/irc-logs / w3c / #html-wg / 2007-06-03 / end

Options:

1. # Session Start: Sun Jun 03 00:00:00 2007
2. # Session Ident: #html-wg
3. # [00:07] <inimino> bigger than the next version of HTML?
4. # [00:09] <inimino> seems like they would benefit by being involved
5. # [00:14] * Quits: tH (Rob@87.102.93.94) (Ping timeout)
6. # [00:26] * Joins: tH (Rob@87.102.93.94)
7. # [00:39] * Parts: hasather (hasather@81.235.209.174)
8. # [00:52] * Quits: Shunsuke (kuruma@219.110.83.49) (Ping timeout)
9. # [01:05] * Joins: Shunsuke (kuruma@219.110.83.49)
10. # [01:18] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
11. # [01:23] * Joins: gavin_ (gavin@74.103.208.221)
12. # [01:29] * Joins: asbjornu (asbjorn@84.48.116.134)
13. # [01:45] * Quits: tH (Rob@87.102.93.94) (Quit: ?)
14. # [01:55] * Joins: hyatt (hyatt@24.6.91.161)
15. # [02:13] * Quits: inimino (inimino@75.71.88.233) (Ping timeout)
16. # [02:13] * Joins: inimino (inimino@75.71.88.233)
17. # [02:16] * Quits: hyatt (hyatt@24.6.91.161) (Client exited)
18. # [02:16] * Joins: hyatt (hyatt@24.6.91.161)
19. # [02:37] * Quits: Philip` (philip@80.177.163.133) (Ping timeout)
20. # [02:57] * Joins: MikeSmith (MikeSmith@mcclure.w3.org)
21. # [03:03] * Joins: Lachy_ (Lachlan@124.168.18.235)
22. # [03:04] * Quits: Lachy (Lachlan@203.217.34.167) (Ping timeout)
23. # [03:05] * Joins: DanC_lap (connolly@128.30.52.30)
24. # [03:21] * Joins: sbuluf (zzmwld@200.49.140.230)
25. # [03:26] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
26. # [03:28] * Quits: hyatt (hyatt@24.6.91.161) (Quit: hyatt)
27. # [03:31] * Joins: gavin_ (gavin@74.103.208.221)
28. # [03:33] * Quits: Shunsuke (kuruma@219.110.83.49) (Ping timeout)
29. # [03:39] * Lachy_ is now known as Lachy
30. # [04:18] * Quits: dbaron (dbaron@71.198.189.81) (Quit: 8403864 bytes have been tenured, next gc will be global.)
31. # [04:25] * Joins: duryodhan (duryodhan@220.224.83.241)
32. # [04:26] <duryodhan> hey.. Is there any way to digitally sign forms when a user clicks submit? I know this is not the right place to ask ... but I am not getting an answer anywhere ..
33. # [04:52] <Lachy> duryodhan, could you explain what you're trying to achieve?
34. # [04:55] <duryodhan> I am trying to achieve non-repudiability in my web app through pki and digital signing
35. # [04:58] <mjs> duryodhan: you can use SSL with client certificates to get authentication of the client at the transport layer
36. # [04:59] <mjs> duryodhan: tends to be messy to use
37. # [04:59] <mjs> the nonstandard <keygen> element can be used to generate the client keypair in the first place
38. # [04:59] <duryodhan> noo .... I have a PKI ... I want to use that to achieve non-repudiation like 1 year later ...
39. # [05:00] <duryodhan> http://www.idealliance.org/proceedings/xml05/ship/74/XFormsAndXFDL_Boyer.HTML#d0e2130
40. # [05:17] * Quits: duryodhan (duryodhan@220.224.83.241) (Ping timeout)
41. # [05:28] * Quits: DanC_lap (connolly@128.30.52.30) (Ping timeout)
42. # [05:38] * Joins: hyatt (hyatt@24.6.91.161)
43. # [05:46] * Quits: Lachy (Lachlan@124.168.18.235) (Connection reset by peer)
44. # [05:46] * Joins: Lachy (Lachlan@124.168.18.235)
45. # [07:03] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
46. # [07:08] * Joins: gavin_ (gavin@74.103.208.221)
47. # [08:34] <Hixie> mjs: if you respond to chris messina you might point out (separate from correcting his misinformed ramblings) that the main reason whatwg hasn't yet taken the microformats stuff is that their specs are woefully inadequate
48. # [08:36] <Lachy> anne, yt?
