- From: <noah_mendelsohn@us.ibm.com>
- Date: Tue, 5 Jan 2010 12:58:16 -0500
- To: www-tag@w3.org, public-tag-announce@w3.org
I am pleased to announce the availability of approved minutes of the TAG F2F that was held from 8-10 December 2009 at the W3C Offices at MIT. Links to discussions of particular subjects are available from the agenda page [1]. The records of the three days are checked into separate files at [2-4], and are attached in text-only form below. Thank you. Noah [1] http://www.w3.org/2001/tag/2009/12/08-agenda [2] http://www.w3.org/2001/tag/2009/12/08-tagmem-minutes.html [3] http://www.w3.org/2001/tag/2009/12/09-minutes.html [4] http://www.w3.org/2001/tag/2009/12/10-tagmem-minutes.html -------------------------------------- Noah Mendelsohn IBM Corporation One Rogers Street Cambridge, MA 02142 1-617-693-4036 -------------------------------------- [1]W3C [1] http://www.w3.org/ Technical Architecture Group F2F Meeting, Cambridge, MA 08 Dec 2009 [2]Agenda [2] http://www.w3.org/2001/tag/2009/12/08-agenda See also: [3]IRC log [3] http://www.w3.org/2009/12/08-tagmem-irc Attendees Present Noah Mendelsohn, Tim Berners-Lee, Jonathan Rees, Ashok Malhotra, Larry Masinter, Henry Thompson, Dan Connolly, John Kemp Regrets TV Raman (partial regrets, present in afternoon via phone) Chair Noah Scribe John Kemp (morning), Tim Berners-Lee (afternoon) Contents * Topics 1. [4]Convene, review agenda 2. [5]Web Application Architecture: Security and Policy 3. [6]Review agenda, meeting goals 4. [7]Metadata Architecture: ISSUE-63: Metadata Architecture for the Web 5. [8]Web Application Architecture 6. [9]HTML 5 review: ISSUE-20 (errorHandling-20): What should specifications say about error handling? 7. [10]Admin: meeting planning 8. [11]ISSUE-50 (URNsAndRegistries-50) (status check) * [12]Summary of Action Items _________________________________________________________ <scribe> Scribe: JohnK <scribe> ScribeNick: johnk Convene, review agenda <noah> Thomas, we're missing a phone here, working on getting one. Should be a few mins. Sorry. trackbot-ng, start telcon <trackbot> Date: 08 December 2009 Web Application Architecture: Security and Policy NM: (connects us with TLR) TLR: there was a well-attended session at TPAC on Web Security ... strict transport security paypal proposal ... XSS discussion <DanC_> [13]strict transport security wiki topic [13] http://www.w3.org/Security/wiki/Strict_Transport_Security TLR: next steps for Origin header draft ... no formal minutes available, however ... have the impression that Origin draft is moving forward in IETF ... HTTP state WG is "under review" <DanC_> (I saw a draft charter re cookies, I think; where did I see that? ...) <tlr> ietf mailing list TLR: sense is that group should do two deliverables: - one documenting current state, another more normative <DanC_> [14]public-web-security archive [14] http://lists.w3.org/Archives/Public/public-web-security/ <noah> FWIW, I recommend that TAG members willing to deal with the traffic subscribe to the mailing list. I find it to be interesting/worthwhile. <masinter> News on http-state [15]http://www.ietf.org/mail-archive/web/apps-discuss/current/msg011 82.html [15] http://www.ietf.org/mail-archive/web/apps-discuss/current/msg01182.html <masinter> HTTP-STATE WG charter finished IETF review and IESG Evaluation, and waiting on a few edits & input responses TLR: fairly happy with state of affairs DC: has an area director stepped forward to shepherd the Origin draft? TLR: I believe so <DanC_> ( "Lisa" == Lisa Dusseault , as in [16]http://www.ietf.org/iesg/members.html ) [16] http://www.ietf.org/iesg/members.html LMM: haven't heard a positive direction on Origin yet some of the mics appear to be on mute <Zakim> DanC_, you wanted to ask which AD is shepherding the Origin draft <Zakim> noah, you wanted to ask for a bit of intro on the strict transport/paypal stuff <tlr> [17]http://lists.w3.org/Archives/Public/www-archive/2009Sep/att-0051 /draft-hodges-strict-transport-sec-05.plain.html [17] http://lists.w3.org/Archives/Public/www-archive/2009Sep/att-0051/draft-hodges-strict-transport-sec-05.plain.html NM: what is strict transport security about? TLR: let a site declare that it wants to use HTTPS even if it sees an HTTP link <DanC_> [18]http://www.w3.org/Security/wiki/Strict_Transport_Security -> [19]http://lists.w3.org/Archives/Public/www-archive/2009Sep/att-0051 /draft-hodges-strict-transport-sec-05.plain.html [18] http://www.w3.org/Security/wiki/Strict_Transport_Security [19] http://lists.w3.org/Archives/Public/www-archive/2009Sep/att-0051/draft-hodges-strict-transport-sec-05.plain.html <DanC_> "draft specification proposed by Jeff Hodges (=JeffH, Paypal.com), Adam Barth (UC Berkeley), Collin Jackson (CMU-SV). " 2.2 Strict Transport Security Policy Summary The characteristics of the Strict Transport Security policy, as applied to some given web site, known as a STS Server, is summarized as follows: 1. Insecure ("http") connections to a STS Server are redirected by the STS Server to be secure connections ("https"). 2. The UA terminates, without user recourse, any secure transport connection attempts upon any and all errors, including those caused by a site wielding self-signed certificates. 3. UAs transform insecure URI references to a STS Server into secure URI references before dereferencing them. <masinter> Miller's note about "origin:" header being harmful [20]http://lists.w3.org/Archives/Public/public-web-security/2009Dec/ 0035.html [20] http://lists.w3.org/Archives/Public/public-web-security/2009Dec/0035.html TLR: limits DNS corruption and MITM attack LMM: what are future plans for organizing web security in some way? more microphone mayhem... TLR: TPAC tried to coerce volunteers to get involved in review ... usual problem: how do we recruit volunteers? LMM: is there some possibility for a "formal" security board - a way of being able to sign up more consistently? TLR: use the chairs of the security WGs, but we don't have critical mass ... create a TAG-like body, focused on security? HT: I had a conversation with Mark Miller at TPAC - he was heartened by the meeting ... disagreements are purely technical <Zakim> ht, you wanted to mention personal feedback from Mark Miller TLR: skillful chairing has contributed to the positive movements <tlr> +1 to the value of face-to-face meetings, in these points, btw LMM: keep this as a topic to review periodically ... too early to decide on a formal structure, but would encourage some thought about a process for improving security review NM: anything specific for us to follow up on? <DanC_> I'm gonna close this in a minute unless anybody objects: <DanC_> ACTION-323? <trackbot> ACTION-323 -- Dan Connolly to as Thomas for a report form the security BOF -- due 2009-12-08 -- PENDINGREVIEW <trackbot> [21]http://www.w3.org/2001/tag/group/track/actions/323 [21] http://www.w3.org/2001/tag/group/track/actions/323 NM: any specific specifications? <DanC_> (I'm glad Noah is persuing getting actions if we're to keep this on our agenda. LMM seems to be pursuing a process point, which is not the TAG's mandate, so I'm OK if nothing comes of it.) <masinter> origin header -- is it in, is it out, is it dead, is it shipping? <DanC_> (tlr, do you want to be here when we talk about confused deputy?) <masinter> IRI spoofing -- who has the responsibility for insuring that user agents don't depend on showing the user a IRI and expecting them to distinguish <DanC_> (where's the list tlr is reading? I don't see websockets on [22]http://www.w3.org/Security/wiki/Main_Page ) [22] http://www.w3.org/Security/wiki/Main_Page TLR: XHR, CORS, HTML5, WebSockets... encourages LMM to add his short list <tlr> I said "I think websockets should go on there, too" <jar> johnk: Add Uniform Messaging to the list JK: asks about Uniform Messaging Policy proposal <tlr> XHR has a last call that closes in a week. TLR: XHR documents current usage and is in LC <tlr> [23]http://www.w3.org/TR/2009/WD-XMLHttpRequest-20091119/ [23] http://www.w3.org/TR/2009/WD-XMLHttpRequest-20091119/ <tlr> LC for XHR ends on 15 December JK: XHR and UMP both have XHR-like APIs, and seem to be related <jar> tlr: XHR assumes SOP <DanC_> DanC: the XHR whose LC is 15 Dec is async with one that takes on UM, right? [tlr said right] JK: and UMP allows cross-origin with opt-out from SOP ACTION johnk to review XHR and UMP together and provide comments to TAG as relevant <trackbot> Sorry, couldn't find user - johnk <DanC_> trackbot, status? ACTION John to review XHR and UMP together and provide comments to TAG as relevant <trackbot> Created ACTION-340 - Review XHR and UMP together and provide comments to TAG as relevant [on John Kemp - due 2009-12-15]. <DanC_> [24]http://www.w3.org/Security/wiki/HTML5 has an answer to NM's Q [24] http://www.w3.org/Security/wiki/HTML5 <tlr> (and that's just the *trivial* list of likely relevant sections) NM: any TAG members willing to look at this security wiki and take any other actions regarding the items listed there? TLR: HTML5 security policies are worthy of review! ... we don't know what we don't know ... possibility of a workshop around these items NM: rough guess about when that might happen? TLR: probably a few months out <DanC_> . ACTION: noah to let the TAG know about any upcoming HTML 5 security workshop <tlr> ACTION: noah to follow up with Thomas about security review activities for HTML5 [recorded in [25]http://www.w3.org/2009/12/08-tagmem-minutes.html#action01] [25] http://www.w3.org/2009/12/08-tagmem-minutes.html#action01 <trackbot> Created ACTION-341 - Follow up with Thomas about security review activities for HTML5 [on Noah Mendelsohn - due 2009-12-15]. <masinter> [26]http://www.w3.org/Security/wiki/Talk:HTML5 [26] http://www.w3.org/Security/wiki/Talk:HTML5 DC: do "sandboxed iframes" work as well as they could or are there possible improvements? (seems like no-one knows the specifics well-enough) TBL: permeability of iframe boundary has been in flux during our work on tabulator... <masinter> at least 100 messages on sandboxed iframes in [27]http://lists.w3.org/Archives/Public/public-web-security/2009Dec/ thread.html [27] http://lists.w3.org/Archives/Public/public-web-security/2009Dec/thread.html TBL: is this in research phase, or fairly solid in browsers? TLR: (thinks still research phase) LMM: lots of messages on sandboxed iframes this week, so situation is still evolving NM: (reviews the agenda item) <DanC_> close action-321 <trackbot> ACTION-321 lightly edit TAG input to DAP WG per 8 Oct and tell Noah closed <DanC_> close action-318 <trackbot> ACTION-318 Send note to Device APIs and Policy (DAP) Working Group on behalf of the TAG closed DC: can I close actions? <DanC_> close action-323 <trackbot> ACTION-323 As Thomas for a report form the security BOF closed LMM: I would be happy if there were an interest group for tracking these issues <tlr> (encouragement heard, but not going to happen this year. ;-) LMM: part of web arch is security, and it probably requires more attention than the TAG is able to give it NM: TAG still has a role, and I'm not sure if a W3C mechanism to track all of these things outside W3C is useful ... what problem does IG solve? DC: possibility of a workshop is a good start <jar> I just added uniform messaging to the security wiki FYI ACTION Noah January 15th ask the TAG again about more formally tracking security issues in HTML5 <trackbot> Created ACTION-342 - January 15th ask the TAG again about more formally tracking security issues in HTML5 [on Noah Mendelsohn - due 2009-12-15]. AM: read the UMP draft, which speaks about 2 actors <tlr> jar, CORS and UM are closely enough linked that I'd prefer to keep them together AM: does UMP extend to multiple actors? <DanC_> (I'd like to see an explanation of how UM generalizes to multiple parties) JAR: yes <DanC_> action-340: to include an explanation of how UM generalizes to multiple parties <trackbot> ACTION-340 Review XHR and UMP together and provide comments to TAG as relevant notes added LMM: in last IETF, long discussion about non-ASCII chars in IRIs and related security issues ... possibility of constructing IRIs that the user cannot really tell whether they represent what the user is actually trying to do ... this is not a security mechanism, but there is a security issue there <DanC_> [28]http://www.w3.org/Security/wiki/Trusted_User_Interface#IDN_Spoof ing [28] http://www.w3.org/Security/wiki/Trusted_User_Interface#IDN_Spoofing NM: is the current group of the group working around the web security wiki looking at issues such as the one Larry describes? TLR: not specifically, no <DanC_> (I too think Singer wrote that bit) NM: next steps? ... should someone from TAG work with the community around this wiki to frame the issues? LMM: would like to make normative references from various specs. to something relevant for web security ... a wiki is not enough DC: we have IRIEverywhere issue - can we track the relevant security portion under that? NM: HTML5 tells user agents what to do; should perhaps be giving advice about, for example, IRIs that might confuse the user dangerously thanks Thomas <ht> Everyone says "Thank you Thomas" DC: there's an opportunity to engage the people involved in this wiki... but not sure how/whether we will declare victory <noah> TLR, thank you >so< much for taking the time to join us. It was very, very useful! JAR: mentions pet names: that one should never trust the names given to you by anyone else ... you get to designate your own name, rather than blindly accepting the name given you by a server DC: I visit 10000 web pages a day, can't give them all pet names JAR: solution is proposed, but isn't yet usable perhaps? NM: when about to click on a link, I should know what I'm clicking on <DanC_> (tracker, note we're discussing ISSUE-27 IRIEverywhere-27 ) NM: if a page contains 50 links (to images for example), should I get to choose whether I want to access all 50 of them? ... associate my own pet name with a given URI? TBL: what's the process? JAR: the point is that it makes it possible for the user to discriminate NM: the user can be confused, but only the first time - when they make the pet name association TBL: system should protect you from confusing your pet names JAR: overall constraint is exactly that - to make it more difficult to confuse the user with names DC: can you (JAR) post to www-tag about pet names? LMM: how about IRI list instead? <tlr> note that petnames were discussed and even speced *extensively* in the WSC WG. Implementers wouldn't have any of that. <DanC_> ACTION: jonathan discuss petname application to IRI spoofing in public-iri and www-tag [recorded in [29]http://www.w3.org/2009/12/08-tagmem-minutes.html#action02] [29] http://www.w3.org/2009/12/08-tagmem-minutes.html#action02 <trackbot> Created ACTION-343 - Discuss petname application to IRI spoofing in public-iri and www-tag [on Jonathan Rees - due 2009-12-15]. HTML5, WebSockets, XHR, CORS <DanC_> action-343? <trackbot> ACTION-343 -- Larry Masinter to discuss petname application to IRI spoofing in public-iri and www-tag -- due 2009-12-15 -- OPEN <trackbot> [30]http://www.w3.org/2001/tag/group/track/actions/343 [30] http://www.w3.org/2001/tag/group/track/actions/343 NM: WebSockets is moving fast... LMM: wanted to noted the IETF meeting on HyBi <tlr> [31]http://dev.w3.org/html5/websockets/ [31] http://dev.w3.org/html5/websockets/ LMM: two groups - one documenting current practice on long-polling et al with HTTP <tlr> [32]http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol [32] http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol LMM: and another discussing WebSockets ... result, I believe, was that WG forming would focus on WebSockets NM: how about CORS? <DanC_> ACTION-331 ? <trackbot> ACTION-331 -- Dan Connolly to consider ways to track the 'confused deputy problem' issue in webapps/cors -- due 2009-11-24 -- PENDINGREVIEW <trackbot> [33]http://www.w3.org/2001/tag/group/track/actions/331 [33] http://www.w3.org/2001/tag/group/track/actions/331 <DanC_> [34]http://www.w3.org/2008/webapps/track/issues/108 [34] http://www.w3.org/2008/webapps/track/issues/108 DC: TPAC goal achieved ... Mark Miller took the ball, resulting in the UMP proposal: [35]http://lists.w3.org/Archives/Public/public-webapps/2009OctDec/at t-0931/draft.html [35] http://lists.w3.org/Archives/Public/public-webapps/2009OctDec/att-0931/draft.html <DanC_> DanC: what's critically different between UniformRequest and XMLHTTPRequest is that no cookies go out; it's not clear to me why that's more secure <noah> NM: Note that uniform messaging looks at the Javascript level just like XHR, except that you "new" a different object to start. <DanC_> ... if you want to do something different, you have to put your credential/permission elsewhere JK: there are two parts to the spec: <DanC_> HT: yes, you put it in your code <DanC_> DanC: but who is "you"? the server? the client? the attacker? i) that an HTTP response header can be sent saying that the server opts-out of SOP <DanC_> JAR: the code is the attacker... <DanC_> ... if he doesn't have permission, he can't do anything dangerous. ii) the UA uses a new XHR that doesn't send cookies meaning any "credentials" are i) not site-specific ii) not sent implicitly <Zakim> DanC_, you wanted to talk about credential/permission DC: some concerns about the terminology regarding 'permission' sent as editorial comments <DanC_> on permission and such [36]http://lists.w3.org/Archives/Public/www-archive/2009Dec/0021.htm l [36] http://lists.w3.org/Archives/Public/www-archive/2009Dec/0021.html JAR: proof of permission? <DanC_> "proof of permission" would be good; maybe I'll suggest that in email to the editors <Zakim> noah, you wanted to ask about community reaction to uniform messaging draft DC: it's good that CORS has an issue open on confused deputy so the WG has to choose UM or not before going to LC ... how, for example, does this impact sandboxed iframes, for example? ACTION Jonathan to alert TAG chair when CORS and/or UMP goes to LC <trackbot> Created ACTION-344 - Alert TAG chair when CORS and/or UMP goes to LC [on Jonathan Rees - due 2009-12-15]. <DanC_> close action-321 <trackbot> ACTION-321 lightly edit TAG input to DAP WG per 8 Oct and tell Noah closed <DanC_> action-331? <trackbot> ACTION-331 -- Dan Connolly to consider ways to track the 'confused deputy problem' issue in webapps/cors -- due 2009-11-24 -- PENDINGREVIEW <trackbot> [37]http://www.w3.org/2001/tag/group/track/actions/331 [37] http://www.w3.org/2001/tag/group/track/actions/331 <DanC_> close action-331 <trackbot> ACTION-331 Consider ways to track the 'confused deputy problem' issue in webapps/cors closed Review agenda, meeting goals NM: we discussed 3 big items (linked in agenda) before the summer ... later moved to closely study HTML5 ... is there something bigger than the sum of the parts (ie. action items) similar to webarch that we want to do beyond review of detailed actions? AM: as we begin talking about web apps, metadata it might become obvious if we want to write something more "overarching" LMM: we had talked about creating products of long-term value? NM: such as the "architecture of web applications" ... agenda is in service of a set of goals ... agenda does reflect those goals Metadata Architecture: ISSUE-63: Metadata Architecture for the Web ACTION-282 ACTION-282? <trackbot> ACTION-282 -- Jonathan Rees to draft a finding on metadata architecture. -- due 2009-12-02 -- PENDINGREVIEW <trackbot> [38]http://www.w3.org/2001/tag/group/track/actions/282 [38] http://www.w3.org/2001/tag/group/track/actions/282 JAR:Our job is to encourage a connected, open Web, and a "global" approach to metadata seems important for that. Is there a related way to understand some of the "puzzles" - RDFa vs. Microdata, XRD/LRDD/Link, related HTTP semantics; using URIs to "refer" rather than to "locate"; link rel="canonical", multimedia "bookmarking" and the nature of "authoritative"? [Jonathan's draft at [39]http://www.w3.org/2001/tag/2009/12/metameta.html is what we're reviewing] [39] http://www.w3.org/2001/tag/2009/12/metameta.html TBL: I thought we were doing an overall model of the whole "shebang" - not just philosophical layer. This includes APIs, no? JAR: that seems like an opportunity we have <DanC_> (I'm not sure I agree with TBL that the AWWSW model is "not philosophical". I'm not sure there any falsifiable claims in it. Maybe around "immutable resources", but I don't see that as a pressing issue.) AM: we should start from metadata use-cases ... these are the situations in which you might want some metadata ... then we can say "in situation N, here's what you ought to do..." JAR: yes, use-cases are very important JK: what if someone doesn't acquire metadata in the way you suggest even in a given use-case? TBL: You can tell them what they would be losing by doing it differently LMM: in my earlier work, I was taking a narrower perspective on "what is metadata" than I think we have generally taken. For example, perhaps related to the difference between metadata about information resources vs. metadata about non-information resources? TBL: Metadata is data about documents. If it's about an information resource, then it's metadata. If it is about something else, it isn't. LMM: That's the conventional meaning, I think <ht> [40]http://www.e-learningguru.com/articles/metacrap.htm [40] http://www.e-learningguru.com/articles/metacrap.htm JAR: that is part of the work we need to do to bound this project. Metadata can come from many different places - a protocol might only get that metadata from one place - "first-party provided" metadata NM: you're stopping short of discussing the impact of provenance? JAR:No. NM:There is a big difference between we know a claim about something, or whether we know the thing itself. There is a difference of trust. Is the statement "noah says the wall is brown", or "the wall is brown"? AM: yes <ht> [the metacrap reference is old: Version 1.3: 26 August 2001 -- here's the original [41]http://www.well.com/~doctorow/metacrap.htm ] [41] http://www.well.com/~doctorow/metacrap.htm TBL: Almost anyone who deals with any data on the web technology deals with and is aware of provenence. It is a large area, but we don't have to get into it deeply now. JAR: Most of my draft is a list of questions. Those questions could stimulate actions items - there is a lot of work here. Does metadata have any special role on the web? TBL: Metadata is data about documents, and as docuements have a special role in web architecture, so metdata has a special