/irc-logs / w3c / #html-wg / 2007-06-03 / end

Options:

  1. # Session Start: Sun Jun 03 00:00:00 2007
  2. # Session Ident: #html-wg
  3. # [00:07] <inimino> bigger than the next version of HTML?
  4. # [00:09] <inimino> seems like they would benefit by being involved
  5. # [00:14] * Quits: tH (Rob@87.102.93.94) (Ping timeout)
  6. # [00:26] * Joins: tH (Rob@87.102.93.94)
  7. # [00:39] * Parts: hasather (hasather@81.235.209.174)
  8. # [00:52] * Quits: Shunsuke (kuruma@219.110.83.49) (Ping timeout)
  9. # [01:05] * Joins: Shunsuke (kuruma@219.110.83.49)
  10. # [01:18] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
  11. # [01:23] * Joins: gavin_ (gavin@74.103.208.221)
  12. # [01:29] * Joins: asbjornu (asbjorn@84.48.116.134)
  13. # [01:45] * Quits: tH (Rob@87.102.93.94) (Quit: ?)
  14. # [01:55] * Joins: hyatt (hyatt@24.6.91.161)
  15. # [02:13] * Quits: inimino (inimino@75.71.88.233) (Ping timeout)
  16. # [02:13] * Joins: inimino (inimino@75.71.88.233)
  17. # [02:16] * Quits: hyatt (hyatt@24.6.91.161) (Client exited)
  18. # [02:16] * Joins: hyatt (hyatt@24.6.91.161)
  19. # [02:37] * Quits: Philip` (philip@80.177.163.133) (Ping timeout)
  20. # [02:57] * Joins: MikeSmith (MikeSmith@mcclure.w3.org)
  21. # [03:03] * Joins: Lachy_ (Lachlan@124.168.18.235)
  22. # [03:04] * Quits: Lachy (Lachlan@203.217.34.167) (Ping timeout)
  23. # [03:05] * Joins: DanC_lap (connolly@128.30.52.30)
  24. # [03:21] * Joins: sbuluf (zzmwld@200.49.140.230)
  25. # [03:26] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
  26. # [03:28] * Quits: hyatt (hyatt@24.6.91.161) (Quit: hyatt)
  27. # [03:31] * Joins: gavin_ (gavin@74.103.208.221)
  28. # [03:33] * Quits: Shunsuke (kuruma@219.110.83.49) (Ping timeout)
  29. # [03:39] * Lachy_ is now known as Lachy
  30. # [04:18] * Quits: dbaron (dbaron@71.198.189.81) (Quit: 8403864 bytes have been tenured, next gc will be global.)
  31. # [04:25] * Joins: duryodhan (duryodhan@220.224.83.241)
  32. # [04:26] <duryodhan> hey.. Is there any way to digitally sign forms when a user clicks submit? I know this is not the right place to ask ... but I am not getting an answer anywhere ..
  33. # [04:52] <Lachy> duryodhan, could you explain what you're trying to achieve?
  34. # [04:55] <duryodhan> I am trying to achieve non-repudiability in my web app through pki and digital signing
  35. # [04:58] <mjs> duryodhan: you can use SSL with client certificates to get authentication of the client at the transport layer
  36. # [04:59] <mjs> duryodhan: tends to be messy to use
  37. # [04:59] <mjs> the nonstandard <keygen> element can be used to generate the client keypair in the first place
  38. # [04:59] <duryodhan> noo .... I have a PKI ... I want to use that to achieve non-repudiation like 1 year later ...
  39. # [05:00] <duryodhan> http://www.idealliance.org/proceedings/xml05/ship/74/XFormsAndXFDL_Boyer.HTML#d0e2130
  40. # [05:17] * Quits: duryodhan (duryodhan@220.224.83.241) (Ping timeout)
  41. # [05:28] * Quits: DanC_lap (connolly@128.30.52.30) (Ping timeout)
  42. # [05:38] * Joins: hyatt (hyatt@24.6.91.161)
  43. # [05:46] * Quits: Lachy (Lachlan@124.168.18.235) (Connection reset by peer)
  44. # [05:46] * Joins: Lachy (Lachlan@124.168.18.235)
  45. # [07:03] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
  46. # [07:08] * Joins: gavin_ (gavin@74.103.208.221)
  47. # [08:34] <Hixie> mjs: if you respond to chris messina you might point out (separate from correcting his misinformed ramblings) that the main reason whatwg hasn't yet taken the microformats stuff is that their specs are woefully inadequate
  48. # [08:36] <Lachy> anne, yt?