49. # [08:38] <Lachy> Hixie, maybe you can answer my question...
50. # [08:39] <Lachy> I'm fixing up some issues in Selectors API and in the security section about history theft, it states it's already possible using other methods. I can't figure out how exactly?
51. # [08:42] <Lachy> http://dev.w3.org/cvsweb/~checkout~/2006/webapi/selectors-api/Overview.src.html?content-type=text/html;%20charset=UTF-8
52. # [08:46] <Hixie> getComputedStyle
53. # [08:47] <Hixie> there are active uses of this on the net today actually
54. # [08:48] <Lachy> what for?
55. # [08:49] <Hixie> stealing history
56. # [08:50] <Lachy> yeah, but why is that useful?
57. # [08:50] <Hixie> well, for example if you want to work out which bank account to hack, you can see which bank sites the user went to
58. # [08:51] <Hixie> or if you want to advertise a webmail system, you could sniff what mail systems the user had used, and target that specifically
59. # [08:51] <Hixie> "we're better than gmail because..."
60. # [08:51] <Lachy> ok
61. # [08:52] <Lachy> which browser supports getComputedStyle? it's not working for me
62. # [08:52] <Hixie> (the css2.1 spec mentions this privacy attack explicitly btw)
63. # [08:52] <Hixie> firefox, opera, safari
64. # [08:53] <Hixie> you can do it in IE too, e.g. using offsetHeight
65. # [08:53] <Lachy> perhaps I'm misreading the DOM spec. is it used like this: document.getComputedStyle(elmt, null);
66. # [08:54] <Hixie> document.defaultview.getComputedStyle(element, '')
67. # [08:54] <Lachy> oh
68. # [08:54] <Hixie> defaultView, rather
69. # [08:55] <Hixie> opera goes out of its way to try to make the attack impossible
70. # [08:55] <Lachy> does it succeed?
71. # [08:55] <Hixie> but it's still vulnerable to timing attacks
72. # [08:55] <Hixie> last i checked, anyway
73. # [08:56] <Lachy> I don't know what a timing attack is
74. # [08:58] <Lachy> oh, I see. Opera cheats and returns the styles of unvisited links, regardless
75. # [08:58] <Hixie> if you do it so that the :visited rules are far more expensive to run than the :link rules, you can simply time how long it takes to render the page
76. # [09:00] <Lachy> but would that be able to tell you specifically which links were visited?
77. # [09:01] <Hixie> just do one at a time
78. # [09:01] <Lachy> ok
79. # [09:03] <Lachy> should the selectors API spec try to define how to avoid the problem, or just explain the issue and leave it up to vendors to figure it out:?
80. # [09:09] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
81. # [09:10] * Joins: NiColasS (for@213.7.66.208)
82. # [09:10] <NiColasS> Hi everybody
83. # [09:11] <NiColasS> I want to ask you If HTML tag <marquee> is supported by IE ?
84. # [09:11] <Hixie> Lachy: i think it should explain the problem in detail
85. # [09:12] <NiColasS> Hixie do you know if marquee is supported by IE ?
86. # [09:12] <Lachy> yeah, I am explaining it in detail. I even added an example illustrating how
87. # [09:12] <Lachy> NiColasS, yes it is
88. # [09:12] <Lachy> NiColasS, IE invened marquee
89. # [09:12] <Lachy> *invented
90. # [09:14] <NiColasS> It works !!! However , is it a valid html tag ?
91. # [09:14] * Joins: gavin_ (gavin@74.103.208.221)
92. # [09:14] <Lachy> no it's not
93. # [09:15] <NiColasS> What should I use instead of it ?
94. # [09:15] <NiColasS> flash ?
95. # [09:15] <Lachy> why do you want scrolling text?