role to a certain extent. LMM: In the narrow definition, metadata is data about "information resources" NM: if someone makes a statement about a document, it is clearly metadata. If someone makes a statement such as "I was born on November 3rd" what do we call that statement? LMM: There are some special properties of documents that make them more interesting in this regard. DC: Can you be more specific? HT: There's a fundamental difference between representations whose referents are available digitally and those which are not. Therefore reasoning about them is different DC: Larry, can you be more specific about the properties of a document that make it more interesting this way? TBL: AWWW spends a lot of time trying to describe this so it's very important - deal with the Web, you deal with docs. <masinter> the library and digital library community have a long history of establishing "metadata" for items that might appear in a world of managed information, and that this tradition is instructive, helpful, and with available techniques for management, refinement. The general "knowledge management" problem is hard, but the "metadata management" problems are tractable NM: take a set of measurements and record them ... if I then also record that I took these measurements on a particular date, then that is metadata about the measurements ... if you limit only to digital representations, it seems to me you lose the historical meaning of metadata <DanC_> ("I don't want to get hung up on terminology" <-- famous last words. terminology _is_ the problem. Agreeing on terminology is solving the problem.) LMM: metadata was about "what was in the card catalogue" <noah> let's do terminology after we cover use cases. <DanC_> no, let's not LMM: common way to describe that the book in library a was the same book as in library b <DanC_> let's try out terminology as we discuss use cases, and keep careful eye on which terms comfortably fit and which ones don't. LMM: Dublin Core was a way of cataloging metadata about documents / IRs ... value is to leverage that work NM: you don't buy my 'measurements' example? ... not scoped only to library usage AM: I think we should ask different questions <masinter> there are things that are on the boundary ... you can treat them as "information resources" or not AM: what could *we* write that would be useful here? <DanC_> ([42]http://en.wikipedia.org/wiki/Metadata is disappointing in that it doesn't have a history section like most good encyclopedia articles) [42] http://en.wikipedia.org/wiki/Metadata <Zakim> ht, you wanted to say "yes" to NM wrt measurements Dublin Core: I think you should split the screen HT: yes, Noah, your example is within "metadata" scope ... I think Dublin Core is useful for any set of digital data right... JAR: back to document... ... not a lot of standardization ... poor incentives for creating explicit metadata ... difficult to deploy - why? ... difficult to validate ... it doesn't feel that all of these things are adequately connected - it doesn't feel like a "Web" <DanC_> (the mismatch betwen CiteULike and Amazon ... I wonder how many man-hours a day that costs the world. Sounds a lot like what LMM was talking about for library metadata in the 1st place... "how do you know it's the same book?") HT: host-meta is data about a set of resources LMM: there's a question about metadata when related to statements made about a person TBL: lots of people are not doing metadata when they are making statements of identity of people. The issue of different people assigning different names to the same person is quite general. Let's not expand the scope of "Metadata" to the semantic web in general. There is a general problem of co-reference... different people assigning different names to the same thing ... let's not try to tackle that under the rubric Metadata as though it were special to people or people were special to metadata. TBL: people, music, place names, countries (and other administrative areas) all have data about them and coreference issues ... we shouldn't focus only on authors JAR: is RDF "nose-following" a metadata use-case? LMM: metadata has a data model, a vocab, a serialization, and method of association (linking/embedding) <DanC_> [43]Framing an Architecture for Metadata on the Web [43] http://lists.w3.org/Archives/Public/www-tag/2009Jul/0153.html <DanC_> LMM was talking about that ^ <timbl> RDF nose-following is a technical solution for many of these problems, coupled with the stitched-together quilt of grass-roots ontologies. <Noah_phone> From Wikipedia: JAR: what are interesting cases that deal with metadata? <Noah_phone> Metadata (meta data, or sometimesmetainformation) is "data about data", of any sort in any media. Metadata is text, voice, or image that describes what the audience wants or needs to see or experience. The audience could be a person, group, or software program. LMM: if we have a framework for metadata, we can use this to explore the specific cases and see how/if it applies <Noah_phone> The above is Wikipedia def of metadata. Consonant with my assumptions. JAR: that suggests a matrix between your framework items (LMM - see earlier list) and the uses documented in my draft ... (describes examples listed in linked document) <masinter> note [44]http://tools.ietf.org/html/draft-reschke-rfc2731bis-05 [44] http://tools.ietf.org/html/draft-reschke-rfc2731bis-05 JAR: is anything different since RDF/Dublin Core? ... (references Metadata Activity statement) <masinter> [45]http://dublincore.org/documents/2008/08/04/dc-html/ [45] http://dublincore.org/documents/2008/08/04/dc-html/ metadata activity statement: [46]http://www.w3.org/Metadata/Activity [46] http://www.w3.org/Metadata/Activity NM: ADJOURN FOR LUNCH <jar> [47]http://gov2.net.au/files/2009/12/Draft-Government-2-0-Report-rel ease.pdf [47] http://gov2.net.au/files/2009/12/Draft-Government-2-0-Report-release.pdf <timbl> jar, [48]http://gov2.net.au/about/draftreport/#rec6 [48] http://gov2.net.au/about/draftreport/#rec6 <DanC_> that's wierd. <timbl> -------------------------- <timbl> scribenick: timbl <DanC_> just a sec while I sync the agenda Noah: We have to Web App Arch slots, one now and one for the same time tomorrow. Raman: I can't make tomorrow morning PST ... I can make 15:00-17:00 EST Noah: Philippe Le Hégaret has offered to join us. <noah> [49]http://www.w3.org/2001/tag/tag-weekly#Application [49] http://www.w3.org/2001/tag/tag-weekly#Application Web Application Architecture <noah> [50]http://www.w3.org/2001/tag/doc/content-to-apps.html [50] http://www.w3.org/2001/tag/doc/content-to-apps.html <noah> [51]http://www.w3.org/2001/tag/2009/09/webAppsTOC-20090921 That is the thing which Ashok et al did, This is what JAR did [51] http://www.w3.org/2001/tag/2009/09/webAppsTOC-20090921 Noah: We have two documents to frame this discussion: 1. Jonathan as revised the [52]Table of Contents for Web Application Architecture that was gathered at the June and Sept. TAG F2F Meetings. 2. Ashok, with help from Raman and Larry, has prepared [53]From Web Content to Applications [52] http://www.w3.org/2001/tag/2009/09/webAppsTOC-20090921 [53] http://www.w3.org/2001/tag/doc/content-to-apps.html Ashok: Most of this talks about how the web started as a web of documents, and is now turning into a web of apps. ... That is useful stuff, but we wanted to extract the issues engendered by this fundamental shift. ... None of us looked at Web IDL -- we didn't have the knowledge ... One question is, how to capture state. This is complicated. ... There is HTML5 work split out into Storing Client-Side State, as there are two specs, one SQL-based, and the other keyword/value based. ... You send in data from the user, and the app by its nature has lots of data. It has to be protected: it has to have policies about its access. ... The third on which Larry put up is that the Web is now more complex. ... It has different sorts of user agent, different URI schemes, and so on. What does this imply? ... So those were are main pints, plus the UMP stuff -- how does UMP extends to multiple agents? (UMP = Uniform Messaging) [seee required reqding] ... The trouble is, you are going to make a request of an app, and the app is in fact behind many appliances. The appliances can communicate. WHat do we do about this data being secure, protected? <noah> [54]http://www.w3.org/2001/tag/2009/09/webAppsTOC-20090921 [54] http://www.w3.org/2001/tag/2009/09/webAppsTOC-20090921 Masinter: My intent, I thought, was to elaborate some of these points into paragraphs. Masinter: Other bits still need to be done. <Zakim> DanC_, you wanted to answer tbl: yes, the state of the art is (a) "installed stuff", including extensions and MacOS widgets and phone apps (b) remote code, e.g. scripts in web Tim: Some times will the application be downloaded by the user and installed and trusted, making the security situation surely much simpler? Like with an installed desktop app or a iPhone app DanC: There are two design centers. The installed code, and the web site script case. But they are starting to overlap in some cases. <Zakim> noah, you wanted to talk about device APIs permissions TimBL: Like running Mac mail and a web version of it which try to be the same interface. Noah: If I am a smart user, then I expect there are bounds to what I have trusted it to do, and those bounds are being stretched, like with geolocation. The stickiness of the policy is where this happnes. Does the permission stick? <DanC_> (speaking of letting my browser run javascript, after reading crockford's writings, I installed noscript immediately. It's fairly painful, but the alternative is to turn my computer over to anybody on the internet who wants to use it for whatever purpose they see fit and blame it on me.) Noah: A huge barrier to getting people to move apps to the web, it asks anew whether it can have your location, which is frustrating. Maybe a longer term storage of the preferences would help. TimBL: I am surprised if these things are not remembered by web site Ashok: Where would that be stored? On the client or server? Noah: Not relevant DanC: In fact a Firefox extension can change that from local to remote John: A common trust model is this origin-based thing -- a (widget) package which is verified as coming from an origin via a signature. ... Another common trust model is like iGoogle -- Google gadgets are assembled onto a home page for you, and Google has 'vetted' the code: Google is the thing which you trust <Zakim> johnk, you wanted to note that code for an application might come from multiple un-trusting (of each other) elements <Zakim> ht, you wanted to ask TBL about gmail John: There is a third possibility we hadn't even counted about, where the client is making the mashup and assembling things from multiple sources which may not trust each oither. A more dynamic situation. This involves cross-site scripting. Henry: Normal users do not really understand the distinction. TimBL: They know whether they have installed an iphone app Noah: GMail on the gPhone is really a web abb which behaves like an app. <noah> zaki, close the queue Ashok: It looks as though there are just two cases, downloaded [installed] app and web app. There could be a third situation. Henry: No, the consumer would not distinguish. <masinter> (a) The "WebApps" working group is working on something like Adobe AIR -- something that uses web technology for building traditional applications, where the fact that it's using web technology is pretty much irrelevant to the end user experience. <masinter> (b) I want to see if we can separate the conversation between mechanisms for providing security, vs. the different kind of user models. of course they don't match, and getting them to match -- is that in scope for this ? JAR: The problem of getting the user to connect them is them user programming system. <DanC_> ack <Zakim> DanC_, you wanted to ask if anybody knows the state of the art in maybe cultural anthropology about how many brand names we can trust: mom, dad, my school, my town, my country, DanC: What is the state of the art in what we can trust? HT: People trust a lot. LM: There are people working on web apps more like adobe air, which is like installing an application because it gets the same privileges. <ht> LMM mentioned Adobe Air, Microsoft silverlight is another <ht> ... distributed app deployment platform Noah: There is a widget spec which allows you to make an installable thing. Masinter: Note that Web Application can be used for either animal. <noah> I propose the following working terminology for use in the TAG: Masinter: We have mechanisms for providing security -- and user perception -- and we know they don't match. But that we knew. <noah> Web Application -> A zero-install application accessed by doing HTTP GET of the main page (which in turn tends to use Javascript) Masinter: To tackle it, we would have to understand the [inherent] user models of security. I am not sure we are ready to deal with them. <noah> W3C Widget -> An installable application built of Web technologies per [55]http://www.w3.org/TR/2009/CR-widgets-20091201/ [55] http://www.w3.org/TR/2009/CR-widgets-20091201/ <masinter> lmm: are we ready to take on the "user model" <DanC_> I prefer "zero-install" and "installed". <masinter> -1 don't like Noah's "Web Application" definition Noah: I propose we use "Web Application" to mean a zero-install application. <ht> So I hear three categories: functionality running in the browser on the [AJAX] platform or, maybe, on browser plugins, e.g. Flash; functionality runninng on other metal-installed distributed deployment platformsl, e.g. Silverlight; and Widgets, which are installed but run on the [AJAX] platform <masinter> the line between these two things are blurry, and it's not clear that making categories is useful <ht> DC: Running is not the same as getting: when you run, you allow all kinds of privileges, e.g. to write all over your disk <masinter> why is it useful to make these categories when they are aspects of technology decisions with many variables which don't correspond to these categories, and users have trouble distinguishing too Noah: We have 45 minutes . We have no future work in the web apps area. ... . We can let this go and go back to the table of contents. <DanC_> (fwiw, we do have actions in the webapps area/product, though they're mostly about security [56]http://www.w3.org/2001/tag/group/track/products/7 ) [56] http://www.w3.org/2001/tag/group/track/products/7 <Zakim> ht, you wanted to underline _three_ categories <DanC_> (I stipulate that we _need_ to manage storage; I still don't _want_ to 1/2 ;-) TimBL: Users need to be able to see which applications are taking up the space on their phone, and a good UI would let a user manage that and decide which apps to let go in order to install another when the device is full Henry: Look at Silverlight aps -- they don't fall well into Noah's two categories. E.g OpenStreetMap: 3.46G [x] Uses location [ ] use contacts [remove] <DanC_> ("open standard" is orthogonal to most of the technical issues we've been talking about, no?) <johnk> plugins i) get access to platform APIs below the browser ii) get to "violate" the SOP <Zakim> masinter, you wanted to argue against premature categories as per above <raman> it's very hard to participate in this discussion via the phone <Zakim> noah, you wanted to note that installable iPhone apps are, in may respects, sandboxed (( [...something missed here...]ways of disrupting discussions like this:(on webapp) 1) Widening -- "ah, but what about apps in general?" 2) Splitting hairs "If authorship of the data is webapp, is the author's address? or is that data about a person and so not metadata?" 3) Considering time-variance: "But isn't it not just a question of the webapp now, but how the webapp has changed over time"? 4) Let's see what happens when we look "webapp" up in the dictionary. 5) .. i wikipedia... 6) Do we really have an agreement on a definition of "webapp"? )) Raman: If you have the (Google) 'native client' plugin installed, you can run them locally as apps <DanC_> (yeah... native-client goes one way, and phonegap goes the other) Noah: I think the web app case I was talking about is fairly well isolated. ... Limited access to other clients, etc Raman: The browser sandbox is getting richer .. so the sandboxing is getting more powerful, so the line is blurring. <Zakim> johnk, you wanted to note that there is probably no useful distinction to be made between widget and "web app" Raman: Like web and internet being pervasive.. The net is one more part of the computer. John: I don't think there is a useful distinction between "widget" and "webapp". One possible distinction would be if you have separate decisions to make as to whether you will download it and whether you will run it. ... I am not sure it is a useful distinction. <Zakim> ht, you wanted to emphasise DC's point which I scribed above Henry: Categories are valuable ... Desktop apps can do anything <Zakim> DanC_, you wanted to try to get "native-client goes one way, and phonegap" in a TOC or TODO list or something Noah: iPhone apps can only run in theor own memory, not communicate one to the other. DanC: Phonegap allows you to write HTML and JS and deploy it as an application. ... NativeClient allows you to download machine object code. These are existing technologies <DanC_> These are existing, concrete technologies that we could use to explain concepts to people. <DanC_> (IE's trust categories are, in a distant way, similar to noscript's trusted site lists and petnames.) TimBL: Maybe making up distinctions as a design point, then defining the properties of them (like IE did with levels of trusted sites in the past say) so that you can then prove what sorts of functionality you can get from applications in each category. Not observing a distinction but inventing one. <Zakim> noah, you wanted to note that W3C Widgets share things like device access APIs with Javascript apps running in the browser Noah: I am convinced by the point that proprietaryness is not an *architectural* concern. ... However, there things we W3C are responsible for as we are not responsible for silverlight or Flash. these are the AJAX technologies. ... We additionally have the widget work. With W3C Widget packaging. ... I am told phonegap may converge with widgets. ... I think the policy model will be shared by those two models. ... For example the geolocation API can be used from either type of application. ... I think that the policy issues are interesting in both cases. Raman: Also it is our responability to make sure all bits of tech work on the web whether or not they come from W3C. Ashok: If you use a webapp, the danger is that you will give it data. It might sell that data. Noah: Same for iPhone apps. Ashok: You will need different types of protection mechanisms, different types of policies. ... I was talking at lunch to Lalana Kagal, who is a policy person. <DanC_> [57]http://people.csail.mit.edu/lkagal/ [57] http://people.csail.mit.edu/lkagal/ Ashok: She felt that the note we sent out about policy [@@link] wasn't strong enough. <DanC_> action-318? <trackbot> ACTION-318 -- Noah Mendelsohn to send note to Device APIs and Policy (DAP) Working Group on behalf of the TAG -- due 2009-11-20 -- CLOSED <trackbot> [58]http://www.w3.org/2001/tag/group/track/actions/318 [58] http://www.w3.org/2001/tag/group/track/actions/318 Ashok: She would like something stronger,. with an outline of architecture and outline of protection mechanisms. ... It just said "You have to have a policy" Nothing in what kind, where enforced, etc .. the next layer of the architecture. <Zakim> DanC_, you wanted to prompt for "what are we trying to promote/prevent?" and to note "phonegap converge with w3c widget work" as perhaps something we're trying to promote DanC: What are we trying to promote? to prevent? Maybe we should promote the convergence of phonegap and w3c widget work. <DanC_> problem making ajax crawlable [59]http://lists.w3.org/Archives/Public/www-tag/2009Dec/0030.html [59] http://lists.w3.org/Archives/Public/www-tag/2009Dec/0030.html <noah> I would be willing to take an action to investigate Phonegap/W3C Widget convergence plans <johnk> I think your distinction is interesting, Larry (re: which sandbox is used) and definitely, the issues you raise re protection et al are correct DanC: Also I wrote an email about his idea about making AJAX space crawlable: a mapping from a URI with an AJAX hash in it to a URI without an AJAX hash in it. There is a question then as to whether the original URI should be the one without the hash or the one with. There is a really broken idea of having a standard mapping from any URI with a hash to some equivalent/related URI without. The people who define such mappings don't have the right to say things about everyone else's URI space. <DanC_> (the point I'm trying to make is about squatting; i.e. who gets to choose which names) Masinter: Mainly the same except a widget as a security domain which is the local machine. ... We might be advantaged by not making the distinction at all. <Zakim> noah, you wanted to say that the bit Dan talked about with server/client URI aliasing is exactly the sort of thing I'd like to see us explore, perhaps in an Arch of Web Apps. <DanC_> . ACTION noah to investigate Phonegap/W3C Widget convergence plans ACTION Noah to investigate possible convergence of phonegap and w3C widgets, by January 30 <trackbot> Created ACTION-345 - Investigate possible convergence of phonegap and w3C widgets, by January 30 [on Noah Mendelsohn - due 2009-12-15]. <DanC_> action-345 due 30 jan <trackbot> ACTION-345 Investigate possible convergence of phonegap and w3C widgets, by January 30 due date now 30 jan <DanC_> action-345? <trackbot> ACTION-345 -- Noah Mendelsohn to investigate possible convergence of phonegap and w3C widgets, by January 30 -- due 2009-01-30 -- OPEN <trackbot> [60]http://www.w3.org/2001/tag/group/track/actions/345 [60] http://www.w3.org/2001/tag/group/track/actions/345 <noah> b <DanC_> action-345? <trackbot> ACTION-345 -- Noah Mendelsohn to investigate possible convergence of phonegap and w3C widgets -- due 2010-01-30 -- OPEN <trackbot> [61]http://www.w3.org/2001/tag/group/track/actions/345 [61] http://www.w3.org/2001/tag/group/track/actions/345 <DanC_> action-345? <trackbot> ACTION-345 -- Noah Mendelsohn to investigate possible convergence of phonegap and w3C widgets -- due 2010-01-30 -- OPEN <trackbot> [62]http://www.w3.org/2001/tag/group/track/actions/345 [62] http://www.w3.org/2001/tag/group/track/actions/345 Noah: About this trickery between client-side and server-side URIs .. the Google maps URIs are neat -- the server generates a map with URIs, but the javascript knows how tro generate permalinks to panned versions of the map which will work when you use them on the server ... This is a really useful idiom. We should promote it. ... In fact, if the code was really trusted, then the URI bar would change in real time as one pans anyway. TimBL: A Firefox extension is trusted like that, so Tabulator can do that with URIs <Zakim> DanC_, you wanted to ask about addressbar updating Henry: A taxonomy or enumeration of who you are trusting when you perform which gestures would be interesting. ... When you are doing a GET then you are trusting the browser implementation to not do anything as a result of that get. But when you install something, you are trusting the source of the code you install. DanC: Browsing isn't safe. When you do a GET, in fact you can load a script which can do a POST. Which is broken. [ADJOURNED to XX:15] ______________________ HTML 5 review: ISSUE-20 (errorHandling-20): What should specifications say about error handling? We start without John for the moment. John arrives Noah: This item is a combination of error handling and content override <DanC_> action-308? <trackbot> ACTION-308 -- John Kemp to propose updates to Authoritative Metadata and Self-Describing Web to acknowledge the reality of sniffing -- due 2009-12-25 -- OPEN <trackbot> [63]http://www.w3.org/2001/tag/group/track/actions/308 [63] http://www.w3.org/2001/tag/group/track/actions/308 <DanC_> action-309? <trackbot> ACTION-309 -- Henry S. Thompson to henry to bring back proposed TAG pushback on sniffing and HTTP bis draft [64]http://trac.tools.ietf.org/wg/httpbis/trac/export/663/draft-ietf -httpbis/latest/p3-payload.html, or his recommendation that we leave it alone -- due 2009-11-26 -- PENDINGREVIEW [64] http://trac.tools.ietf.org/wg/httpbis/trac/export/663/draft-ietf-httpbis/latest/p3-payload.html <trackbot> [65]http://www.w3.org/2001/tag/group/track/actions/309 [65] http://www.w3.org/2001/tag/group/track/actions/309 action-309? <trackbot> ACTION-309 -- Henry S. Thompson to henry to bring back proposed TAG pushback on sniffing and HTTP bis draft [66]http://trac.tools.ietf.org/wg/httpbis/trac/export/663/draft-ietf -httpbis/latest/p3-payload.html, or his recommendation that we leave it alone -- due 2009-11-26 -- PENDINGREVIEW [66] http://trac.tools.ietf.org/wg/httpbis/trac/export/663/draft-ietf-httpbis/latest/p3-payload.html <trackbot> [67]http://www.w3.org/2001/tag/group/track/actions/309 [67] http://www.w3.org/2001/tag/group/track/actions/309 Henry: I attempetd in this email ([68]http://lists.w3.org/Archives/Public/www-tag/2009Dec/0006.html) to get everyone up to speed. Section 3.2.1 of HTTP-bis is where we left our valiant hero. ... This has all stablized, and this is *all* the draft currently say about sniffing, and nothing else. [68] http://lists.w3.org/Archives/Public/www-tag/2009Dec/0006.html TimBL; When the spec says "[the receiver] MAY assume that it is application/octet-stream" then that does of course say much. It is a stream of bytes. Henry: It is crucial that they say that you should not override the given media type. Masinter: In the abarth draft, the introductory text is all about incorrectly labelled resources masinter: Does it say you should override the content-type Henry: It is careful about privilege escalation but that is *all* it is careful with ... We don't want to say "Authoritative metadata or death" <DanC_> +1 phrase it in terms of "risks of misrepresentation" Noah: Any agent which interprets data in a way inconsistent with the content-type risks drawing incorrect conclusions. Masinter: I am reluctant to ask the HTTPbis group to say more than they think is in scope. ... We might recommend changes to the mime-sniffing document. <DanC_> +1 getting the HTTPbis spec to cite the MIME sniffing draft Masinter: As that is where the main analysis. JAR: No "no security escalation" idea is one thing to keep. Can we isolate other principles? DanC: Like "If a lot of people do it then it must be right' :-/ Henry: They did go against IE6 JAR: Error correction case, whether the given content type does not make the document valid <ht> We've gone mute [misssed HT] Noah: Say what you want about existing servers -- but in many cases the user agent cannot distinguish betwen an error case and in fact a correct deployment. JAR gave a counterexample, if the bits are not legal for the advertized type, then you have more reason to try error recovery. Masinter: I think apple mail clients sniff too. JAR: Should we change the MIME registries? <noah> [69]http://www.noahdemo.com/rte/Metadata/broken_text.xml [69] http://www.noahdemo.com/rte/Metadata/broken_text.xml Serves as text/plain, first bytes look like XML, but in fact is not well formed. Renders fine in Firefox, breaks in IE6 <jar> No, that's not what I asked. What I asked was, does anyone know if barth et al. considered updating lots of mime type registrations, INSTEAD of writing a sniffing RFC? <noah> Updating mime type regs to say what? <jar> To say whatever the Barth "sniffing rfc" draft says. Henry: I wonder whether they are just rewriting things which could not be text plain documents. If the first bit is a unicode Byte Order Mark, then you treat it as text/plain, and if none of the first N bytes are binary then you must stick with text/plain. If the first bytes of the resource match a magic number the see the table. You can promote text/plain to application/postscript TimBL: You can do denial of service with PS, no? Masinter: Apple promise PS <Zakim> timbl, you wanted to object to trapping HTML as "scriptable" early on when it is not necessarily. Henry: you can promote to zip or image TimBL: I'm constantly frustrated by the way my machine and its software deals with scriptable things. It keeps warning me about HTML files downloaded from the Internet or in email. Given that a lot of HTML doesn't have script in it, this idea that "HTML is scriptable" worries me. the machine goes to so much trouble to keep track of where things came from; can't it use a non-scripting viewer? Why does it assume that the document is dangerous rather than the viewing app? Jonathan: but isn't the point to get interoperability between apps that are going to do this [?] anyway? <noah> FWIW, I'd like to gradually evolve this discussion to next steps. <Zakim> DanC_, you wanted to note content security policy and to project the web apps product to show what actions we have DanC: The idea of a non-scripting viewer is interesting. ... The content-providers have this problem as people contribute HTML which should not have scripts in, and no one notices. <DanC_> [70]http://lists.w3.org/Archives/Public/www-tag/2009Dec/0063.html [70] http://lists.w3.org/Archives/Public/www-tag/2009Dec/0063.html <DanC_> [71]http://www.w3.org/Security/wiki/Content_Security_Policy [71] http://www.w3.org/Security/wiki/Content_Security_Policy DanC: There is a proposal to add a feature to "please ignore all scripts in this.. it is our stuff but we are not sure about it". <DanC_> [72]http://people.mozilla.org/~bsterne/content-security-policy/ [72] http://people.mozilla.org/~bsterne/content-security-policy/ <johnk> [73]https://wiki.mozilla.org/Security/CSP/Spec [73] https://wiki.mozilla.org/Security/CSP/Spec <DanC_> [74]http://www.w3.org/2001/tag/group/track/agenda [74] http://www.w3.org/2001/tag/group/track/agenda <Zakim> ht, you wanted to clarify my attitude to mime-sniff Henry: Parenthetically, my own university allows me to publish by submitting an HTML body which wraps it by a wrapper I have no control over. <DanC_> ... e.g. scripts Henry: About the "Lowest Common Denominator" problem of tarring all HTML with the same brush. I don't think the current situation is the one we want to be in, but the current draft is the best for the given situation. This Barth-Hixie draft rules out the worst of the bad behavior, and documents the existing behaviour, so they should be encouraged, but so should the HTTP-bis folks, to comment on thhe best bits of the draft. scribe: We need to both warn of the risks and identify the necessity. John: Why in HTTP? Henry: Because it is the HTTP spec which specifies the content-type DanC, no the HTTP bis spec is not a big PR option -- but it is a reference to which people will fall back in their arguents. Henry: I will still be arguing for "SHOULD"s in there John: What about modularity of specifications Henry: They changed the spec to licence sniffing but did not say that if you do that you get burned. <Zakim> johnk, you wanted to rephrase my concern Noah: Tim brought up the idea of a non-scripting viewer... but just showing the data with no script running is not always what we want. Maybe there should be a warning? <DanC_> action-309? <trackbot> ACTION-309 -- Henry S. Thompson to henry draft input to HTTP bis draft re sniffing based on 8 Dec discussion -- due 2009-12-09 -- PENDINGREVIEW <trackbot> [75]http://www.w3.org/2001/tag/group/track/actions/309 [75] http://www.w3.org/2001/tag/group/track/actions/309 <DanC_> action-309? <trackbot> ACTION-309 -- Henry S. Thompson to draft input to HTTP bis draft re sniffing based on 8 Dec discussion -- due 2009-12-09 -- OPEN <trackbot> [76]http://www.w3.org/2001/tag/group/track/actions/309 [76] http://www.w3.org/2001/tag/group/track/actions/309 Admin: Upcoming Teleconferences ... <DanC_> NM: tag election ongoing... <DanC_> HT: ends 9 Jan <DanC_> NM: 4 candidates for 2 slots <DanC_> NM: reminder: TAG meeting 17th-19th March 2010, MIT, Cambridge, MA, USA <DanC_> NM: inclined to not schedule next ftf until election done, OK? <DanC_> [agreement by silence] <DanC_> discussion of timing of upcoming TAG ftf w.r.t. AC meeting... <DanC_> someone suggests 24-26 Mar, Wed-Fri of the week of the AC meeting <DanC_> better for 2 people, worse for 1 <DanC_> ACTION: Dan to collect March 2010 W3C Team day info [recorded in [77]http://www.w3.org/2009/12/08-tagmem-minutes.html#action03] [77] http://www.w3.org/2009/12/08-tagmem-minutes.html#action03 <trackbot> Created ACTION-346 - Collect March 2010 W3C Team day info [on Dan Connolly - due 2009-12-15]. <ht> [78]http://www.rfc-editor.org/rfc/rfc2046.txt [78] http://www.rfc-editor.org/rfc/rfc2046.txt ISSUE-50 (URNsAndRegistries-50) (status check) <trackbot> ISSUE-50 -- URIs, URNs, "location independent" naming systems and associated registries for naming on the Web -- OPEN <trackbot> [79]http://www.w3.org/2001/tag/group/track/issues/50 [79] http://www.w3.org/2001/tag/group/track/issues/50 <DanC_> ACTION-121 due 1 Mar 2010 <trackbot> ACTION-121 HT to draft TAG input to review of draft ARK RFC due date now 1 Mar 2010 <DanC_> action-33 due 1 Mar 2010 <trackbot> ACTION-33 revise naming challenges story in response to Dec 2008 F2F discussion due date now 1 Mar 2010 <DanC_> ADJOURN (for today) Summary of Action Items [NEW] ACTION: Dan to collect March 2010 W3C Team day info [recorded in [80]http://www.w3.org/2009/12/08-tagmem-minutes.html#action03] [NEW] ACTION: jonathan discuss petname application to IRI spoofing in public-iri and www-tag [recorded in [81]http://www.w3.org/2009/12/08-tagmem-minutes.html#action02] [NEW] ACTION: noah to follow up with Thomas about security review activities for HTML5 [recorded in [82]http://www.w3.org/2009/12/08-tagmem-minutes.html#action01] [80] http://www.w3.org/2009/12/08-tagmem-minutes.html#action03 [81] http://www.w3.org/2009/12/08-tagmem-minutes.html#action02 [82] http://www.w3.org/2009/12/08-tagmem-minutes.html#action01 [End of minutes] _________________________________________________________ Minutes formatted by David Booth's [83]scribe.perl version 1.135 ([84]CVS log) $Date: 2010/01/05 17:42:21 $ [83] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm [84] http://dev.w3.org/cvsweb/2002/scribe/ [1]W3C [1] http://www.w3.org/ TAG f2f 09 Dec 2009 [2]Agenda [2] http://www.w3.org/2001/tag/2009/12/08-agenda.html See also: [3]IRC log [3] http://www.w3.org/2009/12/09-tagmem-irc Attendees Present Tim Berners-Lee, Dan Connolly, John Kemp, Ashok Malhotra (in part), Larry Masinter, Noah Mendelsohn, Jonathan Rees, Henry S. Thompson Regrets Chair Noah Mendelsohn Scribes Henry S. Thompson, Jonathan Rees, Noah Mendelsohn Contents * [4]Topics 1. [5]Metadata Architecture (HTTP Semantics): ISSUE-57 (HttpRedirections-57): The use of HTTP Redirection 2. [6]HTML 5 review: References to versioned specs (#15 in our HTML 5 review topics) etc. 3. [7]ISSUE-50 and persistent domains 4. [8]ISSUE-53 (genericResources-53): Generic resources 5. [9]Web Application Architecture (ACTION-306 etc) * [10]Summary of Action Items _________________________________________________________ [Agenda planning. . .] NM: Let's try issue HttpRedirections-57 Metadata Architecture (HTTP Semantics): ISSUE-57 (HttpRedirections-57): The use of HTTP Redirection [11]http://www.w3.org/2001/tag/2009/12/08-agenda.html#HttpRedire [11] http://www.w3.org/2001/tag/2009/12/08-agenda.html#HttpRedire JR: [12]http://lists.w3.org/Archives/Public/www-tag/2009Jun/0057.html ... Going through the history---first two points are the origin of this ... 1) 303s aren't supposed to be cached -- bug in 2616 -- fixed in HTTPbis [12] http://lists.w3.org/Archives/Public/www-tag/2009Jun/0057.html DC: Let's endorse that fix LM: Not sure about that -- not prepared to endorse -- abstain NM: This becomes relevant because we encouraged people to use 303 JR: Any reason not cache 303 responses? LM: No NM: draft RESOLUTION: TAG endorses the proposed change to HTTPbis to allow caching of 303 responses DC: Specific proposal is where? <jar> [13]http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-08#se ction-8.3.4 [13] http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-08#section-8.3.4 <DanC_> is this OK? "A 303 response SHOULD NOT be cached unless it is indicated as <DanC_> cacheable by Cache-Control or Expires header fields." JR: This is different from 307. . . DC: I think the HTTP spec. is usually neutral wrt caching JR: OK, we need to explore this further -- the difference from 307 is worrying <noahm> I heard DC say HTTP was neutral in the absence of cache-control or expires header <DanC_> ACTION: jonathan to research 303 caching change in HTTPbis [recorded in [14]http://www.w3.org/2009/12/09-tagmem-minutes.html#action01] [14] http://www.w3.org/2009/12/09-tagmem-minutes.html#action01 <trackbot> Created ACTION-347 - Research 303 caching change in HTTPbis [on Jonathan Rees - due 2009-12-16]. JR: Sub-issue 2) There's a need for a non-3xx response, in order that the original URI stays in the status bar ... Unlike 302, 303 or 307, where the target goes in the address bar <DanC_> (researching the bug...) JR: This is described as a security concern <DanC_> (many/most purl users want the purl bookmarked, not the redirected addressed) TBL: But we really don't want that for e.g. 307, because it's only a temporary redirect, so people shouldn't e.g. bookmark it LM: The single result display in the address bar is insufficient for what we want to tell the user ... Doing UI design is inappropriate for us. . . JR: I agree, that's why I want to lose this part of the issue LM: The principle we can endorse is that the URI you see should be a URI you can use to get you what you see ... Going further to say it should be a long-term, bookmarkable, etc. URI is a bit fuzzier NM: WebArch says use one URI for a resource ... even when they're not going away, it can be a problem, for example when example.com redirects to example-1.com or example-2.com for load balancing JR: What should I do <jar> For all practical purposes it's impossible to get a purl.org URI into your bookmarks list DC: Let's find out why Mozilla decline to address the PURL folks' request to fix this, so that you could bookmark PURLs TBL: Flight of fancy on 303x, 303y, 303z. . . <DanC_> "304622 min -- All nobody RESO INVA Adding a live bookmark via feedview uses the location of the feed rather than the location given in the referring page's link element; redirects, PURLs don't work " <DanC_> maybe this is the bug [15]https://bugzilla.mozilla.org/show_bug.cgi?id=304622 [15] https://bugzilla.mozilla.org/show_bug.cgi?id=304622 <noahm> proposed ACTION: Jonathan to research reasons why browser providers (e.g. Mozilla) aren't willing to meet requests (e.g. from purl) to switch address bar URL following successful redirect <noahm> ACTION: Jonathan to research reasons why browser providers (e.g. Mozilla) aren't willing to meet requests (e.g. from purl) to switch address bar URL following successful redirect [recorded in [16]http://www.w3.org/2009/12/09-tagmem-minutes.html#action02] [16] http://www.w3.org/2009/12/09-tagmem-minutes.html#action02 <trackbot> Created ACTION-348 - Research reasons why browser providers (e.g. Mozilla) aren't willing to meet requests (e.g. from purl) to switch address bar URL following successful redirect [on Jonathan Rees - due 2009-12-16]. <jar> or to not switch JR: 3) Rhys Lewis was working on a finding wrt httpRange-14, but that work stopped when the SWEO note Cool URIs for the SemWeb was published ... I think that work should be picked up and made into a finding ... which would replace/elaborate the email message which currently stands as the resolution of httpRange-14 ... That was the context for ISSUE-57 at its inception ... Additional points that have been added, are my points 4--6 ... Latest news: AWWSW task force has reported: [17]http://www.w3.org/2001/tag/awwsw/http-semantics-report-20091204. html ... A number of forms for this work, of which I'm the main editor ... helped along by our discussion at the last f2f ... A lot of text to introduce one key definition: ... for the phrase "corresponds to", which comes from the definition of the 200 response code, in 2616 and HTTPbis [17] http://www.w3.org/2001/tag/awwsw/http-semantics-report-20091204.html LM: I wouldn't take this too seriously -- we didn't when we wrote it JR: We agree entirely. It's the practice which matters to actually pin this down LM: I note that this story works/should work pretty much for ftp: as well JR: Wrt WebArch, 'representation' corresponds to 'entity' or 'content entity' ... and 'represents' corresponds to 'corresponds to' <DanC_> LMM: the HTML spec uses 'resource' for what HTTP calls entity. I filed a bug; we'll see... LM: Note that the correspondence is at a particular instant JR: Yes, at a particular time LM: And in a particular context JR: It's hard to pare things down to the point where we could focus ... So there's now a bunch of stuff which has been moved off the table ... Section HTTP Exchanges summarizes what we all know about GET requests DC: hmm... in pt 5, "preferably"? the server decides which resource the name refers to... JAR: but an intermediary might get confused DC: ah... "preferably" makes more sense for intermediaries TBL: 304? 307? JR: Yes, step 6 pbly should be clarified wrt responses other than 200 ... [works through the RDF formalization] TBL: Why did you avoid 'representation' JR: Because people objected to giving a URI to something called 'representation' a URI TBL: All I was concerned is to distinguish the original resource, identified by its URI, and the 'resource' which is some representation of that resource, which also may have a URI, but is not the same JR: Right ... correspondence is a 4-place rel'n between resource, a content entity, a start time and an end time HST: Context is richer than just time LM: Accept headers TBL: But there's still something core JR: I try to work breadth first HST: I didn't mean Accept Headers, but rather deixis, e.g. [18]http://localhost/ [18] http://localhost/ DC: or [19]http://my.yahoo.com/ [19] http://my.yahoo.com/ JR: On to section "What this semantics is careful not to say" <masinter> [20]http://tools.ietf.org/html/draft-masinter-dated-uri-05 [20] http://tools.ietf.org/html/draft-masinter-dated-uri-05 <masinter> vs [21]http://tools.ietf.org/html/draft-masinter-dated-uri-06 [21] http://tools.ietf.org/html/draft-masinter-dated-uri-06 LM: Server response is a speech act JR: Precisely -- let's look at some more recent slides ... How do you prove correctness of an HTTP proxy, cache, API or theory <DanC_> [22]Potatoes don't say anything [22] http://lists.w3.org/Archives/Public/www-archive/2009Dec/att-0024/z.html <DanC_> bug in "Content negotiation" slide: speaks_for should be corresponds_to slide21 should have corresponds_to instead of speaks_for in conneg slide (21?) <jar> TOPLAS 1993 ? <DanC_> (I think of it as BAN logic) JR: Now make use of Abadi, Burrows, Lampson and Plotkin logic (ABLP) ... originally for crypto ... and access control <DanC_> (a larch formalization [23]http://www.w3.org/Architecture/iiir-larch/BAN.lsl based on a 1989 SRC Research Report ) [23] http://www.w3.org/Architecture/iiir-larch/BAN.lsl LM: What's good about this is precisely that it qualifies everything with the principal who/which/that says it JR: Crucial observation -- HTTP defines corresponds_to as follows: "example.com controls {[24]http://example.com/foo corresponds_to E}" [24] http://example.com/foo JR: The domain of "says" is principals, Non-principals don't say anything ... Not all resources are principals NM: Break for 15 minutes <jar> There are two versions of ABLP, the DEC SRC TR from 1991, and the TOPLAS paper from 93 or 94 <jar> not to be confused with the earlier BAN paper from 1990, which overlaps in content NM: Resumed JR: [Gets to slide 12, reconstruction of httpRange-14] NM: So this is stronger than the original conclusion? JR: Yes ... The original 'resolution' simply constrained the range of the corresponds_to relation ... but it didn't actually address the original problem NM: Elaborating the "image conneg example": URI identifies a photo. Conneg used to retrieve either jpeg or gif. They agree up to a point in conveying the photo, but not completely, does the theory allow/explain that? JR: This theory as it stands isn't articulated enough to determine the relationship between corresponds_to and speaks_for NM: Good progress here, wrt httpRange-14 ... Note that we're OK, mostly, when we ask for, say, the Declaration of Independence, and what we get back has some advertising in a sidebar ... and I think this can address that LM: I think this is very good stuff. I hope we can use it to clarify what is meant by Origin LM: The whole CORS, confused deputy, etc. debate is hampered by a lack of clear definition of precisely this kind of thing: what is an origin, a deputy, etc. LM: Linking SemWeb and Security would be a great thing, possibly a win for both sides NM: Great idea -- specific action? DC: I'd like to write this up in a different editorial style <timbl> Have we finished JAR's slide set? JR: Sure <timbl> ah JR: Connects with CAPdesk, DARPA-funded DARPAbrowser <noahm> The chair would very much like for Dan to propose an action for himself. <DanC_> . ACTION Dan write up speaks_for applied to httpRedirections and httpRange using motivating examples <noahm> Thank you! <DanC_> ACTION Dan write up speaks_for applied to httpRedirections and httpRange using motivating examples <trackbot> Created ACTION-349 - Write up speaks_for applied to httpRedirections and httpRange using motivating examples [on Dan Connolly - due 2009-12-16]. <johnk> Pointing out Miller et al's Horton paper: [25]http://www.erights.org/elib/capability/horton/ [25] http://www.erights.org/elib/capability/horton/ <johnk> re: "delegating responsibility in digital systems" <jar> JAR is babbling about Mark Miller's previous work: DARPAbrowser and CAPdesk (w.r.t our discussion of 307 and what's in the browser URI bar, etc. ) TBL: Slides done, can we try to find a replacement for 'speaks_for' ... We have a URI, we get a 200 ... Using 'speaks_for' as the relationship which relates content to the resource ... but if R is a person, the content can't 'speak_for' a person <DanC_> contexts in which the term gets used "a secure channel from Bob speaks for bob" TBL: that is, an entity speaking for the agent <masinter> you get a 200 from a server, where the server speaks for the person JR: In the old days we sent letters, and my letter did 'speak_for' me ... No resource speaks for me, it doesn't say that <DanC_> (it's clear to me that offline witing is going to be more efficient than group discussion, but if Tim has a clear example, I'm interested to capture it.) <DanC_> i identifies Pat Hayes <DanC_> 2. 