IRC log of webappsec on 2012-12-18
Timestamps are in UTC.
- 22:00:01 [RRSAgent]
- RRSAgent has joined #webappsec
- 22:00:01 [RRSAgent]
- logging to http://www.w3.org/2012/12/18-webappsec-irc
- 22:00:07 [bhill2]
- rrsagent, set logs public visible
- 22:00:26 [Zakim]
- + +1.408.320.aaaa
- 22:00:33 [bhill2]
- Meeting: WebAppSec WG Teleconference, 18-DEC-2012
- 22:00:41 [Zakim]
- +??P2
- 22:01:06 [gioma1]
- Zakim, ??P2 is gioma1
- 22:01:06 [Zakim]
- +gioma1; got it
- 22:01:11 [Zakim]
- + +1.781.362.aabb
- 22:01:12 [Zakim]
- +[IPcaller]
- 22:01:21 [bhill2]
- zakim, IPcaller is bhill2
- 22:01:21 [Zakim]
- +bhill2; got it
- 22:01:41 [dhuang3]
- zakim, aaaa is dhuang3
- 22:01:41 [Zakim]
- +dhuang3; got it
- 22:01:44 [bhill2]
- Agenda: http://lists.w3.org/Archives/Public/public-webappsec/2012Dec/0027.html
- 22:01:52 [bhill2]
- Chair: bhill2, ekr
- 22:01:58 [bhill2]
- Scribe: David Huang
- 22:02:06 [bhill2]
- Scribenick: dhuang3
- 22:02:39 [bhill2]
- zakim, aaaa is dhuang3
- 22:02:39 [Zakim]
- sorry, bhill2, I do not recognize a party named 'aaaa'
- 22:02:52 [bhill2]
- zakim, who is here?
- 22:02:52 [Zakim]
- On the phone I see abresee, dhuang3, gioma1, +1.781.362.aabb, bhill2
- 22:02:53 [Zakim]
- On IRC I see RRSAgent, Zakim, bhill2, dhuang3, gioma1, odinho, bhill, trackbot, timeless, mkwst_, tobie, caribou, erlend
- 22:03:13 [bhill2]
- zakim, aabb is gopal
- 22:03:13 [Zakim]
- +gopal; got it
- 22:03:16 [Zakim]
- +??P5
- 22:03:22 [abresee]
- abresee has joined #webappsec
- 22:03:42 [bhill2]
- zakim, P5 is erlend
- 22:03:42 [Zakim]
- sorry, bhill2, I do not recognize a party named 'P5'
- 22:03:57 [bhill2]
- zakim, ??P5 is erlent
- 22:03:57 [Zakim]
- +erlent; got it
- 22:04:13 [bhill2]
- s/erlent/erlend
- 22:04:17 [erlend]
- np
- 22:04:21 [bhill2]
- guess we'll have to fix that in the notes later
- 22:04:24 [Zakim]
- +[IPcaller]
- 22:05:18 [bhill2]
- zakim, IPcaller is tgondrom
- 22:05:18 [Zakim]
- +tgondrom; got it
- 22:05:22 [erlend]
- zakim, erlent is erlend
- 22:05:22 [Zakim]
- +erlend; got it
- 22:06:10 [dveditz]
- dveditz has joined #webappsec
- 22:06:10 [Zakim]
- + +1.415.832.aacc
- 22:06:13 [Zakim]
- + +1.650.214.aadd
- 22:06:40 [bhill2]
- http://www.w3.org/2012/12/04-webappsec-minutes.html
- 22:06:45 [bhill2]
- draft minutes from last teleconference
- 22:06:46 [ekr_]
- ekr_ has joined #webappsec
- 22:06:53 [mkwst_]
- zakim, aadd is mkwst
- 22:06:53 [Zakim]
- +mkwst; got it
- 22:06:55 [ekr_]
- Having some phone glitches
- 22:07:04 [bhill2]
- http://lists.w3.org/Archives/Public/public-webappsec/2012Dec/0027.html
- 22:07:07 [Zakim]
- +ekr
- 22:07:20 [bhill2]
- any new items for the agenda?
- 22:07:39 [jeffh]
- jeffh has joined #webappsec
- 22:07:58 [dhuang3]
- no new items for agenda
- 22:08:13 [dhuang3]
- bhill2: congrats to csp 1.1 fpwd
- 22:08:45 [bhill2]
- http://www.w3.org/2011/webappsec/track/actions/open
- 22:08:57 [ekr_]
- brad, I can edit the tracker if you want to talk
- 22:09:16 [dhuang3]
- bhill2: closing action 70
- 22:09:28 [Zakim]
- +??P10
- 22:09:52 [ekr_]
- zakim, who is making noise
- 22:09:52 [Zakim]
- I don't understand 'who is making noise', ekr_
- 22:09:57 [ekr_]
- zakim, who is talking?
- 22:09:57 [dhuang3]
- heavy echo, can't hear
- 22:10:08 [Zakim]
- ekr_, listening for 10 seconds I heard sound from the following: bhill2 (12%)
- 22:10:14 [ekr_]
- that's awesome
- 22:11:23 [Zakim]
- +[IPcaller]
- 22:11:55 [dveditz]
- Zakim, IPcaller is dveditz
- 22:11:55 [Zakim]
- +dveditz; got it
- 22:12:02 [dveditz]
- Zakim, who is here?