96. # [09:16] <NiColasS> I do not know how to answer lol. I want it to be displayed in the page
97. # [09:19] <Lachy> but there must be a reason why you want the text presented like that. I'm sure it's not just some random style you want to apply
98. # [09:20] <Lachy> generally, scrolling text is bad for usability, particularly if it moves too fast for users to read and can be distracting when trying to read other parts of the page
99. # [09:21] <NiColasS> oh you are right
100. # [09:29] * Quits: hober (ted@68.107.112.172) (Quit: ERC Version 5.1.3 (IRC client for Emacs))
101. # [09:30] * Quits: NiColasS (for@213.7.66.208) (Quit: NiColasS)
102. # [09:32] <anne> Opera is also vulnerable for #bbccouk:visited { background:url(tracker?bbc.co.uk) }
103. # [09:34] * Joins: Philip` (philip@80.177.163.133)
104. # [09:52] <Lachy> I checked in the latest version, with updated security considerations and a few other editorial changes elswhere
105. # [09:52] <Lachy> http://dev.w3.org/cvsweb/~checkout~/2006/webapi/selectors-api/Overview.src.html?content-type=text/html;%20charset=UTF-8#security
106. # [09:58] * Joins: ROBOd (robod@86.34.246.154)
107. # [10:23] * Quits: hyatt (hyatt@24.6.91.161) (Quit: hyatt)
108. # [10:29] <anne> you should prolly note that the DOM2Style ref is non-normative
109. # [10:29] * Joins: hyatt (hyatt@24.6.91.161)
110. # [10:29] <anne> much like the css21 ref
111. # [10:30] <anne> Lachy, maybe you should also do the optional arguments in the pseudo-IDL like XHR and HTML5 do it
112. # [10:47] <Lachy> yeah, I'll probably split it into normative and non-normative refs later, like other specs do it
113. # [10:48] <Lachy> I'll take a look at the IDL in XHR
114. # [10:48] <anne> not all other specs do it that way...
115. # [10:49] * anne prefers the one-section style
116. # [10:49] <Lachy> so do you mean listing get(selectors) and get(selectors, nsresolver) as separate overloaded methods?
117. # [10:55] <anne> they're not overloaded, but yes
118. # [10:55] <Lachy> alright, I added (Informative) to the DOM2 ref, and will check it in later
119. # [11:09] * Quits: inimino (inimino@75.71.88.233) (Ping timeout)
120. # [11:12] * Quits: anne (annevk@83.82.206.111) (Ping timeout)
121. # [11:17] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
122. # [11:22] * Joins: gavin_ (gavin@74.103.208.221)
123. # [11:24] * Joins: tH (Rob@87.102.93.94)
124. # [11:34] * Quits: tH (Rob@87.102.93.94) (Ping timeout)
125. # [11:41] * Joins: tH (Rob@87.102.93.94)
126. # [12:02] * Quits: hyatt (hyatt@24.6.91.161) (Quit: hyatt)
127. # [12:05] * Joins: jgraham (jgraham@85.210.167.224)
128. # [13:25] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
129. # [13:30] * Joins: gavin_ (gavin@74.103.208.221)
130. # [13:40] * Quits: tH (Rob@87.102.93.94) (Ping timeout)
131. # [13:50] * Parts: asbjornu (asbjorn@84.48.116.134)
132. # [14:28] * Joins: DanC_lap (connolly@128.30.52.30)
133. # [14:31] * Quits: Lachy (Lachlan@124.168.18.235) (Connection reset by peer)
134. # [14:31] * Joins: Lachy (Lachlan@124.168.18.235)
135. # [14:38] * Joins: hasather (hasather@81.235.209.174)
136. # [14:38] * Joins: tH (Rob@87.102.93.94)
137. # [15:11] * Quits: laplink (link@193.157.66.93) (Ping timeout)
138. # [15:11] * Quits: xover (xover@193.157.66.5) (Ping timeout)
139. # [15:23] * Joins: xover (xover@193.157.66.5)