200 from resource identified by i Slide 9 appears to back Tim <DanC_> conjecture: 200 response speaks for Pat HST: Stipulate that we have a URI for Pat Hayes ... Then your slides appear to say that if I get a ContentEntity from GETting that URI ... that it a) corresponds_to Pat and therefore, per the 'Controversial Axiom', that it speaks_for Pat JAR: would give us a reason to ask Pat not to assert such things, because it breaks our theory JR: Ah -- the ContAx isn't licensed by any existing spec. ... I think it's useful to explain a lot of WebArch TBL: So if it is, we have a reductio wrt Pat saying what he says about that URI <DanC_> phpht JR: Oh, yes, and, the ContAx should include server says that E speaks for R ... not E speaks for R directly AM: Looking at R doesn't say any s, then E doesn't (mustn't) say any s JR: This is meant just to be a restatement of the positive direction AM: This says E's only role is to say what R says JR: Yes, that's the ContAx JAR: yes, advertising conflicts DC: I'm getting useful input, not guaranteed to end up in the same place LM: Please try to include Origin DC: Not sure how, but I'll at least try. HT: I think perhaps there are too many levels at which entities say things. It's clear to me that an XML document says some things, because of the semantics of XML. I.e. the infoset. TBL: I dispute that it says those things. DC: I understand both positions. JAR: Me too. HT: I'm being intentionally obtuse in part to get to talking about a 3rd party, which is the interpreter of the message. We often think of this as a human observing a screen, can also be listening to audio. HT: It's that which ultimately says things. JAR: Similar to the crypto case, in which the interpreters have to be part of the proof system. <masinter> A potato says "help i'm a potato" ? <DanC_> (the dispute between TBL and HT is issue ISSUE-28 fragmentInXML-28; odd that tracker considers it closed when it's plain that the TAG doesn't have consensus.) TBL: When it's RDF, what it says is what the triples it produces say <DanC_> (the resolution in tracker sides with Tim) HT: Isn't that analagous to my statement that what an XML document "says" is first order the Infoset, and then 2nd order the interpretation of those. TBL: No, I'm talking about the interpretation of the graph. HT: Ah. HT: What I [originally] scribed is wrong when I attributed to TBL "what it says is the triples it produces"; should have scribed "what it says is what the triples it produces say" NM: good progress here, great work JR ... DC is going to try to restate/elaborate <DanC_> action-201? <trackbot> ACTION-201 -- Jonathan Rees to report on status of AWWSW discussions -- due 2009-12-01 -- PENDINGREVIEW <trackbot> [26]http://www.w3.org/2001/tag/group/track/actions/201 [26] http://www.w3.org/2001/tag/group/track/actions/201 <DanC_> . action-201 due 15 Mar 2010 [procedural discussion] <DanC_> action-201 due 15 Mar 2010 <trackbot> ACTION-201 Report on status of AWWSW discussions due date now 15 Mar 2010 TBL: I'd like to see some interaction with the Tabulator work <DanC_> ACTION-116 due 31 Dec 2009 <trackbot> ACTION-116 Align the tabulator internal vocabulary with the vocabulary in the rules [27]http://esw.w3.org/topic/AwwswDboothsRules, getting changes to either as needed. due date now 31 Dec 2009 [27] http://esw.w3.org/topic/AwwswDboothsRules <noah> ACTION-201 Due 2 March 2010 <trackbot> ACTION-201 Report on status of AWWSW discussions due date now 2 March 2010 LM: Could we have used a Link Header in a 404 response? JR: Yes LM: But not a link in the body of 404 document itself? DC: No LM: But I like the idea of having links in the body, because you can have lots of them HTML 5 review: References to versioned specs (#15 in our HTML 5 review topics) etc. [28]http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html [28] http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html <noah> [29]http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html [29] http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html <noah> This is in relation to ACTION-303 AM: Doesn't this allow me to just support an earlier version? <Zakim> noah, you wanted to talk about problems with >requiring< future proofing HST: The 'earliest appropriate' sentence is meant to rule that out. ... Maybe that needs to be stronger NM: I have a long history of interest in this ... I like this as a goal for many circumstances ... But there are cases where it doesn't work ... The XML 1.1 experience is illustrative in this case ... So we shouldn't require this kind of future-proofing of references ... Specifically in terms of systems which are involved in communication <DanC_> +1 "should future-proof" is too strong. The simple case of citing a frozen spec is fine in many cases <Zakim> johnk, you wanted to wonder whether it is confusing to combine conformance and referencing behaviour in one statement <noah> Seeing where you're going, Henry, unless new editions >never< allow for new content, I think my concern stands. JK: Conformant implementations? Should that be separated from what is referenced? Trying to pack too much in? <noah> Or maybe I'm not guessing right as to what your concern/suggestion will be. JK: How references are written is different from what is a conformant implementation <Zakim> DanC_, you wanted to ask for a reminder of a specific case we're particularly interested in... it was somewhere in the HTML 5 references, yes? DC: There was a specific case wrt the HTML 5 <masinter> think IETF tradition is to make the 'future proofing' more part of general policy than being specific in each draft. A1 references B1. When B2 updates B1, implementations of A1 may or may not follow B2 HT: As it stands, there are only stubs in the HTML 5 references. DC:HT: No. HT: Last I looked. E.g. following link from content-sniffing you got something that just said content sniffing. <DanC_> [30]http://dev.w3.org/html5/spec/references.html#references [30] http://dev.w3.org/html5/spec/references.html#references <noah> We pause to read HTML 5 references section.... HT: Ah, it's better than it was. DC: So if we pushed on any of these, we would pbly find the editor would have a reason HT: E.g. the text in the references says "[CSS] Cascading Style Sheets Level 2 Revision 1, B. Bos, T. Celik, I. Hickson, H. Lie. W3C, April 2009.", but links the undated copy. HST: So what does it mean for an implementor? Specifically, implementors 5 years from now have to figure out what was meant. We're trying to fix that. <Zakim> TBL, you wanted to point out that anyone using this language assumes there is a contract with future working groups to maintain the operability of the referencing spec, when TBL: If you propose we use the present and the future -- why not earlier ones? ... As for the future, that depends on the sort of WG and the sort of spec. ... If the group doesn't commit to back compatibility, you can't rely on it <masinter> Is the distinction between "edition" and "version" important? TBL: You might try to negotiate a commitment from the WG that they won't change. . . ... Or you might just require people to check <masinter> Can distinction between "technical specification" and "applicability statement" be useful? "applicability statement" calls out specific dated versions, while general "technical specification" doesn't? Two documents, one of which updates. TBL: So it's not clear that we can go with what you propose LM: I like the difference between edition and version ... We used to differentiate between applicability statements and language specs. ... So you would only have to update the appl. statement <Zakim> ht, you wanted to reply to Noah wrt editions vs. versions LM: Alternatively, you could have policy outside the doc. altogether NM: You haven't addressed my concern, because it wasn't lack of back-compat that broke the XML 1.1 situation HT: The response to Noah and Tim is to say "yes, all those criticisms apply to unrestricted blank checks" (leaving aside for a sec refs to older versions), by relying on the W3C Policy for Edtions (stepping gently around XML 1.1/10 5th edition in particular), is precisely because it makes this plausible. NM: Do new editions allow new content? HT: Yes. NM: Then I still have a problem. See problems deploying XML 1.0 5th edition. A sometimes inappropriate (depending on the specs) expectation is created that implementations that haven't been updated will support new content sourced by those that have been. JR: Conformance to a spec. that has a variable in it is intrinsically vague <Zakim> jar, you wanted to consider classes of comforming implementations (conforming to various combinations of specs) JR: So there's a time-sensitivity wrt the answer to "does this conform?" <Zakim> noah, you wanted to mention that there can be issues with 3rd party specs. NM: TBL mentioned SOAP in passing [AM leaves] NM: SOAP wasn't sure about supporting XML 1.1 ... It depended on the Infoset, and we weren't sure that even if we went to XML 1.1, the Infoset would have been well-future-proofed enough for it all to hold together ... So in some ways, my willingness to future-proof my references depends on other specs also being well future-proofed <Zakim> johnk, you wanted to ask how can we apply henry'd text to the specific issue noted? HST: Yes, we have a real case of this with XML 1.0 5e and XML NS 3e JK: Addressing dated prose in conjunction with an undated URI is separate from future-proofing? LM: My assumption is that the dated ref. is normative <jar> If dated spec A normatively cites undated spec B, and artifact Z conforms to A - what does that mean? Maybe: (1) it conforms to A(B(t)) for some t, or (2) it conforms to A(B(t)) for all t, or (3) if conforms to A(B(t)) for t >= now DC: Hidden URIs are less significant <DanC_> (editorially I like including the full, dated URI in a citation, but I much prefer using the document title as the link text.) HST: Jonathan attempted to answer John. I agree as far as it goes but want to go further. You're right, I was trying to address two problems: 1) dated vs. undated refs conflict, and BTW some peoples' styles to make the URI explict... ... there are many variations on that 2) usually, all that people tend to say is by grouping into normative and non-normative. It's rare for the conformance section to clarify what is meant by making a reference normative. <noah> FWIW, Dan, though it's clunky, I tend to feel that making both live links, to the same URI, is the least bad approach. <jar> the normative reference speaks for the spec that refers to it <DanC_> (oh... and I don't like "available at"; I consider the semantics "identified by", and I leave it implicit) <DanC_> [31]http://lists.w3.org/Archives/Public/public-html-comments/2009Dec /0002.html [31] http://lists.w3.org/Archives/Public/public-html-comments/2009Dec/0002.html <noah> Queue is open only for next steps discussion DC: I asked the HTML 5 editor to add 'work in progress' to links to documents which identify themselves as work in progress ... The response was 'busywork' NM: I don't think this can go further unless my concerns and maybe TBL's are addressed <DanC_> (aha! found some work I did in this area: [32]http://lists.w3.org/Archives/Public/public-swbp-wg/2005Sep/0136 'formally defining W3C's namespace change policy options w.r.t. recent TAG versioning terminology' ) [32] http://lists.w3.org/Archives/Public/public-swbp-wg/2005Sep/0136 JR: I thought restricting to editions was good enough TBL: I had missed that HST meant to constrain to editions, that satisfies me <noah> What I have in mind is something along the lines of: <noah> The TAG believes that this is good practice in many cases, but not in all. We recognize that, particularly in cases where no assurance is given that future editions won't support use of new (I.e. previously invalid) content, the advice given here may be impractical. <DanC_> I think the short para HT proposed is "too clever by half"; it'll only be an effective communication if it recapitulates critical parts of the edition policy <DanC_> also, I want to make it clear that it's not the only "template" we endorse by providing more than one template; e.g. another one for really frozen, dated specs . ACTION: Henry to revise [33]http://lists.w3.org/Archives/Public/public-html-comments/2009Dec /0002.html based on feedback on www-tag/html-comments, and the feedback from TAG f2f 2009-12-09 discussion [33] http://lists.w3.org/Archives/Public/public-html-comments/2009Dec/0002.html <jar> whether in practice the "edition" process as specified and executed is sufficient to protect investment is something I'm not qualified to answer. it sounds as if it would be, as specified, if followed, but haven't checked... <DanC_> close action-303 <trackbot> ACTION-303 Draft text on writing references closed <DanC_> close action-304 <trackbot> ACTION-304 Write up issue around normative references to particular versions of specs closed <scribe> ACTION: Henry to revise [34]http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html based on feedback on www-tag and the feedback from TAG f2f 2009-12-09 discussion [recorded in [35]http://www.w3.org/2009/12/09-tagmem-minutes.html#action03] [34] http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html [35] http://www.w3.org/2009/12/09-tagmem-minutes.html#action03 <trackbot> Created ACTION-350 - Revise [36]http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html based on feedback on www-tag and the feedback from TAG f2f 2009-12-09 discussion [on Henry S. Thompson - due 2009-12-16]. [36] http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html <johnk> [37]http://www.erights.org/elib/capability/horton/ [37] http://www.erights.org/elib/capability/horton/ <DanC_> Miller et. al. NM: Adjourned for lunch. Note: the lines below, up to the announcement that the meeting is "resuming", are in response to informal requests that were made during breaks for information about certain recent Microsoft announcements. These were not discussed during the formal meeting sessions. <timbl> [38]http://pinpoint.microsoft.com/en-US/Dallas [38] http://pinpoint.microsoft.com/en-US/Dallas <noah> Tim, if you're interested in Microsoft's Dallas, it was introduced at their developer's conference a couple of weeks ago. You can go to the transcript of the keynote at [39]http://www.microsoft.com/presspass/exec/ozzie/2009/11-17pdc.mspx and look for the word "Dallas". The video of the keynote, with demos, is at [40]http://cdn-smooth.ms-studiosmedia.com/presspass/mpeg2/1001009_PD CD1_500k.mpg [39] http://www.microsoft.com/presspass/exec/ozzie/2009/11-17pdc.mspx [40] http://cdn-smooth.ms-studiosmedia.com/presspass/mpeg2/1001009_PDCD1_500k.mpg <noah> You can use the transcript to find the right place in the video. NM: Resuming. <masinter> I believe the TAG asked me to review widget: <masinter> I did so <masinter> the webapps working group replied <masinter> i answered their replies this morning <masinter> if the TAG would like to review the correspondence and chime in later, then we don't need to take up meeting time here. If you'd like, I can go over what I think the open issues are. Opinions? <masinter> [41]http://lists.w3.org/Archives/Public/public-webapps/2009OctDec/ [41] http://lists.w3.org/Archives/Public/public-webapps/2009OctDec/ <masinter> see "Comment on Widget IRI" messages (still working on the agenda) <noah> [42]http://www.w3.org/2001/tag/2009/12/08-agenda.html [42] http://www.w3.org/2001/tag/2009/12/08-agenda.html ISSUE-50 and persistent domains <timbl> [43]http://www.w3.org/DesignIssues/PersistentDomains [43] http://www.w3.org/DesignIssues/PersistentDomains close action-311 <trackbot> ACTION-311 Schedule discussion of a persistent domain name policy promotion closed timbl: Above link is old, but background ... Argument against using http: URIs as names, is that DNS doesn't socially support you. The domain name is rented, not owned. ... One proposal, if it's broken, fix it. ... DNS was controlled by IETF, ICANN, and it being up for rent was assumed a good idea ... now the dangers are becoming known. ... All the white house pages disappeared when the administration changed (e.g.) danc: (asks about how that example bears...) <masinter> points to [44]http://larry.masinter.net/9909-twist.pdf again [44] http://larry.masinter.net/9909-twist.pdf timbl: Many companies put up things that people would like to find later danc: There is a third-party business around finding things like that <DanC_> (I don't see how domains would help in either of the supposedly-motivating cases timbl just gave) timbl: Anyhow. One way to tackle is to make a new TLD that has different rules ... You might use it for archivable web pages , under a set of rules ... concerning transfer of rights to other entities so that pages can continue to stay live <masinter> points to [45]http://larry.masinter.net/duri.html and previous version [46]http://tools.ietf.org/html/draft-masinter-dated-uri-05 [45] http://larry.masinter.net/duri.html [46] http://tools.ietf.org/html/draft-masinter-dated-uri-05 timbl: there might be a pot of $ to pay for this ... Problem is to design a social system, maybe as a DNS play, or by setting up a consortium <masinter> points to whitehouse.gov timbl: Suggesting that to help make this happen, the TAG could write a finding advocating it ashok: These would be *unalterable* pages? timbl: To be determined ashok: Can you then sell something in this archive space? timbl: What transfers is responsibility - not any right to change jar: It's a contract with the public <Zakim> ht, you wanted to suggest a workshop ht: There are many design points. We could spend time talking about alternatives... ... I wonder is for the TAG to host a workshop before we write a finding, to scare up a representation of the interested parties ... a new TLD is a problem for existing URIs that are supposed to have persistent resolution ... but might be worth paying the cost ... Another way to go is to talk ICANN into a process around existing domains & persistence <DanC_> (ah.. that would be better... a way for any domain to get permanent status, sorta like 501(c)3 ) ht: Can we get theorists, library community, other constituencies together to talk ... How about a workshop? <DanC_> +1 workshop <masinter> points out talks from previous 1999 workshop on Internet Scale naming <noah> Wondering whether cost/logistics would work out for workshop proposal. If so, seems appealing, but not sure whether we can get <Zakim> DanC_, you wanted to note that it's not any more broken that it could/should be. New domains are not going to get companies to keep their product manuals online or stop the danc: Tim's examples didn't motivate a TLD for me... ... Giving more visible to best practices is a good idea though ... There's a running business that does endowed web publication ht: I haven't found any reference to DNS insurance danc: There are journals like PLoS that charge authors because they agree to host the content in perpetuity ... you pay once, it's there forever noah: (pokes fun at this) <ht> [47]http://www.arkhold.org/ [47] http://www.arkhold.org/ danc: The White House doesn't have the URI persistence ethic <masinter> points to "This American Life" story about a cyrogenics firm which promised perpetual freezing: [48]http://thisamericanlife.org/Radio_Episode.aspx?sched=1239 [48] http://thisamericanlife.org/Radio_Episode.aspx?sched=1239 masinter: Points to 1999 workshop "problems URIs don't solve" <masinter> points to [49]http://larry.masinter.net/9909-twist.pdf again [49] http://larry.masinter.net/9909-twist.pdf masinter: Organizations split. They merge. They go out of business. Sub-sites move. Countries disappear. ... In perpetuity has to be around content, not just names ... People will look to organizations like archive.org for long-term resolvable names <timbl> ./me quickly runs a script to change all the links in all his HTML to point to an internet archive version of the URL just in case masinter: Getting a guarantee is not the same thing as getting a credible guarantee <masinter> points to [50]http://larry.masinter.net/duri.html and previous version [50] http://larry.masinter.net/duri.html <masinter> [51]http://tools.ietf.org/html/draft-masinter-dated-uri-05 [51] http://tools.ietf.org/html/draft-masinter-dated-uri-05 lm: would like advice on how to progress with these two projects ... duri = dated URI, guarantees persistent reference, but resolution may be tricky <timbl> I wonder whether "that described by" is one word in Latin lm: still puzzled about this approach danc: Use cases? lm: tdb: has an optional date... actually two of them, when the resource was