  49. # [08:38] <Lachy> Hixie, maybe you can answer my question...
  50. # [08:39] <Lachy> I'm fixing up some issues in Selectors API and in the security section about history theft, it states it's already possible using other methods. I can't figure out how exactly?
  51. # [08:42] <Lachy> http://dev.w3.org/cvsweb/~checkout~/2006/webapi/selectors-api/Overview.src.html?content-type=text/html;%20charset=UTF-8
  52. # [08:46] <Hixie> getComputedStyle
  53. # [08:47] <Hixie> there are active uses of this on the net today actually
  54. # [08:48] <Lachy> what for?
  55. # [08:49] <Hixie> stealing history
  56. # [08:50] <Lachy> yeah, but why is that useful?
  57. # [08:50] <Hixie> well, for example if you want to work out which bank account to hack, you can see which bank sites the user went to
  58. # [08:51] <Hixie> or if you want to advertise a webmail system, you could sniff what mail systems the user had used, and target that specifically
  59. # [08:51] <Hixie> "we're better than gmail because..."
  60. # [08:51] <Lachy> ok
  61. # [08:52] <Lachy> which browser supports getComputedStyle? it's not working for me
  62. # [08:52] <Hixie> (the css2.1 spec mentions this privacy attack explicitly btw)
  63. # [08:52] <Hixie> firefox, opera, safari
  64. # [08:53] <Hixie> you can do it in IE too, e.g. using offsetHeight
  65. # [08:53] <Lachy> perhaps I'm misreading the DOM spec. is it used like this: document.getComputedStyle(elmt, null);
  66. # [08:54] <Hixie> document.defaultview.getComputedStyle(element, '')
  67. # [08:54] <Lachy> oh
  68. # [08:54] <Hixie> defaultView, rather
  69. # [08:55] <Hixie> opera goes out of its way to try to make the attack impossible
  70. # [08:55] <Lachy> does it succeed?
  71. # [08:55] <Hixie> but it's still vulnerable to timing attacks
  72. # [08:55] <Hixie> last i checked, anyway
  73. # [08:56] <Lachy> I don't know what a timing attack is
  74. # [08:58] <Lachy> oh, I see. Opera cheats and returns the styles of unvisited links, regardless
  75. # [08:58] <Hixie> if you do it so that the :visited rules are far more expensive to run than the :link rules, you can simply time how long it takes to render the page
  76. # [09:00] <Lachy> but would that be able to tell you specifically which links were visited?
  77. # [09:01] <Hixie> just do one at a time
  78. # [09:01] <Lachy> ok
  79. # [09:03] <Lachy> should the selectors API spec try to define how to avoid the problem, or just explain the issue and leave it up to vendors to figure it out:?
  80. # [09:09] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
  81. # [09:10] * Joins: NiColasS (for@213.7.66.208)
  82. # [09:10] <NiColasS> Hi everybody
  83. # [09:11] <NiColasS> I want to ask you If HTML tag <marquee> is supported by IE ?
  84. # [09:11] <Hixie> Lachy: i think it should explain the problem in detail
  85. # [09:12] <NiColasS> Hixie do you know if marquee is supported by IE ?
  86. # [09:12] <Lachy> yeah, I am explaining it in detail. I even added an example illustrating how
  87. # [09:12] <Lachy> NiColasS, yes it is
  88. # [09:12] <Lachy> NiColasS, IE invened marquee
  89. # [09:12] <Lachy> *invented
  90. # [09:14] <NiColasS> It works !!! However , is it a valid html tag ?
  91. # [09:14] * Joins: gavin_ (gavin@74.103.208.221)
  92. # [09:14] <Lachy> no it's not
  93. # [09:15] <NiColasS> What should I use instead of it ?
  94. # [09:15] <NiColasS> flash ?
  95. # [09:15] <Lachy> why do you want scrolling text?