- 22:12:02 [Zakim]
- On the phone I see abresee, dhuang3, gioma1, gopal, bhill2, erlend, tgondrom, +1.415.832.aacc, mkwst, ekr, ??P10, dveditz
- 22:12:04 [Zakim]
- On IRC I see jeffh, ekr_, dveditz, abresee, RRSAgent, Zakim, bhill2, dhuang3, gioma1, odinho, bhill, trackbot, timeless, mkwst_, tobie, caribou, erlend
- 22:12:30 [dhuang3]
- bhill2: action 87 remain open, new mail on list today
- 22:12:55 [dhuang3]
- bhill2: closing action 90, dross intends to participate
- 22:14:45 [dhuang3]
- bhill2: action 92 still open, no changes yet
- 22:15:40 [Zakim]
- -gopal
- 22:16:04 [dhuang3]
- bhill2: action 93, removed by mike
- 22:16:54 [dhuang3]
- bhill2: action 99 closed
- 22:16:59 [puhley]
- puhley has joined #webappsec
- 22:17:45 [dhuang3]
- bhill2: action 100, 87 closed
- 22:18:45 [dhuang3]
- bhill2: action 103 closed, has responded
- 22:19:43 [dhuang3]
- bhill2: update on cors to cr, next publication date is jan 2
- 22:20:21 [dhuang3]
- bhill2: addressed some small bugs
- 22:21:39 [dhuang3]
- bhill2: have some requests on CSP reporting
- 22:21:50 [dhuang3]
- bhill2: any opinions?
- 22:22:50 [dhuang3]
- tobias: wonder if the level of detail in reports would be concerning?
- 22:24:05 [dhuang3]
- mike: line numbers of JS may avoid leaking sensitive information, don't see major security impact
- 22:24:07 [dveditz]
- question: which list do we use, public-web-security seems to be "official", but the WG page on w3.org still points at public-webappsec?
- 22:24:30 [dveditz]
- both seem active
- 22:25:06 [dhuang3]
- bhill2: may address some of that by avoiding interference of extensions and csp
- 22:25:41 [dhuang3]
- bhill2: and also intermediate devices
- 22:27:02 [dhuang3]
- tobias: is there any overflow risk? probably not
- 22:27:22 [jeffh]
- dveditz: public-webappsec@w3.org is the WG list
- 22:27:35 [dhuang3]
- bhill2: gioma responded on list about UI safety/security/integrity
- 22:29:01 [dveditz]
- jeffh: oh, I reversed it? OK, the names make more sense then
- 22:29:07 [dhuang3]
- bhill2: security/safety... integrity of information or integrity of person, any objections or preference to changing name?
- 22:29:57 [dhuang3]
- bhill2: slighty favor UI security over UI integrity
- 22:30:14 [jeffh]
- sounds fine
- 22:30:43 [bhill2]
- ACTION to bhill2 change short name from UI Safety to UI Security on next WD publication
- 22:30:43 [trackbot]
- Sorry, couldn't find to. You can review and register nicknames at <http://www.w3.org/2011/webappsec/track/users>.
- 22:30:48 [dhuang3]
- bhill2: no objections changing to UI security
- 22:31:03 [bhill2]
- ACTION bhill2 to change short name from UI Safety to UI Security on next WD publication
- 22:31:03 [trackbot]
- Created ACTION-105 - Change short name from UI Safety to UI Security on next WD publication [on Brad Hill - due 2012-12-25].
- 22:31:53 [bhill2]
- http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2012-November/038213.html
- 22:32:36 [dhuang3]
- bhill2: should wait for abarth to discuss this
- 22:33:36 [jeffh]
- dveditz: public-web-security@ is the list for <http://www.w3.org/Security/wiki/IG> but was the precursor list for the WebAppSec WG
- 22:33:46 [dhuang3]
- bhill2: next call will be skipped
- 22:33:48 [Zakim]
- -ekr
- 22:33:52 [Zakim]
- -dveditz
- 22:33:53 [Zakim]
- -erlend
- 22:33:55 [Zakim]
- - +1.415.832.aacc
- 22:33:55 [Zakim]
- -tgondrom
- 22:33:57 [Zakim]
- -??P10
- 22:33:57 [Zakim]
- -abresee
- 22:33:58 [Zakim]
- -mkwst
- 22:34:08 [Zakim]
- -bhill2
- 22:34:24 [Zakim]
- -gioma1
- 22:34:26 [Zakim]
- -dhuang3
- 22:34:27 [Zakim]
- SEC_WASWG()5:00PM has ended
- 22:34:27 [Zakim]
- Attendees were abresee, +1.408.320.aaaa, gioma1, +1.781.362.aabb, bhill2, dhuang3, gopal, tgondrom, erlend, +1.415.832.aacc, +1.650.214.aadd, mkwst, ekr, dveditz
- 22:35:10 [bhill2]
- rrsagent, make minutes
- 22:35:10 [RRSAgent]
- I have made the request to generate http://www.w3.org/2012/12/18-webappsec-minutes.html bhill2
- 22:35:15 [bhill2]
- rrsagent, set logs public visible
- 22:35:21 [bhill2]
- bhill2 has left #webappsec