Minutes of IETF / W3C Liaison meeting

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Minutes of IETF / W3C Liaison meeting

Mark Nottingham-2
# IETF W3C Liaison Meeting - June 2016

 Present: Mark Nottingham, Philippe Le Hegaret, Wendy Seltzer

## webauthn and webcrypto progress

Wendy: Webcrypto is in candidate rec phase and testing phase. Web Authentication is building on token binding and FIDO. Rapid progess. Setting up an IANA registry for authenticator registration.

Mark: we set up a registry for Mike West for CSP extensions. Nice to see W3C creating registries.

Wendy: we're doing the Web API for athenticator through the client for the party.

Mark any cross participation?

Wendy: Yes, Dirk Balfanz comes to mind  (also Tony Nadalin, Jeff Hodges)

## webauthn authenticator extension registry

Wendy: Jeff Hodges took the action to take that started.

Mark: if he needs help, I'm happy to help.

Wendy: also aiming to beat W3C record from charter to REC.

## URL

plh: work at W3C stopped a year ago. Lack of interest from implementers to go and fix their bugs. They were satisfied enough with what they had.

plh: Work ongoing at WHATWG. There may be some interest from server side.

mnot: We ask for errata. There's a place for API for URLs, algorithm for parsing a string into a URL.

## HTTP.next

plh: I saw you raising performance issues for HTTP/2

mnot: pretty good implementation, best practices and extensions emerging. cache-digest, server authentication, connection reuse.  QUIC drumbeat increasing, proposed WG-forming BOF in Berlin. Proposed charter starting from QUIC, with
18-month window (faster than HTTP/2).

Mark: W3C doesn't need to be involved more. They're not changing semantics but it's leaking a bit.

## Fetch

plh: SRI went to PR with a normative reference to Fetch. TimBL still has concerns about the security model embodied in Fetch but no one knows how to do better.

Wendy: We have more WebAppSec dependencies, so we're looking for ways to make the reference more acceptable.

Mark: we're confortable with it at the moment. keeping an eye on it.

## IETF 96 & W3C TPAC 2016

Mark isn't sure he can be in Lisbon. Wendy will be in Berlin.

## JUSTFONT

Mark: we're waiting on Chris on the new draft. Next step will be to publish, get confirmation from mailing list, then send to IESG if no objection.

## WebRTC

Mark: anything specific there?

Plh: didn't check with Dom. No news on our front.

Mark: I think we're good.

## Cookies

Mark: HTTP WG is going to open up the cookies spec and revise. Solliciting proposals, looking for implementers interest before moving forward. We adopted 3 drafts so far, 2 more are in play.
same-site cookies, cookie prefixes; considering: cookie priorities

Wendy: I'll point some people toward that work.



--
Mark Nottingham   https://www.mnot.net/


Loading...