read, and when it was interpreted danc: I've never seen a situation where the complexity of duri: is required <Zakim> noah, you wanted to say that the TLD with persistent assignment seems very appealing, restricting the owner's ability to alter the pages doesn't. Seems best approached as an danc: The URI scheme space is high price real estate, so better to do as an RDF property for those who are happy to use RDF noah: Something was said about locking down the content, Tim hesitated timbl: source code repository with version control <masinter> 1999 workshop: [52]http://www.isr.uci.edu/events/twist/twist99/ [52] http://www.isr.uci.edu/events/twist/twist99/ noah: What about perpetual ownership of name - should be orthogonal to an obligation to preserve ... Preservation of content should be more granular ashok: Who will host all this stuff? Not a private company, which can go away. timbl: A consortium of libraries. ht: Replication is the only assurance of permanence ... This is a huge design space. <Zakim> johnk, you wanted to ask what is the incentive for someone to use duri and if not sufficient incentive, and not all using them, wouldn't we still have the problems described by johnk: This is a social problem. Not sure we can solve this. All of the institutions and agreements go away. ... Not sure this is web architecture timbl: We need to kick it from the technical into the social <Zakim> ht, you wanted to mention transparency <masinter> points to [53]http://www.lockss.org/lockss/Home [53] http://www.lockss.org/lockss/Home johnk: There's no technical solution here <DanC_> yes, lockss is great work in this space <noah> Heads up: before Dan goes, I want to remind everyone that we should switch to generic resources within 5+ mins ht: Footnote: The motivation for things like tdb: and wpn: was transparency, so that you can tell by looking at a URI that it named a non-information-resource (not sure i still believe that) ... One component is a board of trustees with the power to wind it all up (e.g. if there were no web, at some future time) <masinter> points to [54]http://larry.masinter.net/0603-archiving.pdf for long-term archiving also (and see references) [54] http://larry.masinter.net/0603-archiving.pdf ht: The digital curation people worry about: Where do the resources come from to carry resources forward (e.g. archaic disks) timbl: lots of ways for accessibility to fail <Zakim> DanC_, you wanted to push back: why should IBM get "ibm.com" in perpetuity without giving back to the commons/community a persistence promise (e.g. re content of homepage) and to ht: Aim for June? <noah> suggest phrasing, "perhaps in June" <DanC_> ACTION Henry to look into a workshop on persistence... perhaps the June 2010 timeframe <trackbot> Created ACTION-351 - Look into a workshop on persistence... perhaps the June 2010 timeframe [on Henry S. Thompson - due 2009-12-16]. <Zakim> masinter, you wanted to ask who gets "att.com" when AT&T is broken up into baby bells, lucent, etc. lm: recommends references in the long term archiving paper (see above) <DanC_> ... esp the references <noah> NM: To be clear, I think persistence of name assignment should be attacked (mostly) separately from encouraging providers of content to provide that content in perpetuity and/or to make it immutable. <DanC_> action-312? <trackbot> ACTION-312 -- Jonathan Rees to find a path thru the specs that I think contradicts Dan's reading of webarch -- due 2009-12-01 -- PENDINGREVIEW <trackbot> [55]http://www.w3.org/2001/tag/group/track/actions/312 [55] http://www.w3.org/2001/tag/group/track/actions/312 <DanC_> [56]http://lists.w3.org/Archives/Public/www-tag/2009Dec/0061.html [56] http://lists.w3.org/Archives/Public/www-tag/2009Dec/0061.html JAR:The email I sent on Monday was sort of "camouflaged" JAR: In a sense, some people are trying to say, 'I can prove I need URNs' JAR: I was trying to set that down more rigorously. JAR: I want to relate it to the formalism I've been building. <DanC_> close action-312 <trackbot> ACTION-312 Find a path thru the specs that I think contradicts Dan's reading of webarch closed <DanC_> action-121 due 15 Mar 2010 <trackbot> ACTION-121 HT to draft TAG input to review of draft ARK RFC due date now 15 Mar 2010 <DanC_> action-121 due 2 Mar 2010 <trackbot> ACTION-121 HT to draft TAG input to review of draft ARK RFC due date now 2 Mar 2010 <DanC_> action-33 due 20 Dec <trackbot> ACTION-33 revise naming challenges story in response to Dec 2008 F2F discussion due date now 20 Dec ISSUE-53 (genericResources-53): Generic resources <noah> [57]http://lists.w3.org/Archives/Public/www-tag/2009Nov/0069.html [57] http://lists.w3.org/Archives/Public/www-tag/2009Nov/0069.html masinter: I drafted replacement text ... "how to use conneg" explanation for HTTPbis <masinter> [58]http://lists.w3.org/Archives/Public/ietf-http-wg/2009JulSep/0763 .html [58] http://lists.w3.org/Archives/Public/ietf-http-wg/2009JulSep/0763.html danc: Don't see any text about how the representations relate to one another <noah> BTW, the "problems" with the tag-weekly.html version of the agenda seem to be due to slow response by W3C servers. The tag-weekly.html version now appears to match the dated version. <masinter> [59]http://lists.w3.org/Archives/Public/www-tag/2009Nov/0077.html [59] http://lists.w3.org/Archives/Public/www-tag/2009Nov/0077.html masinter: sentence about server's purposes needs to be added. re-open action danc: This is what the speaks_for slide in the presentation is about... if representations contradict, it's incoherent ... How about striking "for its purposes" lm: "for the purposes of this communication" <DanC_> +1 +1 noah: (making another point about attribution) ... determining, for the purposes of this communication, which representations... <noah> Note that the supplier of representations (or choices) has the responsibility of determining, for purposes of this communication, which representations might be considered to be the "same". <noah> I don't like "considered to be the same". <DanC_> how about: considered to give the same information noah: The spec already says entity corresponds to resource ... Two representations each have the responsibility to correspond to. ... so nothing else needs to be said. <masinter> change "might be considered 'the same'" to "might be considered to represent the same information' DanC: That's the bug we're trying to fix. <noah> Not convinced. noah: Saying "corresponds to" is enough <masinter> the proposed text in [60]http://lists.w3.org/Archives/Public/ietf-http-wg/2009JulSep/0763 .html uses "represent" [60] http://lists.w3.org/Archives/Public/ietf-http-wg/2009JulSep/0763.html johnk: You're saying two things. Do we want to make the second statement, that the conneg reps have to sufficiently resemble one another (or something similar)? <noah> There is already an obligation that each representation correspond. It will tend to be the case that multiple representations of a (an immutable) resource will tend to have interpretations that are in some ways similar, perhaps extremely similar, but the archicture should not rule out, e.g. a B&W gif and a color jpeg of very different resolution. lm: Different ways to represent "the same information" (quoting lm's email 763) ... I infelicitously said "same representations" when I should have said "represent the same information" noah: There are enough weasel words ... good that we're talking about representing the same information <noah> I.e. to make me happy lm: And the server has responsibility. <DanC_> action-231? <trackbot> ACTION-231 -- Larry Masinter to draft replacement for \"how to use conneg\" stuff in HTTP spec -- due 2009-11-18 -- OPEN <trackbot> [61]http://www.w3.org/2001/tag/group/track/actions/231 [61] http://www.w3.org/2001/tag/group/track/actions/231 <DanC_> action-231 due next week <trackbot> ACTION-231 Draft replacement for \"how to use conneg\" stuff in HTTP spec due date now next week (consensus around give or represent the same information) ? break. Web Application Architecture (ACTION-306 etc) noah: Let's see if we can get organized for a more comprehensive approach, or find a whole that's greater than the sum of the parts ... The TOC is broader in the topic coverage than it might be ... maybe look at the form of our products in this area ashok: From what we spoke about yesterday, it seemed there were many differences between various people think about web apps ... I thought: web app = you are working with several communicating components ... but maybe some people thought it was an app running on a server [with sessions] <Zakim> DanC_, you wanted to project the web app product next to the outline, and to suggest (a) invited presentations or other get-togethers and (b) looking at relevant wikipedia pages ashok: In the first case, authorization etc are big issues. In 2nd case, security issues go away danc: I was looking at PhoneGap and Native Client [see previous action] ... Inviting any of those folks to talk to us would be a good thing ... Let's look at wikipedia pages related to security, web apps, widgets, etc ... The idea is to inform the developer community; a lot of people end up at wikipedia ... Maybe contributing to wp might be a way to help ... (brainstorming) <Zakim> jar, you wanted to ask for / suggest criteria etc JAR: I agree with Ashok's comment about Web applications, and assumed we were talking about the distributed case. JAR: I assumed it involved The Common Man in the Street (TCMITS). JAR: Regarding the TOC, it was a brain dump, first developed by the group together, and then refined by me. What I'm missing are criteria. Some sort of structure or philosophy that would guide us. <noahm> NM muses: maybe the criteria include: 1) architectural issues you would not get right based on what's been set out for the Web of documents and 2) clarifying points of confusion Goal: show that it's, in the end, one consistent, scalable architecture integrating documents and apps. JAR: Consider, e.g., why a specific programming language wasn't chosen for the Web. It was deemed desirable to have competition there. Maybe there's a winner now (Javascript.) Anyway, what do we want to make the same, and what different? noah: We don't talk about how you use oracle, that's an implementation detail <DanC_> (I dunno how conscious it was that javascript happened when it happened... there was talk of active content back in 1990. tcl and such. not to mention display postscript.) <johnk> well, and you have XSLT with XML and CSS too I guess noah: Things like cross-origin security, how to use URIs right - those things are in scope ... What happens inside server is not in scope ... typed possible criteria into IRC (above) ... clarify confusion around e.g. AJAX, or say how to apply old story in new situations ... to what extent is google maps one application, vs. a very large number of maps? ... more than just a document <Zakim> noahm, you wanted to respond to ashok timbl: Even though mapping software allows you to display many overlays, this is always done in code. But with calendars - you can control calendar view, how they're stacked / displayed - that's richer than what you can do with maps <DanC_> (hmm... I wonder if KML is sufficient.) <noahm> I think that talking about proper use of URIs when you're composing layers might be interesting <DanC_> (... to get maps to work, like calendars, in various clients) <noahm> Ah, when Tim says music, he's thinking more iTunes than Sibelius <noahm> [62]http://www.sibelius.com/home/index_flash.html [62] http://www.sibelius.com/home/index_flash.html timbl: Music: iTunes maybe - other applications - multidimensional access / view. Key point is you're looking at more than one document at a time timbl: When you pull in the data you have to be clever. E.g. you're looking for photos tagged x. Client would do a query to get the photos of interest <DanC_> (it's really a drag that the Zakim queue isn't a UI feature, e.g. integrated with the list of names in the channel. So many times I'm this close >< to writing an ajax-based front end to Zakim/tracker/rrsagent) [?] <Zakim> johnk, you wanted to say that it was part of web arch in 1990 johnk: Want to push back on jar's idea that webarch didn't address programming / application layer ... For last TAG meeting I tried to draw a parallel between local web browser vs. javascript ... original web arch did deal with this... timbl: For example, you could have faceted browsing using forms ... javascript model just moves data/code onto the client johnk: Phone's IP address isn't public, but a server [once it knows address] can call back to the phone to perform actions ... would like to address that applications are distributed in some way [holds up piece of paper] johnk: Here are some models. 1. server & client, server assembles a widget, client GETs widget, does a software install ... interesting thing is 2 trust decisions. 1. Install? 2. Run? ... side case: What is difference between this and native client, or plugin? ... again you have 2 trust decisions, except that (maybe) app is given more power ashok: Model: app stays on server --- johnk: I'm not done. Case 2. For example, in iGoogle (?), Google says all this content is sanctioned by Google ... Client does a GET, trust decision is: Install + run? (as one decision) ... ashok: How different from widget case? ... Both in one step. noah: (something about cookies vs. user ids) ... Reserve the word "install" for ... johnk: Case 3: Site A has a document, with content that calls out to site B (Fedex and airline) ... Fedex has document that calls out to airline ... (2nd example) Amazon is in control, compiles the content ... Cross-site case. there are trust decisions in both directions danc: Line from amazon to fedex - ? johnk: Not saying this is deployed in a reasonable way, just observing Case 4: Client accesses both Amazon and Fedex scribe: the client does the mashup danc: e.g. tabulator ... We're trying to get a feel for case 4 timbl: Tabulator is a browser extension danc: What's a good example? timbl: If you look up me, it pulls up information from wikipedia danc: No, where the *user* chose both sites? timbl: What people have we seen? danc: The interesting difference is that in case 4, the user chooses the sources to be combined. It's not one server referring the user to another. timbl: Consider two people on twitter, each with a bunch of tweets. <DanC_> (might have been nice if tim had drawn a separate thingy rather than erasing 4. oh well.) timbl: Storage of the data is separate from the... ... Suppose tweets are to be readable by my friends ... when someone pulls in tweets, it's because they're in the group ... tabulator code is completely trusted by C. Runs with user's identity <DanC_> (hmm... this speaks_for exercise might be an interesting way to look closely at OpenID phishing risks... and to explore my intuition that OAuth is sorta kerberos-shaped) johnk: The user has to decide to download the twitter app, and ...? timbl: No, it's in the cloud (scribe not quite getting it) timbl: Separate decisions about where to store their data, vs. [something about the app] johnk: (End of 4 cases as diagrammed on piece of paper and then on the whiteboard) Photo of what John wrote on the white board [63](timbl takes photo) [63] http://www.w3.org/2001/tag/2009/12/WhiteboardDec9.jpg johnk: web server provider / consumer issues coming out of SOAP work ashok: There are several trust decisions... made by the *user* explicitly johnk: brainstorming... ... The site is also making some decisions for you <DanC_> . ACTION: John integrate whiteboard drawings into a prose document about ways to distribute applications ashok: In case 2, where igoogle pulls in stuff for you, there's the question of state johnk: Yes, in all 4 cases <DanC_> ACTION: John integrate whiteboard drawings into a prose document about ways to distribute applications [recorded in [64]http://www.w3.org/2001/tag/2009/12/09-minutes.html#action04] <trackbot> Created ACTION-352 - Integrate whiteboard drawings into a prose document about ways to distribute applications [on John Kemp - due 2009-12-16]. <Zakim> noahm, you wanted to ask about use of core mechanisms like URIs in the Tim use case noah: Tim's use case was about making maps much better. You go out and say 'tell me about this area' <Zakim> DanC_, you wanted to look at the list of install-time capabilities/permissions in the W3C widgets spec and to note [65]http://www.w3.org/TR/widgets/#feature seems to have no [65] http://www.w3.org/TR/widgets/#feature (timbl recessing himself) danc: List of install capabilities in widget spec - seems dangerous to standardize this ... "This is xxx and it wants to look at your contacts list" (timbl back) danc: Can't find an actual starter list of particular permissions / capabilities - seems good to not standardize, but seems bad because not tested ... Lets you sprinkle open dust on your distributed system noah: We're no worse off. Let the market deal with it johnk: Symbian has a specific list of caps that the OS gives you <DanC_> I'm fairly satisfied with using URI space as a marketplace of features, if it works out that way masinter: Issue of versioning APIs, registries comes up repeatedly ... the problem becomes much worse regarding what might be available on the device <DanC_> but yeah... if everybody pretends to support hundred-pound-gorrila.com/featurex , then that sucks masinter: "are you a Symbian phone"? is the wrong question. "do you support geolocation?" noah: If you have an ordinary web page, it asks, can I call the geoloc API? ... or, in the install process, the question gets asked at install time ... phonegap either does or doesn't give you a good answer danc: The premise of the w3c widget spec is that you could have a w3c widget store ... The 100-pound gorilla phenomenon is still a risk ... ... little guys will be disenfranchised <Zakim> noahm, you wanted to ask about use of core mechanisms like URIs in the Tim use case lm: If you want to name it with the name of the implementation, it's hard to extend, or you run into trademark problems danc: It's in CR (widget packaging & config) noah: If they want to write a great iphone app this is a dumb way to do it lm: The failure hasn't happened because the 2 years haven't passed (you name a capability by the implementation, and there's no extensibility story, then within 2 years you'll have kludges) jar: +1 to LM <noahm> I'm not convinced we're seeing that problem is happening. Yet. danc: The spec says, URIs go here <noahm> I'm sympathetic to watching for this trouble happening; I'm unenthusiastic about getting the TAG all geared up about this until we see trouble brewing. danc: The install time ritual says, this app wants to look at x, y, z <johnk> +1 to Noah danc: The spec only says put URIs here ... Maybe there will be a marketplace... but maybe the gorilla gets in there, and everyone else has to pretend to be the gorilla noah: It's not the user-agent string case danc: No, not interestingly different <noahm> I'm not convinced it's underspecified. lm: If there's part of a spec that's underspecified, and that part need specifications for interoperability, we (TAG) could say so <johnk> I think the basis for the widget spec is exactly _for_ interoperability timbl: Expecting that probably , there will be the equivalent of a mime type registry <noahm> I think there will be much more diversity here than for mime types. timbl: current frame, focal length, lots of profiles to talk about... w3c may get involved noah: The tough thing is there's lots of innovation going on... would have been bad for standardization to rule out multitouch ... the fact that it's a URI is good <DanC_> (given that the players in this space seem to be acting in good faith, I'm ok to accept the 100-pound-gorrilla name-mangling risk; I'm OK to hope for a healthy market) lm: I don't want a solution, I just want to ask the question: What is the migration path e.g. from one pointer to two? danc: Maybe people will come to W3C to get a URI? lm: We'd like to see, if they have a solution, let's get it documented better. If not, let's work on one. <DanC_> Larry, if you want an action, you can pretty much always assign yourself one. or you can nominate somebody. <Zakim> noahm, you wanted to ask about use of core mechanisms like URIs in the Tim use case and to talk about innovation vs. standardizatoin in this space and to ask about use of core lm: Not sure I want to engage widget folks again noah: The maps could be more sophisticated... (that's what Tim was saying...) telling a story about naming and identity is important. Is there agreement on when to mint a URI, how much client/server AJAX flexibility is, who knows what the URIs are. Very interesting area to work. ... TAG story: identity, interaction, formats danc: Identity per noah is a big story (scribe hears "semantics" when noah says "identity") noah: Portals ... <DanC_> DanC: it's interesting to me in that it includes/subsumes the concern I have about "proposal to make ajax crawlable". If success can be less than the whole thing, I'm all for it. <Zakim> timbl, you wanted to say that for that class of application (map, iTune, document mgt, iPhoto, calendar, timelines, etc) there typically are *not* URIs for the total view. <noahm> Are not and should not be, or are not but there should be? timbl: Noah asked, do people make up URIs for the views? ... Not in general. ... If so, the URIs get big. ... Tabulator students took a sparql query to encode a view. ... When URIs get too big, they invent a data format. (jar promises to be brief) <Zakim> jar, you wanted to talk about the US civil war and to talk about sparql-over-GET + tinyurl JAR: In nearly every part of this discussion, I see us dancing around, meaning, inference, and contracts. JAR: Want to encourage people to look at OWL, which is the W3C technology in the inference space (and it's very nice) DC: there's a consortium of URL shortening companies noah: I said, identification is something we could profitably work on jar: 'Identification' is meaningless without meaning / inference (discussion of agenda) jar: re OWL, e.g. a specification induces a class of conforming entities. that's DL. one of many possible applications. <noahm> . ACTION: Noah to do just a bit of work framing some issues around identification for Ajax apps (remembering the merged maps use case) Due 20 January 2009 johnk: Approach of starting with 3 pillars of webarch is good <noahm> ACTION: Noah to do just a bit of work framing some issues around identification for Ajax apps (remembering