  96. # [09:16] <NiColasS> I do not know how to answer lol. I want it to be displayed in the page
  97. # [09:19] <Lachy> but there must be a reason why you want the text presented like that. I'm sure it's not just some random style you want to apply
  98. # [09:20] <Lachy> generally, scrolling text is bad for usability, particularly if it moves too fast for users to read and can be distracting when trying to read other parts of the page
  99. # [09:21] <NiColasS> oh you are right
  100. # [09:29] * Quits: hober (ted@68.107.112.172) (Quit: ERC Version 5.1.3 (IRC client for Emacs))
  101. # [09:30] * Quits: NiColasS (for@213.7.66.208) (Quit: NiColasS)
  102. # [09:32] <anne> Opera is also vulnerable for #bbccouk:visited { background:url(tracker?bbc.co.uk) }
  103. # [09:34] * Joins: Philip` (philip@80.177.163.133)
  104. # [09:52] <Lachy> I checked in the latest version, with updated security considerations and a few other editorial changes elswhere
  105. # [09:52] <Lachy> http://dev.w3.org/cvsweb/~checkout~/2006/webapi/selectors-api/Overview.src.html?content-type=text/html;%20charset=UTF-8#security
  106. # [09:58] * Joins: ROBOd (robod@86.34.246.154)
  107. # [10:23] * Quits: hyatt (hyatt@24.6.91.161) (Quit: hyatt)
  108. # [10:29] <anne> you should prolly note that the DOM2Style ref is non-normative
  109. # [10:29] * Joins: hyatt (hyatt@24.6.91.161)
  110. # [10:29] <anne> much like the css21 ref
  111. # [10:30] <anne> Lachy, maybe you should also do the optional arguments in the pseudo-IDL like XHR and HTML5 do it
  112. # [10:47] <Lachy> yeah, I'll probably split it into normative and non-normative refs later, like other specs do it
  113. # [10:48] <Lachy> I'll take a look at the IDL in XHR
  114. # [10:48] <anne> not all other specs do it that way...
  115. # [10:49] * anne prefers the one-section style
  116. # [10:49] <Lachy> so do you mean listing get(selectors) and get(selectors, nsresolver) as separate overloaded methods?
  117. # [10:55] <anne> they're not overloaded, but yes
  118. # [10:55] <Lachy> alright, I added (Informative) to the DOM2 ref, and will check it in later
  119. # [11:09] * Quits: inimino (inimino@75.71.88.233) (Ping timeout)
  120. # [11:12] * Quits: anne (annevk@83.82.206.111) (Ping timeout)
  121. # [11:17] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
  122. # [11:22] * Joins: gavin_ (gavin@74.103.208.221)
  123. # [11:24] * Joins: tH (Rob@87.102.93.94)
  124. # [11:34] * Quits: tH (Rob@87.102.93.94) (Ping timeout)
  125. # [11:41] * Joins: tH (Rob@87.102.93.94)
  126. # [12:02] * Quits: hyatt (hyatt@24.6.91.161) (Quit: hyatt)
  127. # [12:05] * Joins: jgraham (jgraham@85.210.167.224)
  128. # [13:25] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
  129. # [13:30] * Joins: gavin_ (gavin@74.103.208.221)
  130. # [13:40] * Quits: tH (Rob@87.102.93.94) (Ping timeout)
  131. # [13:50] * Parts: asbjornu (asbjorn@84.48.116.134)
  132. # [14:28] * Joins: DanC_lap (connolly@128.30.52.30)
  133. # [14:31] * Quits: Lachy (Lachlan@124.168.18.235) (Connection reset by peer)
  134. # [14:31] * Joins: Lachy (Lachlan@124.168.18.235)
  135. # [14:38] * Joins: hasather (hasather@81.235.209.174)
  136. # [14:38] * Joins: tH (Rob@87.102.93.94)
  137. # [15:11] * Quits: laplink (link@193.157.66.93) (Ping timeout)
  138. # [15:11] * Quits: xover (xover@193.157.66.5) (Ping timeout)
  139. # [15:23] * Joins: xover (xover@193.157.66.5)
