#social 2017-01-03
2017-01-03 UTC
fabrixxm and KjetilK_ joined the channel
#
ben_thatmustbeme might make things a little difficult to hear
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme i can create the template for it. I know the github issue on webmention said we would discuss it today
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
timbl and KevinMarks joined the channel
RRSAgent joined the channel
#
RRSAgent logging to http://www.w3.org/2017/01/03-social-irc
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fwww.w3.org%2F2010%2F01%2Fbot-rrsagent.png&sig=16f6f4e30cbfd69014a8280f84b86cfc566fa2796313bc2978b91efa72ccdf37)
Zakim joined the channel
KevinMarks2 and tantek joined the channel
#
tantek hmm - I didn't see anyone create https://www.w3.org/wiki/Socialwg/2017-01-03
![](https://chat.indieweb.org/img.php?url=http%3A%2F%2Ftantek.com%2Flogo.jpg&sig=3adcdc3b30d82d9633f7be13a27dfdf394ddbd44200751e2192b81a0f603e939)
#
tantek no official telcon today, but we are unofficially on the call discussing https://github.com/w3c/webmention/issues/84
![](https://chat.indieweb.org/img.php?url=http%3A%2F%2Ftantek.com%2Flogo.jpg&sig=3adcdc3b30d82d9633f7be13a27dfdf394ddbd44200751e2192b81a0f603e939)
#
ben_thatmustbeme present+
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
cwebber present+
#
ben_thatmustbeme yes
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
cwebber I didn't hear
#
cwebber was plugging in my headphones
#
ben_thatmustbeme yeah, i think that makes sense.
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme yes, change 'publish' to 'display'
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme CSRF Is
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme 4.4
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme i don't see anything about re-verify anywhere
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme cors uses non-normative for CSRF https://www.w3.org/TR/cors/#refsCSRF
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
cwebber sounds good to me, I don't think we need a resolution here either
#
ben_thatmustbeme yeah.... :/
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme https://www.w3.org/TR/epr/ even this ... thing. doesn't even have any references to CSRF or XSS
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
aaronpk this looks like a pretty good reference https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Faaronparecki.com%2Fimages%2Faaronpk-128.jpg&sig=fcc92d9a2a2192cebb3e92cd1bf91bd7b844f7ef87301cbe5d35b9847b0d0ae0)
#
tantek hey this looks better :P https://en.wikipedia.org/wiki/Cross-site_request_forgery
![](https://chat.indieweb.org/img.php?url=http%3A%2F%2Ftantek.com%2Flogo.jpg&sig=3adcdc3b30d82d9633f7be13a27dfdf394ddbd44200751e2192b81a0f603e939)
#
cwebber owasp?
#
cwebber pretty well known secuity site
#
cwebber no I have :)
#
ben_thatmustbeme i have heard of it before as well
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme only in passing
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme *blinks*
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme 2.84.14 lol
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme thats a lot of ... yeah
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
timbl joined the channel
#
ben_thatmustbeme and no, i could not find anything referenced for XSS
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
sandro https://www.owasp.org/index.php/XSS might be more robust
#
ben_thatmustbeme thats the same page
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme redirect
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme i feel like the security group should publish some note explaining such things, just so there is a normative reference to it
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme lol
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme sandro++
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme "have we finished bikeshedding 4.1 yet" ~tantek just before bikeshedding order more
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme yes, aaronpk is an overachiever
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
cwebber +1 seems good
#
aaronpk editor's draft is updated https://webmention.net/draft/
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Faaronparecki.com%2Fimages%2Faaronpk-128.jpg&sig=fcc92d9a2a2192cebb3e92cd1bf91bd7b844f7ef87301cbe5d35b9847b0d0ae0)
#
ben_thatmustbeme we had said we would do them once a month in the new year
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme +1 for a meeting next week and starting that as our one for the month
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
cwebber I'll be around next week
#
ben_thatmustbeme cwebber: can you be on earlier next week?
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme just making sure
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
cwebber central time, and I can be on earlier
#
cwebber could we do 2 hours earler?
#
ben_thatmustbeme 2 hours earlier could work for me
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
cwebber I mean, I could also do 2.5 hours earlier :P
#
ben_thatmustbeme someone should email evan and julien
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme especially
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
cwebber current time is during lunchtime for me :)
#
cwebber so moving it back works
#
ben_thatmustbeme cwebber, yeah, most weeks i am eating during the meeting
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
cwebber I'm not usually eating, though during boring parts sometimes I do unload the dishwasher ;)
#
tantek logged an informal summary here: https://www.w3.org/wiki/Socialwg/2017-01-03
![](https://chat.indieweb.org/img.php?url=http%3A%2F%2Ftantek.com%2Flogo.jpg&sig=3adcdc3b30d82d9633f7be13a27dfdf394ddbd44200751e2192b81a0f603e939)
#
ben_thatmustbeme prefers
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme since the change is mainly for her
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme and it may break schedules for others
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme go go go, first REC of the new year
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme oj, just WD
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme view-source:https://www.w3.org/TR/
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme and searching for 2017
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
ben_thatmustbeme bye
![](https://chat.indieweb.org/img.php?url=https%3A%2F%2Fben.thatmustbe.me%2Fimage%2Fstatic%2Ficon_64.jpg&sig=7155d5f4fd84451c46f23e83ee7dcdb4ed4ab161646e75980bb47196fb5ac358)
#
tantek aside: this is pretty cool https://www.owasp.org/index.php/About_OWASP
![](https://chat.indieweb.org/img.php?url=http%3A%2F%2Ftantek.com%2Flogo.jpg&sig=3adcdc3b30d82d9633f7be13a27dfdf394ddbd44200751e2192b81a0f603e939)
timbl joined the channel
KevinMarks and KevinMarks2 joined the channel