the merged maps use case) Due 20 January 2009 [recorded in [66]http://www.w3.org/2001/tag/2009/12/09-minutes.html#action05] <trackbot> Created ACTION-353 - Do just a bit of work framing some issues around identification for Ajax apps (remembering the merged maps use case) Due 20 January 2009 [on Noah Mendelsohn - due 2009-12-16]. jar: spec / interface naming /v ersioning is one good focus, security is another danc: Minions, please check client side storage design and look for architectural issues ashok: web databases? danc: yes <DanC_> . ACTION ashok review client side storage apis (web simple storage etc.), looking for architectural issues or other critical problems... or interesting design features the TAG should know about <DanC_> ACTION ashok review client side storage apis (web simple storage etc.), looking for architectural issues or other critical problems... or interesting design features the TAG should know about <trackbot> Created ACTION-354 - Review client side storage apis (web simple storage etc.), looking for architectural issues or other critical problems... or interesting design features the TAG should know about [on Ashok Malhotra - due 2009-12-16]. johnk: I could try to map AWWW section on interaction to parts of webapps TOC that seem related noah: Interesting, but how about look at interaction story in webapp & findings, and ask: could I tell the Ajax story? johnk: Yes, I was trying to be more specific, but that's the idea <noahm> . ACTION john to explore the degree to which AWWW and associated findings tell the interaction story for Web Applications <noahm> ACTION john to explore the degree to which AWWW and associated findings tell the interaction story for Web Applications due: 2 Feb 2010 <trackbot> Created ACTION-355 - Explore the degree to which AWWW and associated findings tell the interaction story for Web Applications due: 2 Feb 2010 [on John Kemp - due 2009-12-16]. <noahm> ACTION-355 = john to explore the degree to which AWWW and associated findings tell the interaction story for Web Applications <noahm> ACTION-355: john to explore the degree to which AWWW and associated findings tell the interaction story for Web Applications <trackbot> ACTION-355 Explore the degree to which AWWW and associated findings tell the interaction story for Web Applications due: 2 Feb 2010 notes added <DanC_> action-355 due 2 feb 2010 <trackbot> ACTION-355 Explore the degree to which AWWW and associated findings tell the interaction story for Web Applications due: 2 Feb 2010 due date now 2 feb 2010 lm: Do we have an exit strategy for ISSUE-50? ... The goal of Henry's action is to close the issue, right? all: yes Adjourned until 0900 2009-12-10 Summary of Action Items [NEW] ACTION: Henry to revise [67]http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html based on feedback on www-tag and the feedback from TAG f2f 2009-12-09 discussion [recorded in [68]http://www.w3.org/2001/tag/2009/12/09-minutes.html#action03] [NEW] ACTION: John integrate whiteboard drawings into a prose document about ways to distribute applications [recorded in [69]http://www.w3.org/2001/tag/2009/12/09-minutes.html#action04] [NEW] ACTION: jonathan to research 303 caching change in HTTPbis [recorded in [70]http://www.w3.org/2001/tag/2009/12/09-minutes.html#action01] [NEW] ACTION: Jonathan to research reasons why browser providers (e.g. Mozilla) aren't willing to meet requests (e.g. from purl) to switch address bar URL following successful redirect [recorded in [71]http://www.w3.org/2001/tag/2009/12/09-minutes.html#action02] [NEW] ACTION: Noah to do just a bit of work framing some issues around identification for Ajax apps (remembering the merged maps use case) Due 20 January 2009 [recorded in [72]http://www.w3.org/2001/tag/2009/12/09-minutes.html#action05] [67] http://lists.w3.org/Archives/Public/www-tag/2009Oct/0075.html [End of minutes] _________________________________________________________ Minutes formatted by David Booth's [73]scribe.perl version 1.134 ([74]CVS log) $Date: 2010/01/05 17:42:53 $ [73] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm [74] http://dev.w3.org/cvsweb/2002/scribe/ [1]W3C [1] http://www.w3.org/ W3C TAG Meeting in Cambridge 10 Dec 2009 [2]Agenda [2] http://www.w3.org/2001/tag/2009/12/08-agenda See also: [3]IRC log [3] http://www.w3.org/2009/12/10-tagmem-irc Attendees Present NM, TBL, JK, AM, LMM, JAR, DC, HT, Philippe Regrets TVR Chair NM Scribe masinter, DC Contents * [4]Topics 1. [5]HTML 5 review: ISSUE-54: Default Prefix Declaration 2. [6]HTML 5 review: HTML WG status update 3. [7]HTML 5 review: issue-54: review of Microsoft's namespaces in HTML 5 proposal 4. [8]HTML 5 review: Authoring guide/language spec 5. [9]Admin: scribe duties, agenda review 6. [10]Metadata Architecture: ISSUE-62 (UniformAccessToMetadata-62): Uniform Access to Metadata 7. [11](xmlFunctions-34 / ISSUE-34): XML Transformation and composability (e.g., XSLT,XInclude, Encryption) 8. [12]HTML versioning change proposal 9. [13]HTML media type and pre-HTML 5 content 10. [14]Widget URI Scheme 11. [15]Closing remarks, thanks to the host 12. [16]Postscript: bulk action review * [17]Summary of Action Items _________________________________________________________ <masinter> Date: 10 Dec 2009 <masinter> scribenick: masinter HTML 5 review: ISSUE-54: Default Prefix Declaration ht: this idea is not mine -- been floating around, never been written down, so I thought it was time to do so. I don't take credit for idea, but take blame for details. ... published in W3C blog. <ht> [18]Default Prefix Declaration Henry S. Thompson 18 Nov 2009 [18] http://www.w3.org/QA/2009/11/default_prefix_declaration.html ht: criticism we've heard about namespaces are: syntactic complexity and API complexity issue. This proposal basically addresses the syntactic complexity, belief is that API can be handled later. TAG participates in a W3C staff meeting about the Default Prefix Declaration idea <masinter_> [19]#xmlnames minutes [19] http://www.w3.org/2009/12/xmlnames-minutes.html Note: minutes of the phone discussion held at this point were recorded by Carine Bournez and are available at: [20]http://www.w3.org/2009/12/xmlnames-minutes.html [20] http://www.w3.org/2009/12/xmlnames-minutes.html ht: slide 5 out of 7 already, just want to show example ... A "dpd" file gives default prefixes. One way to to give a link with rel="dpd" or for XML using a processing instruction. Or applications could ship in with a default DPD, or there could be media-type defaults. ... establish a priority order. ... In general, people are happy with using prefixing for avoiding collisions, but don't like namespace declarations, let's fix that. tbl: We should investigate this sort of thing, going down this path is a good idea. I'm keen on getting them linked on the MIME type, why not do things at the MIME-type level. ... One technical issue ... <scribe> scribenick: masinter <scribe> scribe: masinter Joint meeting ends; TAG meeting resumes. danc: neither of these proposals address interesting use cases ... I can see two use cases: Person wants to write SVG without gobbledygook in top of document. <svg> is simpler than <svg:svg>. ... This doesn't seem to be on the road to decentralized extensibility noah: you can change the link element or the linked DPD danc: then you're back to gobbledygook at the top of the document ... I'm looking for use cases & cost benefit timbl draws bar graph of document types. Most documents are HTML, but ther are SVG, MathML, FBML and lots of others. (draws zipf distribution, with HTML at the head, and "lots of others" as the long tail) (FBML is face book markup language) (discussion about cost and benefits for various use cases) <johnk> I would like to see it be possible to have XHTML + XML namespaces then served as text/html be processed correctly timbl: the issue is "in here" (pointing to HTML + popular other markups, SVG, etc.) but not minor ... languages that aren't used widely danc: which are the interesting use cases? allowing svg namespace without declaration doesn't help deploy SVG, they still have to learn how to draw circles noah: two communities invent <video> tag with conflicting meaning. To me the use case is "do you care about pollution" (discussion about use cases and transition path) danc: I'm trying to find some place where it's cost effective for someone timbl: so you're saying there's nothing in the middle? danc: svg and mathml are in the language. html5 does nothing interesting with rdfa. ... I'm still listening for the interesting use case. <Zakim> noahm, you wanted to noodle a bit on wild innovations evolving to the left of Tim's graph noah: example: notes that [w3c_home] was originally an extension to html. Although very sympathetic to need to support decentralized extensibility, it's important mosaic:img to ask how an extension originally spelled would eventually become part of the core HTML spec and spelled [w3c_home] . That's the challenge to mechansisms like namespaces that interests me most. henry's proposal just gets rid of the xmlns:mosaic="[21]http://ncsa.uiuc.edu/tags" [21] http://ncsa.uiuc.edu/tags <DanC_> no, it replaces it by <link ... ncsa> scribe: points out that "mosaic:img" would have been stuck with the prefix timbl: we would have added img as an alternative to mosaic:img ht: yes, there are some bumps in the road, if we go this way. But if that's the only thing in the way, i think we can live with this. <DanC_> (I'm trying to find the details of the <link> syntax ; I don't see it in [22]http://www.w3.org/QA/2009/11/default_prefix_declaration.html , henry) [22] http://www.w3.org/QA/2009/11/default_prefix_declaration.html danc: when i think of this, i think of <canvas> which is more recent. ... as much as I hate x-, the most successful example is the vendor prefix (e.g. moz-) in css. noah: that works for css, but the rules are different for css, won't work for paragraph names <DanC_> but yes, the cascade is critical to the transition from moz-smellovision to smellovision ht: two observations, different from dan. I don't agree, I think the current situation with SVG and MathML isnt' good enough. It has to define every possible transition. It specifies in detail where you can or can't put MathML and SVG elements. ... The fact that the SVG working group has been bullied into submission isn't good enough for me. ... They were pushed back to the current state of play. It isn't good enough for me. <DanC_> I think the SVG WG was convinced that this is simpler for authors <noahm> I would like to wrapup, get to next steps, and break ht: It is interesting to say that the RDFa group is happy, because I don't think there is any place in HTML5 wrt the HTML serialization for namespace declarations, because the DOM isn't going to be what they want. ... I've recorded my disagreement danc: the rdfa use case involves scripting noah: what are next steps <scribe> ACTION: noah to work to schedule followup meeting on xmlnames next week [recorded in [23]http://www.w3.org/2009/12/10-tagmem-irc] [23] http://www.w3.org/2009/12/10-tagmem-irc <trackbot> Created ACTION-356 - Work to schedule followup meeting on xmlnames next week [on Noah Mendelsohn - due 2009-12-17]. ht: reminds himself to work to figure out how this interacts with XML documents <DanC_> (do you remember the action #, larry? care to suggest a new due date?) <ht> ACTION: Henry to elaborate the DPD proposal to address comments from #xmlnames and tag f2f discussion of 2009-12-10, particularly wrt integration with XML specs and wrt motivation, due 2010-01-08 recorded in [24]http://www.w3.org/2009/12/10-tagmem-irc] [24] http://www.w3.org/2009/12/10-tagmem-irc <trackbot> Created ACTION-357 - Elaborate the DPD proposal to address comments from #xmlnames and tag f2f discussion of 2009-12-10, particularly wrt integration with XML specs and wrt motivation, due 2010-01-08 [on Henry S. Thompson - due 2009-12-17]. action-337? <trackbot> ACTION-337 -- Larry Masinter to frame the F2F agenda and preparation on metadata formats/representations -- due 2009-12-08 -- OPEN <trackbot> [25]http://www.w3.org/2001/tag/group/track/actions/337 [25] http://www.w3.org/2001/tag/group/track/actions/337 <ht> trackbot, action-337 due 2010-01-08 <trackbot> ACTION-337 frame the F2F agenda and preparation on metadata formats/representations due date now 2010-01-08 (group on break) reconvene HTML 5 review: HTML WG status update Philippe joins <plh> [26]http://dev.w3.org/html5/status/issue-status.html [26] http://dev.w3.org/html5/status/issue-status.html plh: not coverage between issues and change proposals noah: would help to add issue names to table ... failure mode is that people don't notice plh: issue 7 was closed. chairs are willing to reopen if there is no new information <DanC_> HTML WG issue 7 was video codecs <DanC_> (referring to issues by number only is an anti-pattern) HTML 5 review: issue-54: review of Microsoft's namespaces in HTML 5 proposal action-327? <trackbot> ACTION-327 -- Henry S. Thompson to review Microsoft's namespaces in HTML 5 proposal -- due 2009-11-19 -- PENDINGREVIEW <trackbot> [27]http://www.w3.org/2001/tag/group/track/actions/327 [27] http://www.w3.org/2001/tag/group/track/actions/327 looking at Microsoft namespace proposal <noahm> We note that HTML issue 41 appears to be open <DanC_> HTML WG issue 41 is open, with no dead-man-switch yet issued <noahm> [28]Microsoft's Namespaces Proposal (TAG ACTION-327) Henry S. Thompson 19 Nov 2009 [28] http://lists.w3.org/Archives/Public/www-tag/2009Nov/0039.html HT: Microsoft's proposal imports a subset of XML namespace syntax into the HTML serialization. Core proposal is a duel of what we talked about earlier: allow xmlns:foo, and within that scope foo:xxx uses the namespace timbl: identical to xmlns, with regard to prefixed names ht: then it goes on to suggest a number of possible extensions <DanC_> (I wonder if everybody here is aware of the way HTML interacts with XPath in the case of unprefixed element names... maybe I'll q+) ht: the addition of default namespace declarations ... I'm just telling you what it says ... then there is an additional proposal, to treat unbound prefixes as if they were identity-declared ... namespace spec says you "shouldn't" use relative URIs (discussion of whether xmlns:udp="udp" is an error, a relative URL) timbl: local namespace declarations are useful in (context missed) ht: interesting idea, don't think it is going to fly timbl: maybe want #udp, not udp (speculation about what is deployed inside microsoft) ht: "3. to define short namespace names for commonly-used namespaces ..." (timbl bangs head on wall) plh: discussion on HTML was that this proposal would break (something), and Microsoft needs to revise ht: I think it is sound but doesn't address the two issues that other WG members had raised, (a) syntactic complexity and (b) API complexity noah: do we have a sense of where this is going? (speculation about what might happen in the HTML working group) <Zakim> ht, you wanted to reply to DanC <noahm> ac2 next danc: thanks for gathering all he facts. I think this is as good as it gets, though, disagree with conclusion. Henry's isn't simpler and Microsoft's is more like current namespaces. timbl: use this for svg? ht: orthogonal point -- stipulating that one of these proposals is adopted, opens the possibility but not necessity of revisiting the current embedding of SVG and MathML timbl: and the <a> tag, that's done by context? ht: yes timbl: should the TAG endorse the microsoft proposal? <DanC_> +1 TAG endorsedd jar: (put on the spot) noah: would like to see something happen, but insofar as doing this by saying TAG isn't happy with Henry or Liam's proposal, not ready to do that <Zakim> noahm, you wanted to discuss tim's proposal jar: here's how to convince me -- hard for me to keep this in my head... how about requirements? timbl: I need the Microsoft one anyway for the long tail ht: that's just not true. There's a place in HT for ideosyncratic use (danc at board making matrix of requirements vs proposals) noah: (floating idea for TAG position about endorsing MS vs. others) columns: DPD (ht), mangled xmlns (MS), Unobtrusive Namespaces (Liam's) rows: long tail, static scoping, ie, webkit, opera, mozilla static scoping means: changing some other document doesn't change what foo:bar would mean discussion of what the rows IE, Webkit, Opera, Mozilla mean jar: wondering if there's a null hypothesis? Maybe there's a 'status quo' column? adding 4th column, "Standing WG" adding rows for SVG, MathML, RDFa authoring communities adding examples of "Long Tail", FBML, SL = Second Life vs. SilverLight ht: PLH, what do you think about this? timbl: Were a browser manufacturer to change their attitude and implement application/xhtml+xml, would that make a difference? noah: expected question to be 'does then the TAG care about this', and I think they do, because e.g., service provider doesn't allow people to set MIME type ... even if 1st class support for application/xhtml+xml ht: as long as the columns are full of "maybe this or maybe that", it isn't helpful to push people to make their minds up (chart only partly filled out... longtail check, check, check, x scribe: x check x check IE has only ? under MS proposal Photo of the white board [29]whiteboard photo [29] http://www.w3.org/2001/tag/2009/12/Whiteboard.jpg danc: queue slot was to solicit people to write a blog entry jar: there's enough in the chart to take us from Tim's original proposal that we endorse the MS proposal, but I think this takes us a step further. We could say "we like the MS proposal insofar as it does X, Y and Z" noah: (will drain queue, and see where we are) <Zakim> timbl_, you wanted to point out that reusing exstig xmlns syntax has great advantages <DanC_> yeah, timbl, I meant to make a row for that; neglected to timbl: Reusing existing syntax, not inventing new stuff. Inventing new stuff is a hurdle. If it's a good thing to do. Just being able to say: for a given MIME type, have a default namespace. danc: that's the state of the art timbl: XML tools don't have an easy way of taking that into account ... This would be a relief in other cases <DanC_> (ah yes, tim; in particular, authors have to put the xmlns="...xhtml" for XML tool interop.) ht: i've just added 3 new rows to the table: reuses existing syntax. X for all but MS ... ... simplifies the syntax and simplifies the DOM timbl: I asked "Is the DOM the same?" and you said "Yes" ht: the HTML community *wants* the DOM to be simplified ... currently standing HTML tick on "Simplifies the DOM" is x for everything except for standing HTML5 ... 'simplify the syntax' is all check except for MS <DanC_> (still no takers on blogging this table? sigh. oh well.) <DanC_> action-357: try to include the requirements table <trackbot> ACTION-357 Elaborate the DPD proposal to address comments from #xmlnames and tag f2f discussion of 2009-12-10, particularly wrt integration with XML specs and wrt motivation, due 2010-01-08 notes added HTML 5 review: Authoring guide/language spec <plh> [30]HTML 5: The Markup Language [30] http://dev.w3.org/html5/markup/ <ht> There are 3 docs: Hixie's, Mike Smith's and Lachlan Hunt's (looking for normative language reference spec) <ht> [31]http://dev.w3.org/html5/html-author/ [31] http://dev.w3.org/html5/html-author/ [32]http://dev.w3.org/html5/markup/ has a different date [32] http://dev.w3.org/html5/markup/ <DanC_> (editor of html-author is lachlan, I think; he's carrying 0 actions. [33]http://www.w3.org/html/wg/tracker/users/40364 ) [33] http://www.w3.org/html/wg/tracker/users/40364 plh: the group doesn't want to have a document that is normative, since this would create a high risk of conflicts between the documents ht: I think we lost the argument to split the spec into a language spec. and a behaviour spec. noah: point of clarification? Is this document going to progress plh: for the moment, it doesn't officially exist [i.e. hasn't been published as a WD] ... if the working group decided to do that, it would likely be normative <DanC> [34]CfC: Close ISSUE-59 normative-language-reference (ends 2009-12-17) Maciej Stachowiak 08 Dec 2009 [34] http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.html noah: would like he TAG to assess this. I skimmed this: far better than my worst fears, considerably worse than what I would hope for <Zakim> noahm, you wanted to talk about hixie's spec <ht> what is URI for "authoring view" of Hixie's draft? <noahm> [35]email from Ian Hickson [35] http://lists.w3.org/Archives/Public/public-html-comments/2009Jun/0016.html <noahm> I have now made the three versions available: <noahm> [36]http://www.whatwg.org/specs/web-apps/current-work/multipage/?sty le=complete [36] http://www.whatwg.org/specs/web-apps/current-work/multipage/?style=complete <noahm> [37]http://www.whatwg.org/specs/web-apps/current-work/multipage/?sty le=author [37] http://www.whatwg.org/specs/web-apps/current-work/multipage/?style=author <noahm> [38]http://www.whatwg.org/specs/web-apps/current-work/multipage/?sty le=highlight [38] http://www.whatwg.org/specs/web-apps/current-work/multipage/?style=highlight ht: this doesn't come close to what I want ... there is no grammar. I want a grammar. noah: I don't elevate the lack of a grammar to... (absolutely necessary) <Zakim> masinter, you wanted to talk about DOM API call being documented by normative algorithms <noahm> FWIW, my criterion for success is not "does it use formal grammars", though I think they <noahm> they're >very< valuable. My criterion is: does it crisply and reasonably unambiguously set out: which texts are legal html5, and as declaratively as possible, set out the "meaning" of every possible document (e.g. the occurrance of a <table> element signals that your document has in it a table), etc. <DanC_> (lightbulb... ACL2 was hard for me to get used to as a formal system because it expects you to write things as programs... just like "normative algortithms". Perhaps transcribing these algorithms to ACL2 would be a way to think about them formally) LMM reminds us of the point he's made before, that there are things stated algorithmically (e.g. interpretation of image width/height) that should be done more declaratively. <masinter_> the point was: what are the invariants that a reasonable programmer or generator of programs can assume? Many of these are embedded deeply within algorithms presented for implementors, that cannot be inferred or extracted by any textual processing, because it's not written down anywhere. <Zakim> DanC_, you wanted to note two targets: (a) more traditional language spec (b) guide for authors. We seem to have missed HT's interest in (b). html-author is dated March 2009 and <jar> (danc, ACL2 is for proofs. Larry says he's missing the theorems.) <DanC_> (ACL2 does plenty of stuff with theorems; I don't understand your point) ht: I was interested in the document, because I thought it was actively being worked on. But to be clear, i'm not interested in an authoring spec, I'm interested in a language spec. <noahm> I am interested in the style=author one as a best approximation to a language spec, because it's the only one we're likely to get that's normative. <noahm> I do regret that it's advertised as an authoring spec, because I agree that a language spec is the higher priority. <noahm> Still, it may do the job, and my question is: does it, and if not, would some tuning get it there. <DanC_> (I think mutliple normative specs is _good_ for QA, but when I gave that opinion in the HTML WG, it was clear hardly anybody else in the WG agrees.) <DanC_> (e.g. having the OWL language spec and the test suite both normative; if they conflict, there's a bug, and I'm not prepared to say, in advance, where the bug is.) <Zakim> jar, you wanted to say the issue is how to evaluate the spec (speaks to openness of web). having 2nd spec that tracks is one way, modularizing the spec is a 2nd way, having a jar: this may be obvious: there's some objective to be able to approach the spec. This thing is just too big for that. There are multiple for making this tractable. ... you want to know what the spec does what it's supposed to do, and having it be so big is a problem. My message is to keep your eye on the ball. <Zakim> ht, you wanted to explain why I find [39]http://www.whatwg.org/specs/web-apps/current-work/multipage/?sty le=author unhelpful [39] http://www.whatwg.org/specs/web-apps/current-work/multipage/?style=author ht: i would like to use the last part to ask PLH his view. <Zakim> noahm, you wanted to say why I find [40]http://www.whatwg.org/specs/web-apps/current-work/multipage/?sty le=author helpful [40] http://www.whatwg.org/specs/web-apps/current-work/multipage/?style=author noahm: I do find it helpful, but the question is whether it is (or will be) good enough. I think it would be worthwhile for us to take what was offered and read it with some care... if the answers are in some ways promising, that would be good. <Zakim> masinter, you wanted to talk about getting away from the need for always-on updates to HTML <noahm> Some was lost in scribing what I said above, so let me clarify: <noahm> I think the style=author draft, which I've skimmed but not read in full detail, is valuable in several ways, but especially because it is being offered as normative, and well synced with the other variants of the spec. <noahm> I therefore (as a WG member, and perhaps also as chair) would find it a good thing for other TAG members to take a careful look. I expect you'll find that it's a very significant compromise in terms of how declarative it is, how terse, but perhaps on balance a good enough base for meeting the need for a language specification. LMM reiterates applicability statement idea raised earlier. 