  140. # [15:23] * Joins: laplink (link@193.157.66.93)
  141. # [15:24] * Parts: hasather (hasather@81.235.209.174)
  142. # [15:25] * Joins: hasather (hasather@81.235.209.174)
  143. # [15:28] * Parts: hasather (hasather@81.235.209.174)
  144. # [15:29] * Joins: hasather (hasather@81.235.209.174)
  145. # [16:09] * Quits: xover (xover@193.157.66.5) (Ping timeout)
  146. # [16:10] * Quits: laplink (link@193.157.66.93) (Ping timeout)
  147. # [16:27] * Joins: laplink (link@193.157.66.93)
  148. # [16:27] * Joins: xover (xover@193.157.66.5)
  149. # [16:33] * Quits: laplink (link@193.157.66.93) (Ping timeout)
  150. # [16:33] * Quits: xover (xover@193.157.66.5) (Ping timeout)
  151. # [17:18] * Quits: gsnedders (gsnedders@86.139.123.225) (Quit: gsnedders)
  152. # [17:20] * Joins: laplink (link@193.157.66.93)
  153. # [17:20] * Joins: xover (xover@193.157.66.5)
  154. # [17:21] * Quits: schepers (schepers@69.134.24.226) (Ping timeout)
  155. # [17:36] * Joins: gsnedders (gsnedders@86.139.123.225)
  156. # [17:37] * Quits: jmb (jmb@81.86.70.47) (Ping timeout)
  157. # [18:50] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
  158. # [18:55] * Joins: gavin_ (gavin@74.103.208.221)
  159. # [19:03] * Joins: asbjornu (asbjorn@84.48.116.134)
  160. # [19:19] <mjs> Hixie: I tried to resist mentioning before how sloppy their specs are as it seemed needlessly antagonistic
  161. # [19:19] * Joins: dbaron (dbaron@71.198.189.81)
  162. # [19:37] * Quits: mjs (mjs@64.81.48.145) (Quit: mjs)
  163. # [20:13] * Parts: asbjornu (asbjorn@84.48.116.134)
  164. # [20:50] * Joins: jmb (jmb@81.86.70.47)
  165. # [20:51] * Quits: jmb (jmb@81.86.70.47) (Quit: leaving)
  166. # [20:55] * Joins: jmb (jmb@81.86.70.47)
  167. # [20:57] * Quits: gavin_ (gavin@74.103.208.221) (Ping timeout)
  168. # [21:02] * Joins: gavin_ (gavin@74.103.208.221)
  169. # [21:08] * Joins: NiColasS (for@213.7.66.208)
  170. # [21:08] <NiColasS> what web standards are ?
  171. # [21:10] * Quits: NiColasS (for@213.7.66.208) (Quit: NiColasS)
  172. # [21:27] * Quits: jmb (jmb@81.86.70.47) (Quit: leaving)
  173. # [21:29] * Joins: foca (foca@190.64.3.180)
  174. # [21:37] * Joins: jmb (jmb@81.86.70.47)
  175. # [21:45] * Parts: foca (foca@190.64.3.180)
  176. # [22:14] * Quits: ROBOd (robod@86.34.246.154) (Quit: http://www.robodesign.ro )
  177. # [22:15] * Joins: inimino (inimino@75.71.88.233)
  178. # [22:16] * Quits: hasather (hasather@81.235.209.174) (Connection reset by peer)
  179. # [22:17] * Joins: hasather (hasather@81.235.209.174)
  180. # [22:59] * Joins: hyatt (hyatt@24.6.91.161)
  181. # [23:04] * Quits: hyatt (hyatt@24.6.91.161) (Client exited)
  182. # [23:05] * Joins: hyatt (hyatt@24.6.91.161)
  183. # [23:12] * Joins: mw22 (chatzilla@84.41.169.151)
  184. # [23:20] * Quits: mw22 (chatzilla@84.41.169.151) (Quit: Chatzilla 0.9.75-rdmsoft [XULRunner 1.8.0.4/2006060814])
  185. # [23:23] * Quits: zcorpan (zcorpan@84.216.40.162) (Ping timeout)
  186. # [23:29] * Quits: xover (xover@193.157.66.5) (Ping timeout)
  187. # [23:30] * Joins: mw22 (chatzilla@84.41.169.151)
  188. # [23:31] * Joins: asbjornu (asbjorn@84.48.116.134)
  189. # [23:32] * Joins: xover (xover@193.157.66.5)
  190. # [23:40] * Quits: DanC_lap (connolly@128.30.52.30) (Ping timeout)
  191. # [23:43] * Joins: DanC_lap (connolly@128.30.52.30)
  192. # [23:49] * Joins: mjs (mjs@17.255.100.150)
  193. # Session Close: Mon Jun 04 00:00:00 2007

The end :)