: Thomas Roessler to Replace text in 6.1.1 and 
> 6.3 as drafted above. - due 2008-05-21
> 
> 4) Open Action Items
> http://lists.w3.org/Archives/Public/public-wsc-wg/2008May/0071.html
> 
> 5) Action items closed due to inactivity 
> None.
> 
> 6) Agenda bashing
> 
> 7)  Usability Testing 
> Sketch out our UT plans
> What will we test for? How will get get participants? Timeline? 
> Responsibilities? 
> 
> 8) Next meeting - 28 May 2008
> 
> Topics for future meetings, carried over from the Oslo agenda: 
> 
> Test development
> Thomas to lead
> Test plans, sites to test against, test execution, etc. 
> Some amount of test planning is needed for CR entry.
> Doing the testing is needed for CR exit. 
> 
> Conforming Implementations
> Needed for CR exit. 
> We may cover this in test development. We'll need at least two conforming 
> implementations to test against. 
> What's in the pipeline, what can we expect in terms of MUSTs, SHOULDs, 
> etc. 
> Will we have gaps? 
> 
> What else beyond June?
> What, if anything, other than taking wsc-xit through LC to CR entry to CR 
> exit (to recommendation) would we like to do after June? What would we be 
> capable of doing? What should we, or someone like us, do? 
> Some ideas: 
> o Authoring best practices for (usably) secured sites. Some of the things 
> we've wanted to recommend haven't been obviously in the scope of enabling 
> security context information for user trust decisions. Should we ask for a 
> charter clarification/change or new WG to do this? 
> o Dealing with mixed content (there's some feeling that there might be 
> more to do here). 
> o Providing guidance or expertise to other standards efforts that touch on 
> usable security. Can we provide guidance on how to deal with user 
> expectations and implications when protocol security is 
> designed/standardized? To do? Not to do? 
>
Received on Wednesday, 21 May 2008 10:18:35 UTC