2 docs, one with undated references, another (the a.s.) with dated references "the way things are in 2010" LMM: the goal is to avoid the need to publish new specs too frequently danc: authoring spec engaged me to some degree, but didn't find it compelling to spend more time on it noah: is there something you could say? <jar> does it matter whether it engages anyone? the OWL WG basically said no, the non-normative docs can be engaging <noahm> DC: Well, hello world is in section 8. Oops, nope, I guess I fixed that. danc: the 'hello world' example *was* in section 8. Previously, it was hard to tell whether there was something that was a constraint on documents vs. a constraint on implementation ... that seems to have gotten better. <Zakim> DanC_, you wanted to respond re reading the author view <ht> Beware that if you follow TOC links from [41]http://www.whatwg.org/specs/web-apps/current-work/multipage/?sty le=author you _lose_ the parameter, and have to re-enter it by hand [41] http://www.whatwg.org/specs/web-apps/current-work/multipage/?style=author jk: who are we helping with respect to getting a grammar? Who cares? ... Hixie has done something toward satisfying a goal, we don't know if it is close to satisfying our goal ... maybe this is our chance of getting a spec that's normative <noahm> I heard Dan say "I'm not convinced the style=author draft will meet the needs of the design community (though some of the shortcomings may be inherent in the complexity of HTML 5). FWIW I (Noah) find that to be just the sort of feedback I hope to give. <Zakim> johnk, you wanted to ask who are we trying to help here? <DanC_> I'm not prepared to give feedback on behalf of the design community, Noah; look at my web pages; they're design jokes, at best. I've encouraged the design community to comment for themselves, and had mixed success. jar: I think it is a threat, if you have standards that are hard to understand, that's a threat to openness <ht> HST absolutely agrees with PLH -- W3C writes specs for implementors <ht> .. but implementors need language specs, not algorithms plh: with the working group, who are we writing the spec for? For the implementors? The users can buy books. The implementors disagree. danc: there are lots of examples for users in the spec, though, not just for implementors. plh: given the resources, though, most of them spend their time <noahm> I strongly disagree. Books are very helpful, but not normative. There are architectural, and thus practical, benefits to having a rigorous, precise specification for a language, a spec that's not unnecessarily tangled with specs for other things. <DanC_> (I think it's a _huge_ mistake to say "the book writers will satisfy the users". It's incredibly important to validate the design by trying to explain it to users. If you can't explain it, you should think again about the design. I think quite a few of the HTML WG members agree with this view.) plh: there's a RELAXNG schema ht: it has no authority plh: The WG might adopt it as a WD hst: That would be great LMM: I want to support implementors of things other than browsers. Transformers, editors, etc. <ht> masinter +1 LMM: HTML for ATOM, HTML for email plh: the chairs would like to move HTML5 to last call soon. pick your battles. Look at the long list of issues the WG already has, are there any that don't have a change proposal, consider making a proposal for those. noahm: would like to get someone on TAG to review the table (and maybe things that have fallen off the table), would like to use that to help prioritize danc: I already did this before and did it again last night ... there is one I suggest we increase in priority: 'resource' vs 'representation' <DanC_> ACTION Noah schedule discussion of 'usage of 'resource' vs 'representation' in HTML 5, CSS, HTML 4, SVG, ...' [note follow-up discussion in www-archive] <trackbot> Created ACTION-358 - Schedule discussion of 'usage of 'resource' vs 'representation' in HTML 5, CSS, HTML 4, SVG, ...' [note follow-up discussion in www-archive] [on Noah Mendelsohn - due 2009-12-17]. (review of HTML open issues was only against 'things to be closed soon') <ht> DanC, I agree that user needs must be addressed by the _designs_ which WGs produce, but that that is _not_ the leading priority for the specs which communicate those designs noah: we did have this discussion of authoring. Would be helpful to... (?) ... proposal: (review of Maciej message of 08 Dec 2009 15:55:20) We do not have a uniform opinion of how much this meets needs, but we think this is ... positive. <DanC_> PROPOSED: to endorse the proposed disposition of HTML WG issue-59 in [42]http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.htm l , i.e. the class=author view and the informative reference guide [42] http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.html ht: message proposes closes this issue. We should say: don't do this, we're not happy. <DanC_> I gather ht doesn't find my proposal appealing ht: wants the TAG to ask for a language spec lm: I want the HTML working group to agree that they will review the resulting document and come to consensus about its adequacy, not just to do so as a political move to meet someone else's pro-forma requirement ht: Maciej's message proposes to adopt it as a non-normative WG product (discussion of whether the doc supports RelaxNG grammar) <DanC_> PROPOSED: to endorse the proposed disposition of HTML WG issue-59 in [43]http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.htm l , i.e. the class=author view and the informative reference guide, provided the relaxng is appended to the informative reference guide [43] http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.html <ht> PROPOSED: to endorse the proposed disposition of HTML WG issue-59 in [44]http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.htm l , i.e. the class=author view and the informative reference guide, provided the relaxng is appended to the informative reference guide, which will be published as a Working Draft and taken forward [44] http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.html noahm: and maintained as the HTML language evolves? (wordsmithing of response) <ht> PROPOSED: to endorse the proposed disposition of HTML WG issue-59 in [45]http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.htm l , i.e. the class=author view and the informative reference guide, provided the relaxng is appended to the informative reference guide, which will be published as a Working Draft and maintained [45] http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.html <ht> PROPOSED: to endorse the proposed disposition of HTML WG issue-59 in [46]http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.htm l , i.e. the class=author view and the informative reference guide, provided the relaxng is appended to the informative reference guide, which will be published as a Working Draft and taken to Last Call [46] http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.html <plh> I suggest s/to Last Call/through Last Call/ so RESOLVED <ht> s/taken to last call/taken through Last Call/ RESOLUTION: endorse the proposed disposition of HTML WG issue-59 in [47]http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.htm l , i.e. the class=author view and the informative reference guide, provided the relaxng is appended to the informative reference guide, which will be published as a Working Draft and taken to Last Call [47] http://lists.w3.org/Archives/Public/public-html/2009Dec/0249.html <scribe> ACTION: Noah to communicate TAG resolution to HTML WG recorded in [48]http://www.w3.org/2009/12/10-tagmem-irc] [48] http://www.w3.org/2009/12/10-tagmem-irc <trackbot> Created ACTION-359 - Communicate TAG resolution to HTML WG [on Noah Mendelsohn - due 2009-12-17]. <DanC_> close ACTION-292 <trackbot> ACTION-292 Alert group to review HTML Authoring Drafts [trivial] [self-assigned] closed <noahm> ADJOURNED FOR LUNCH UNTIL 13:30 <DanC_> scribe: DC <DanC_> scribenick: DanC_ Admin: scribe duties, agenda review close action-330 <trackbot> ACTION-330 Prepare Dec f2f agenda in collaboration with Noah etc. closed <scribe> ACTION: John to clean up TAG ftf minutes 8 Dec [recorded in [49]http://www.w3.org/2009/12/10-tagmem-irc] [49] http://www.w3.org/2009/12/10-tagmem-irc <trackbot> Created ACTION-360 - Clean up TAG ftf minutes 8 Dec [on John Kemp - due 2009-12-17]. <scribe> ACTION: Henry to clean up TAG ftf minutes 9 Dec [recorded in [50]http://www.w3.org/2009/12/10-tagmem-irc] [50] http://www.w3.org/2009/12/10-tagmem-irc <trackbot> Created ACTION-361 - Clean up TAG ftf minutes 9 Dec [on Henry S. Thompson - due 2009-12-17]. <noah> Raman, we are starting, and we are dialed in <scribe> ACTION: Dan to clean up TAG ftf minutes 10 Dec, and either wrap up the 3 days or get Noah to do it [recorded in [51]http://www.w3.org/2009/12/10-tagmem-irc] [51] http://www.w3.org/2009/12/10-tagmem-irc <trackbot> Created ACTION-362 - Clean up TAG ftf minutes 10 Dec, and either wrap up the 3 days or get Noah to do it [on Dan Connolly - due 2009-12-17]. NM reviews agenda... <ht> John, <link id="xf" rel="prefix" is already allowed ! <raman> something is different in the room, audio is awful, lots of echo echo? bummer. HT: I do have something re references... though I'm OK if that goes to a telcon NM: accepts the agenda request; commits Revision: 1.31 raman? audio better? <noah> Raman, I have moved the mic, and will dial again if necessary. Was good this morning. Can't hear you at all. Metadata Architecture: ISSUE-62 (UniformAccessToMetadata-62): Uniform Access to Metadata ACTION-281? <trackbot> ACTION-281 -- Ashok Malhotra to keep an eye on progress of link header draft, report to TAG, warn us of problems (ISSUE-62) -- due 2009-11-13 -- PENDINGREVIEW <trackbot> [52]http://www.w3.org/2001/tag/group/track/actions/281 [52] http://www.w3.org/2001/tag/group/track/actions/281 AM: we're tracking 4 drafts... linking, well-known, host-meta, XRDD... I think one got updated since I sent mail... <noah> Raman, please ping us in IRC when we have your attention again. Thank you. AM: I saw comments from Tim and Dan... the authors have seen those DC: I had a concern about the registration and Mark Nottingham fixed it. AM: these are 3 mechanisms for attaching metadata ... are these enough? do we need more? ... and JAR said something about an iTunes-like mechanism... JAR: well... maybe the issue name should be changed... it suggests there will be a limited number of ways to access metadata... ... these 3 mechanisms are about 1st-party metadata. in the [academic] metadata world, that's the least valuable, but in other cases, it's useful, especially if it's all you've got ... so something like "uniform access to 1st party metadata"; this isn't metadata in general NM: this is metadata that the 1st party helps you find JAR: that link itself is metadata LMM: if you include the pre-production and production workflow, [oops; I lost the train of thought]... photo metadata... ... the camera is the 1st party... ... the person who takes the photo and edits it is the 2nd party... and the next person in the workflow is 3rd, copyright guy is 4th party... or there's a lot of 3rd parties jar: I agree... I may need to adjust my terminology DanC: from the perspective of the link-header draft, all those are, in aggregate, the 1st party LMM: no, if you look in the photo, you can see the audit trail DanC: ah. LMM: and it goes on from there... flickr taggers, commenters, etc. JK: doesn't that means that the metadata inside the data? (I think the way I scribed JK makes the referent of "that" misleading.) LMM: it helps in the production workflow... ... but flickr tags and comments, probably not <Zakim> masinter, you wanted to talk about goals TBL: in the adobe tools, can you set the trail of custody? [something like that] LMM: in varying degrees, yes TBL: when adobe tools get content from the web, can they recover the trail? LMM: I don't know TBL: the metadat trust is [scribe falls behind] [discussion between TBL and LMM exceeds scribe bandwidth] LMM: in the Seybold community, I learned the industry uses a variety of mechanisms to send images around... often not compressed... <jar> I want to know what problem we're working on now. TBL: I'm interested in "this is/was [53]http://...." . [53] http://.../ LMM: the workflow uses guiids rather than locations; these things move around too much <masinter> the locations weren't normative <masinter> I guess the point is that first-party metadata is often embedded, and that the Link header is better thought of as "third-party metadata" where the third-party is the publishing web site danc: Host-meta, powder, EARL - I would only want to write that software once (see mail Dan sent to www-tag) ... and I have a concern about not using .well-known unless it's merited in ways that Roy emphasized JAR: [who]'s concerns increases my desire to change the name of the issue... "server provided metadata"? <DanC> (I'm happy for the issue shepherd to change the issue name whenever they see fit; I trust them to consult the TAG as appropriate) <timbl_> Maybe we should be charging $10M for an entry in "well-known" to express the cost to the community of each one, clients having to check different places. <masinter> was talking about entire workflow from camera which takes photo and adds GPS data through editing the photo by cropping and color correcting to putting it into a web page and publishing the page, to commenting on the image in Flickr. Whether metadata is associated with the photo by embedding, linking, or some kind of third-party metadata site may depend. <masinter> issue-62? <trackbot> ISSUE-62 -- Uniform Access to Metadata -- OPEN <trackbot> [54]http://www.w3.org/2001/tag/group/track/issues/62 [54] http://www.w3.org/2001/tag/group/track/issues/62 <noah> Note that we just changed the name of the issue: issue-62? <trackbot> ISSUE-62 -- Uniform Access to Server-provided Metadata -- OPEN <trackbot> [55]http://www.w3.org/2001/tag/group/track/issues/62 [55] http://www.w3.org/2001/tag/group/track/issues/62 AM: do we need another issue for the rest? JAR: we have the broader issue; issue-63 <masinter> issue-63? <trackbot> ISSUE-63 -- Metadata Architecture for the Web -- OPEN <trackbot> [56]http://www.w3.org/2001/tag/group/track/issues/63 [56] http://www.w3.org/2001/tag/group/track/issues/63 <Zakim> jar, you wanted to suggest "server provided links" or "server provided metadata" <jar> These RFCs are going to be final soon. Very narrow window to have influence. AM: again, do we need more mechanism? or fewer? DanC: I'd like to see fewer JAR: these specs are nearing deployment <Zakim> noah, you wanted to ask questions from chair DanC: do you have any critical concerns? are you happy with the specs, JAR? JAR: yes, I'm happy <Zakim> masinter, you wanted to note that there are lots of other requirements and to diminish the importance of IETF proposed standards LMM: are the applicability of these draft narrow enough that other cases are ruled out? [?] ... I don't think publication of these as Proposed Standard will get in the way if something else is more appropriate JAR: well, it'll compete ... well, doesn't compete with mechanisms for other sources of metadata <jar> it will compete in the very narrow in which it applies. won't compete with ways of getting metadata *from other sources* LMM: my remaining concern is: when more than one of these mechanisms provides info, what about priority? JAR: thie "Web Linking" explicitly says "this is not authoritative; apps have to come up with their own trust model" LMM: it's not a matter of trust, it's a matter of intent. e.g. if I write copyright in both the Link header and in the content and they're different, which do I mean? both? TBL: that's a bug ... i.e. the web site is buggy [not the link header spec] <jar> there's no such thing as overriding a copyright statement (legally)... LMM: I don't like the "then it's a bug and we don't say which"; I prefer priorities TBL: priorities allow people to write incorrect things that get obscured due to priorieites; then they get surfaced when the document moves <Zakim> DanC_, you wanted to ask about use cases that are market drivers <timbl_> A language should ays "if you write this, then it means *this*". <jar> the resource and the server are distinct principals with different interests. metadata is statements of fact. thus disagreements are inherent and unresolvable outside of a trust model <timbl_> Not "it means this unless it is overridden...". <masinter> points to [57]http://www.metadataworkinggroup.org/pdf/mwg_guidance.pdf for dealing with conflicting embedded metadata [57] http://www.metadataworkinggroup.org/pdf/mwg_guidance.pdf DC: The specs may well come out, but it would be interesting to remind ourselves what the market drivers are for the specs we're discussing here. ... Anyone know what the drivers are, e.g., for host meta? AM: It says it's for where the host controls. DC: But who's going to make money? Falling behind scribing johnk.... JK: I think the market-driving use case is URI templates ... advertising. ... e.g. "if you want to look up a person whose profile is on my site, here's the URI template to plug the username into". and having lots of users leads to advertising revenue. ... e.g. google, yahoo, etc. <Zakim> timbl_, you wanted to say, well it would be better if they were all RDF of course. Are we goingto do nothing about that? <masinter> from [58]http://www.metadataworkinggroup.org/specs/ [58] http://www.metadataworkinggroup.org/specs/ TBL: this XRD format seems to overlap significantly with RDF... how much RDF is there out there? ... a lot. ... and we're pushing linked data... ... linking host meta into the linked data world seems helpful <noah> The XRD thing is already deployed, right? JAR: use GRDDL? TBL: but I can't use an RDF serializer to write XRD JAR: XRD is very simple TBL: I can't write arbitrary RDF into XRD JAR: aside from bnodes and literals, you can; i.e. arbitrary uri triples JK: ... web finger ... (If I were going to push on something, I'd push RDFa rather than RDF/XML) <Zakim> johnk, you wanted to note that Link header was originally specifically about representations that could not contain <link> elements JK: using <link> for formats that can't express links is like [something larry was talking about] <Zakim> masinter, you wanted to talk to the MWG document dealing with conflicting metadata <masinter> points to [59]http://www.metadataworkinggroup.org/pdf/mwg_guidance.pdf for dealing with conflicting embedded metadata [59] http://www.metadataworkinggroup.org/pdf/mwg_guidance.pdf NM: This reinforces Tim's point. If the use case in mind is where there's no possible duplication, then duplication with conflict should be an error, not resolved with priority. LMM: even when the metadata is embedded, you can have multiple kinds of metadata... this points to the practical issue of... ... what if you have EXIF, [something else], and conflicts, and how to manage... ... so I think the "conflicting metadata is a bug; we're not telling what to do" doesn't suffice... ... I suggest to say that it's not an error... providing an override mechanism is important <Zakim> jar, you wanted to answer larry regarding priority between sources (i will just say what i already entered in irc) JAR: metadata is typically a statement of fact. [LMM: no]. sometimes