140. # [15:23] * Joins: laplink (link@193.157.66.93)
141. # [15:24] * Parts: hasather (hasather@81.235.209.174)
142. # [15:25] * Joins: hasather (hasather@81.235.209.174)
143. # [15:28] * Parts: hasather (hasather@81.235.209.174)
144. # [15:29] * Joins: hasather (hasather@81.235.209.174)
145. # [16:09] * Quits: xover (xover@193.157.66.5) (Ping timeout)
146. # [16:10] * Quits: laplink (link@193.157.66.93) (Ping timeout)
147. # [16:27] * Joins: laplink (link@193.157.66.93)
148. # [16:27] * Joins: xover (xover@193.157.66.5)
149. # [16:33] * Quits: laplink (link@193.157.66.93) (Ping timeout)
150. # [16:33] * Quits: xover (xover@193.157.66.5) (Ping timeout)
151. # [17:18] * Quits: gsnedders (gsnedders@86.139.123.225) (Quit: gsnedders)
152. # [17:20] * Joins: laplink (link@193.157.66.93)
153. # [17:20] * Joins: xover (xover@193.157.66.5)
154. # [17:21] * Quits: schepers (schepers@69.134.24.226) (Ping timeout)
155. # [17:36] * Joins: gsnedders (gsnedders@86.139.123.225)
156. # [17:37] * Quits: jmb (jmb@81.86.70.47) (Ping timeout)
157. # [18:50] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
158. # [18:55] * Joins: gavin_ (gavin@74.103.208.221)
159. # [19:03] * Joins: asbjornu (asbjorn@84.48.116.134)
160. # [19:19] <mjs> Hixie: I tried to resist mentioning before how sloppy their specs are as it seemed needlessly antagonistic
161. # [19:19] * Joins: dbaron (dbaron@71.198.189.81)
162. # [19:37] * Quits: mjs (mjs@64.81.48.145) (Quit: mjs)
163. # [20:13] * Parts: asbjornu (asbjorn@84.48.116.134)
164. # [20:50] * Joins: jmb (jmb@81.86.70.47)
165. # [20:51] * Quits: jmb (jmb@81.86.70.47) (Quit: leaving)
166. # [20:55] * Joins: jmb (jmb@81.86.70.47)
167. # [20:57] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
168. # [21:02] * Joins: gavin_ (gavin@74.103.208.221)
169. # [21:08] * Joins: NiColasS (for@213.7.66.208)
170. # [21:08] <NiColasS> what web standards are ?
171. # [21:10] * Quits: NiColasS (for@213.7.66.208) (Quit: NiColasS)
172. # [21:27] * Quits: jmb (jmb@81.86.70.47) (Quit: leaving)
173. # [21:29] * Joins: foca (foca@190.64.3.180)
174. # [21:37] * Joins: jmb (jmb@81.86.70.47)
175. # [21:45] * Parts: foca (foca@190.64.3.180)
176. # [22:14] * Quits: ROBOd (robod@86.34.246.154) (Quit: http://www.robodesign.ro )
177. # [22:15] * Joins: inimino (inimino@75.71.88.233)
178. # [22:16] * Quits: hasather (hasather@81.235.209.174) (Connection reset by peer)
179. # [22:17] * Joins: hasather (hasather@81.235.209.174)
180. # [22:59] * Joins: hyatt (hyatt@24.6.91.161)
181. # [23:04] * Quits: hyatt (hyatt@24.6.91.161) (Client exited)
182. # [23:05] * Joins: hyatt (hyatt@24.6.91.161)
183. # [23:12] * Joins: mw22 (chatzilla@84.41.169.151)
184. # [23:20] * Quits: mw22 (chatzilla@84.41.169.151) (Quit: Chatzilla 0.9.75-rdmsoft [XULRunner 1.8.0.4/2006060814])
185. # [23:23] * Quits: zcorpan (zcorpan@84.216.40.162) (Ping timeout)
186. # [23:29] * Quits: xover (xover@193.157.66.5) (Ping timeout)
187. # [23:30] * Joins: mw22 (chatzilla@84.41.169.151)
188. # [23:31] * Joins: asbjornu (asbjorn@84.48.116.134)
189. # [23:32] * Joins: xover (xover@193.157.66.5)
190. # [23:40] * Quits: DanC_lap (connolly@128.30.52.30) (Ping timeout)
191. # [23:43] * Joins: DanC_lap (connolly@128.30.52.30)
192. # [23:49] * Joins: mjs (mjs@17.255.100.150)
193. # Session Close: Mon Jun 04 00:00:00 2007

The end :)