the server is right; sometimes the resource is right; each consumer has to decide who to believe <johnk> In response to the question "is XRD deployed" I mentioned WebFinger (see [60]http://hueniverse.com/2009/09/implementing-webfinger/) which I believe may already be deployed [60] http://hueniverse.com/2009/09/implementing-webfinger/) <masinter> I don't want to say "who is right and who is wrong". I just am asking that the Link header be expanded to alow the server to be clear about whether the intent of the server is to override, supplant, or replace embedded metadata. <Zakim> masinter, you wanted to disagree: metadata is always an issue of opinion, not a theory of fact JAR: It's a putative fact AM: when I asked whether this is the right number of mechanism I got sort of a yes from LMM and JAR and a No from Dan... elaborate? <johnk> JK: regarding the Link header, I mentioned that the original use-case (IIRC!) was specifically for cases where an HTTP entity-body could not contain "links" (for example, text/plain) <noah> LM: I'm not looking to settle who's right, I'm looking for priority mechanisms. DanC: I think Host-Meta overlaps with existing mechanisms: POWDER. so we've got more mechanisms than I'd like to see. [don't mean to be emphatic about which of POWDER or Host-Meta shold survive] <noah> Interesting Dan, I thought some of what you wanted was an RDF answer (or maybe I'm channeling Tim through you) <Zakim> DanC_, you wanted to speak to expressiveness of override mechanism <jar> "The server believes this information to be more trustworthy than what the resource says." or "The server that what the resource says is more likely to be right than what it says." DC: The client can have all sorts of policies, but it's less expressive if you don't let the sender express a preference. TBL: architecturally, the HTTP header overrides the content... but in practical cases, people want their content to override the server config too. <timbl_> TBL: architecturall,y, the HTTP Srever is in a position to override anything, as it is on control -- it could munge the ougoing file and chenge the metaa -- . The provdier of hte fil eonly has delegated control. But hen tthere are so many case of broken server implementatuions. where th person writing the file. knows bett ertthan te person who confiugured the apache. JAR: I'd say mnot and Eran would say: it's the responsibility of what's pointed to by Link: to have this override mechanism. NM: we can always come back to this... JAR: no; there's a market window... DC: does anybody know timing of large deployments? JK: I think webfinger is deployed at scale, using [Host-Meta?] HT: uniform access has come back into this... harks back to XRI and [missed]... ... the energy currently is going into how to provide metadata that addresses the uniform access problem... ... the good news is that although there are what might look like 3 competing proposals, actually they play nice together ... and there's a story about how ... that's what I heard. DC: As team contact, I feel that doing nothing isn't good. ... I think we need to connect with the Sem Web coordination group. <Ashok> [61]Webfinger [61] http://code.google.com/p/webfinger/ <noah> DC: What I have in mind is along the lines of going to coord group and say: Hey, this is about to happen without RDF, Linked Data. Problem? . ACTION: Jonathan inform SemWeb CG about market developments around webfinger and metadata access, and investigate relationship to RDFa and linked data <scribe> ACTION: Jonathan inform SemWeb CG about market developments around webfinger and metadata access, and investigate relationship to RDFa and linked data [recorded in [62]http://www.w3.org/2009/12/10-tagmem-irc] [62] http://www.w3.org/2009/12/10-tagmem-irc <trackbot> Created ACTION-363 - Inform SemWeb CG about market developments around webfinger and metadata access, and investigate relationship to RDFa and linked data [on Jonathan Rees - due 2009-12-17]. <timbl_> [63]http://www.w3.org/host-meta [63] http://www.w3.org/host-meta <jar> Last call ended for .well-known and Link: <masinter> the TAG could ask the editor (Mark) to note open issues: use of RDF vs. other metadata representations, and whether Link: overrides, supplants, or defaults embedded metadata. <masinter> the discussion has been useful, even if we don't act further close action-281 <trackbot> ACTION-281 Keep an eye on progress of link header draft, report to TAG, warn us of problems (ISSUE-62) closed <noah> Supposedly now until 3:15, but we're struggling to close action-336 <trackbot> ACTION-336 Prep Metadata Architecture for Dec f2f closed <noah> WE ARE ON BREAK UNTIL 15:20 US EST <masinter> (back from break) (xmlFunctions-34 / ISSUE-34): XML Transformation and composability (e.g., XSLT,XInclude, Encryption) DanC: HT notified us of a default processing model draft in the XProc WG <ht> [64]http://www.w3.org/XML/XProc/docs/defproc.html [64] http://www.w3.org/XML/XProc/docs/defproc.html DanC: any processing model that does Xinclude shouldn't be "_the_ default_" ... ... previously, HT seemed sympathetic <noah> (some metadiscussion on whether editors of this are obligated to listen to input before formal drafts available. Editor warns that lack of sleep will lead to forgetfulness anyway.) DanC: I think the way to make it clear that this is not _the_ default processing model is to include another one... ... the trivial one: just use the bytes you got DC: Earlier, I said "Default Processing Model" isn't the right title. Henry, you seemed sympathetic. Are you still. HT: Um, loses some value. ... Lots of people should point to this. DC: So you do want to be THE model. HT: Yes. ... With XInclude we can get rid of much of the need for DTDs. DC: The getting rid of DTDs part appeals to me. Tim, do you feel that justifies making XInclude the default? <masinter> shouldn't [65]http://tools.ietf.org/html/draft-murata-kohn-lilley-xml make normative reference to this? [65] http://tools.ietf.org/html/draft-murata-kohn-lilley-xml TBL: what does the xml:id bit do? HT: affects the DOM; e.g. GetElementById TBL: does xinclude happen after xml:id? HT: no; the details are in XProc ***** HT wants to remember that this could be clarified TBL: I'm surprised to not see something recursive HT: XInclude is recursive; unlike GRDDL, which doesn't say whether xinclude happens 1st, xinclude does say <Zakim> johnk, you wanted to ask what happens if the document looks like this: <xml version='1.0'?><EncryptedData>...</EncryptedData> JK: what if the data is encripted? HT: well... you lose... we tried to get encryption/signature into the design, but... they require a key... ... and we don't want to come anywhere close to encourage packaging a document with a key <Zakim> masinter, you wanted to ask whether this belongs with the application/xml media type & reregistration of it LMM: how about binding it to the XML media type? HT: not retrospectively LMM: but how about when people make new XML media types, they should be referred to this processing model <masinter> [66]http://tools.ietf.org/html/draft-murata-kohn-lilley-xml [66] http://tools.ietf.org/html/draft-murata-kohn-lilley-xml <noah> NM As I recall, schema looked at this a long time, asking "do you want to validate pre or post inclusion. The answer was a clear "both", that's as a good reason to use the infoset. <ht> [67]http://www.w3.org/2006/02/son-of-3023/latest.html [67] http://www.w3.org/2006/02/son-of-3023/latest.html TBL: what "the customer", me, asked for, is what "corresponds to" the input, in the HTTP sense <Zakim> noah, you wanted to ask whether this is clear on what to do if external resources don't resolve. Can you use this in a non-network environment? <timbl_> In the sense, if you send me an XML document, whot I can hold you to haveing said NM: meanwhile, HT has an action to lay out the design space action-113? <trackbot> ACTION-113 -- Henry S. Thompson to hT to a) revise composition.pdf to take account of suggestions from Tim & Jonathan and feedback from email and b) produce a new version of the Elaborated Infoset finding, possibly incorporating some of the PDF -- due 2010-01-01 -- OPEN <trackbot> [68]http://www.w3.org/2001/tag/group/track/actions/113 [68] http://www.w3.org/2001/tag/group/track/actions/113 <masinter> e.g., the XML Media Types RFC could require, at a minimum, that registration of XML media types MUST clearly identify what processing model they use, and whether they use this one. <DanC> (w.r.t. wrapping up, I'm content to consider action-239 done and come back when we see progress on action-113, provided it comes before LC on this spec) <Zakim> ht, you wanted to answer Tim <timbl_> The meaning of an xinclude include emeplemnt is t its included contents. HT: yes, it's a reasonable exercise to answer "what is the author held to?" ... and the value increases if there's only one answer ... that's why there's no answer in the case you gave [oops; what case was that? I didn't scribe it] ... this only takes one step down a complicated [... more] <Zakim> timbl_, you wanted to explain as patiently as he can that the interesting thing i snot to tell people how they shoul dprocess it. in fact the idea of a processing model is (of <DanC> (I encourage jar, lmm, and noah to q- and wait for telcon time, unless there's nothing else on today's agenda that you care about) TBL: [...missed] which is the decrypted material... ... and in the case of XSLT is the output ... so in fact you have to go to the spec for each element to get what the author is held to <jar> TBL was talking about the recursive / compositional processing model. <jar> I think he's saying this spec isn't ambitious (inferential?) enough HT: LMM, yes, I take on board the concern about the connection between the XML media types spec and this spec ... though I'm concerned about the timelines close action-239 <trackbot> ACTION-239 alert chair when updates to description of xmlFunctions-34 are ready for review (or if none made) closed HTML versioning change proposal <masinter> [69]http://lists.w3.org/Archives/Public/public-html/2009Dec/0055.htm l [69] http://lists.w3.org/Archives/Public/public-html/2009Dec/0055.html LMM: you can see the suggested syntax at the bottom DC: hmm... DOCTYPE... despite my advice? LMM: I looked and couldn't find any downside DC: quirks mode? LMM: no, quirks mode is triggered only in the case of known DTD strings ... a goal is to make a change that needs no changes from browsers NM: what's the motivation/goal for the change? LMM: cf the change proposal, incl "The html version string is allowed primarily because it may be useful for content management systems and other development workflows as a kind of metadata to indicate which specification was being consulted when the HTML content was being prepared. " HT notes another procedural request from maciej HT: this looks good to me. ... yes, we should look into the XML requirement for a system identifier ... ah... yes... there are no XML syntaxes with only public id (train of thought started with something NM said, which I forgot) DC: that's why I advise a version attribute <johnk> Jonathan how about: [70]http://tools.ietf.org/html/draft-holsten-about-uri-scheme-02 [70] http://tools.ietf.org/html/draft-holsten-about-uri-scheme-02 <jar> johnk, that's amazing, thanks LMM: I wanted to follow the existing tradition of using <!DOCTYPE > DC: but it suggests there's a DTD, while there isn't one HT: well, a DTD with all "ANY" content models could be slotted in. LMM: in some ways I don't have a strong opinion on this issue, but ... ... I don't like to see the HTML WG close issues just because noone was willing to take flack for making a proposal <ht> Actually, forget ANY -- if it goes that way, I would expect/recommend that an effectively empty external subset should be provided at the given SYSID, i.e one consisting entirely of a comment LMM: and I think it's important for those who want to express a version id to be able to ... I encourage TAG members to review and contribute directly to public-html some discussion of public-html mailing list logistics and expectations HTML media type and pre-HTML 5 content action-334? <trackbot> ACTION-334 -- Henry S. Thompson to start an email thread regarding the treatment of pre-HTML5 versions in the media type registration text of HTML5 -- due 2009-11-26 -- PENDINGREVIEW <trackbot> [71]http://www.w3.org/2001/tag/group/track/actions/334 [71] http://www.w3.org/2001/tag/group/track/actions/334 <DanC> [72]Backward-compatibility of text/html media type (ACTION-334) Henry S. Thompson 02 Dec 2009 [72] http://lists.w3.org/Archives/Public/www-tag/2009Dec/0013.html HT: so that collects all relevant materials I know of <DanC> what's "suspended animation"? wild... they use tracker:closed <DanC> [73]ISSUE-53 mediatypereg Need to update media type registrations [73] http://www.w3.org/html/wg/tracker/issues/53 "State: CLOSED Product: HTML5 Spec - PR Blockers" HT: so... should we try to get something to happen before Last Call? I thought there was an interaction with the language design, but on close examination, I didn't find one. <masinter> this is a useful as a Rationale for the change proposal <noah> ac2 n6ah <noah> DC: I don't agree with the obvious fix. I think the HTML 5 spec describes HTML 2 better than HTML 2 spec does. <Zakim> masinter, you wanted to ask for volunteer to write a change proposal LMM: I think a change proposal would be good... e.g. there are documents that prompt quirks mode that's implemented, but the current HTML 5 spec rules it out. [roughly] <masinter> suggest MIME registration point to history section inside HTML5 document and/or previous MIME registration . ACTION DanC: ask HTML WG team contacts to make a change proposal re issue-53 mediatypereg informed by HT's analysis and today's discussion <scribe> ACTION: DanC to ask HTML WG team contacts to make a change proposal re issue-53 mediatypereg informed by HT's analysis and today's discussion [recorded in [74]http://www.w3.org/2009/12/10-tagmem-irc] [74] http://www.w3.org/2009/12/10-tagmem-irc <trackbot> Created ACTION-364 - Ask HTML WG team contacts to make a change proposal re issue-53 mediatypereg informed by HT's analysis and today's discussion [on Dan Connolly - due 2009-12-17]. <ht> It occurs to me that a change which said "this registration augments [the existing registration] rather than replacing it LMM: a change proposal might fix some other parts of the media type registration... e.g. change controller close action-334 <trackbot> ACTION-334 Start an email thread regarding the treatment of pre-HTML5 versions in the media type registration text of HTML5 closed Widget URI Scheme <masinter> [75]http://www.w3.org/Search/Mail/Public/advanced_search?keywords=&h dr-1-name=subject&hdr-1-query=widget+uri&hdr-2-name=from&hdr-2-query =masinter&hdr-3-name=message-id&hdr-3-query=&period_month=Dec&period _year=2009&index-grp=Public__FULL&index-type=t&type-index=public-web apps&resultsperpage=20&sortby=date [75] http://www.w3.org/Search/Mail/Public/advanced_search?keywords=&hdr-1-name=subject&hdr-1-query=widget+uri&hdr-2-name=from&hdr-2-query=masinter&hdr-3-name=message-id&hdr-3-query=&period_month=Dec&period_year=2009&index-grp=Public__FULL&index-type=t&type-index=public-webapps&resultsperpage=20&sortby=date LMM: there's a TAG issue about registering URI schemes [really?]; I think we should encourage registering permanent URI schemes rather than provisional ones... but leaving that aside... <johnk> [76]http://www.w3.org/TR/2009/WD-widgets-uri-20090618/ [76] http://www.w3.org/TR/2009/WD-widgets-uri-20090618/ rather [77]http://www.w3.org/TR/2009/WD-widgets-uri-20091008/#authority [77] http://www.w3.org/TR/2009/WD-widgets-uri-20091008/#authority <timbl_> [78]http://www.w3.org/TR/widgets-uri/#authority [78] http://www.w3.org/TR/widgets-uri/#authority LMM: consider "A producer may include an authority component in URIs. If present, the authority component is said to be opaque, meaning that the authority component has a syntax as defined by [RFC3987] but that the authority component is devoid of semantics. " ... this seems not well-defined ... earlier in the design discussion, this was used for cross-widget references , but due to security concerns, I think, they made it opaque JAR: how about using it to distinguish widgets? JK: but these are only used for reference within a widget ... widget URIs are used in a "manifest" contained within a widget package, and then used to point to other files within the widget package <masinter> [79]http://tools.ietf.org/html/rfc4395 [79] http://tools.ietf.org/html/rfc4395 <masinter> guidelines and registration procedures for new uri schemes TBL: this does seem undefined JAR: could be "reserved for future use" <masinter> For schemes that function as locators, it is important that the <masinter> mechanism of resource location be clearly defined. This might mean <masinter> different things depending on the nature of the URI scheme. <masinter> The URI registration process is described in the terminology of [$1\47]. <masinter> The registration process is an optional mailing list review, followed <masinter> by "Expert Review". The registration request should note the desired <masinter> status. The Designated Expert will evaluate the request against the <masinter> criteria of the requested status. In the case of a permanent <masinter> registration request, the Designated Expert may: <masinter> I am not the expert. <masinter> I hope that W3C staff will establish a process where "The template may also be submitted in some other form (as part of another document or as a stand-alone document), but the contents will be treated as an "IETF Contribution" under the guidelines of RFC 3978 [$1\47]." Closing remarks, thanks to the host RESOLUTION: to thank Amy for hosting arrangements. with applause AM: This was a very successful ftf. JK: yeah; good meeting; the action item stuff in the agenda worked; the Zakim tracking not so well. NM: yeah. TBL: yeah... good meeting... JAR's "speaks_for" stuff was a highlight ... the persistent domain stuff... not clearly within the TAG's scope, but if not us, who? JAR: yeah... Creative Commons will sure help... but who else is in a position to connect the IETF with the library community? <Zakim> johnk, you wanted to ask whether the crucial question is whether individual components of a widget will be "on the Web" <jar> who else other than the TAG, that is <jar> and CC <jar> (not a rhetorical question by the way) NM: yeah... good meeting... noteable technical highlights ... and as to how we work as a group, this feels like we're starting to hit stride. <masinter> feedback: i'm very happy that the ratio of technical / non-technical & administrative has been the highest in my experience on the TAG. I think we're making much better progress toward producing things of lasting value, drive toward architecture documents, etc. Want to make sure we also focus on "last mile", i.e., once we've worked an issue, that we do the final work toward publishing it, rather than letting it languish in the "nearly <masinter> done" state. <Zakim> DanC_, you wanted to speak to the persistent domain tactics <timbl_> Strong argument there John the the Web for an agent must not xclude things which are local to it .. much of my most important web i s local to my laptop. So local files are things on my web and so I suppose are chrome: and widget:things .. not a showstopper there. DC: yeah... not clear that persistent domains is a TAG thing, but it's a W3C thing, and if we can catalyze a workshop, that makes sense ... and several of the topics that came up in the meeting kept me thinking into the evening next meeting looks like 17 Dec JAR: [scribe too sleepy...] I'm starting to feel more in sync with the group ADJOURN Postscript: bulk action review Dan and Noah cleaned up some action states action-213? <trackbot> ACTION-213 -- Noah Mendelsohn to prepare 17 Dec weekly teleconference agenda -- due 2009-12-16 -- PENDINGREVIEW <trackbot> [80]http://www.w3.org/2001/tag/group/track/actions/213 [80] http://www.w3.org/2001/tag/group/track/actions/213 close action-277 <trackbot> ACTION-277 Ensure patent policy issue is resolved with Art closed close action-306 <trackbot> ACTION-306 Work with Raman, LM, JK to update Web APplication architecture outline based on discussions at TAG meetings closed action-327 close action-328 <trackbot> ACTION-328 Convey to the EXIWG the resolution "We thank the EXI WG for registering the conetnt encoding and encourage them in their endeavours.". closed Summary of Action Items [NEW] ACTION: Dan to clean up TAG ftf minutes 10 Dec, and either wrap up the 3 days or get Noah to do it [recorded in [81]http://www.w3.org/2009/12/10-tagmem-irc] [NEW] ACTION: DanC to ask HTML WG team contacts to make a change proposal re issue-53 mediatypereg informed by HT's analysis and today's discussion [recorded in [82]http://www.w3.org/2009/12/10-tagmem-irc] [NEW] ACTION: Henry to clean up TAG ftf minutes 9 Dec [recorded in [83]http://www.w3.org/2009/12/10-tagmem-irc] [NEW] ACTION: Henry to elaborate the DPD proposal to address comments from #xmlnames and tag f2f discussion of 2009-12-10, particularly wrt integration with XML specs and wrt motivation, due 2010-01-08 recorded in [84]http://www.w3.org/2009/12/10-tagmem-irc] [NEW] ACTION: John to clean up TAG ftf minutes 8 Dec [recorded in [85]http://www.w3.org/2009/12/10-tagmem-irc] [NEW] ACTION: Jonathan inform SemWeb CG about market developments around webfinger and metadata access, and investigate relationship to RDFa and linked data [recorded in [86]http://www.w3.org/2009/12/10-tagmem-irc] [NEW] ACTION: Noah to communicate TAG resolution to HTML WG recorded in [87]http://www.w3.org/2009/12/10-tagmem-irc] [NEW] ACTION: noah to work to schedule followup meeting on xmlnames next week recorded in [88]http://www.w3.org/2009/12/10-tagmem-irc] [81] http://www.w3.org/2009/12/10-tagmem-irc [82] http://www.w3.org/2009/12/10-tagmem-irc [83] http://www.w3.org/2009/12/10-tagmem-irc [84] http://www.w3.org/2009/12/10-tagmem-irc [85] http://www.w3.org/2009/12/10-tagmem-irc [86] http://www.w3.org/2009/12/10-tagmem-irc [87] http://www.w3.org/2009/12/10-tagmem-irc [88] http://www.w3.org/2009/12/10-tagmem-irc [End of minutes] _________________________________________________________ Minutes formatted by David Booth's [89]scribe.perl version 1.135 ([90]CVS log) $Date: 2010/01/05 17:43:14 $ [89] http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm [90] http://dev.w3.org/cvsweb/2002/scribe/
Received on Tuesday, 5 January 2010 17:56:18 UTC