/irc-logs / freenode / #whatwg / 2009-11-04 / end

Options:

1. # Session Start: Wed Nov 04 00:00:00 2009
2. # Session Ident: #whatwg
3. # [00:11] * Quits: archtech (i=stanv@83.228.56.37)
4. # [00:14] * Joins: GarethAdams|Home (n=GarethAd@pdpc/supporter/active/GarethAdams)
5. # [00:16] * Quits: MikeSmith (n=MikeSmit@72-254-91-5.client.stsn.net) (Read error: 110 (Connection timed out))
6. # [00:19] * Joins: paul_iri_ (n=paul_iri@c-71-192-163-128.hsd1.nh.comcast.net)
7. # [00:19] * Quits: slightlyoff (n=slightly@72.14.229.81) (Remote closed the connection)
8. # [00:20] * Joins: slightlyoff (n=slightly@72.14.229.81)
9. # [00:21] * Joins: annevk2 (n=annevk@72-254-82-30.client.stsn.net)
10. # [00:22] * Quits: fishd (n=darin@nat/google/x-055161f3f2c7919b) (Read error: 60 (Operation timed out))
11. # [00:22] * Quits: gsnedders (n=gsnedder@c83-252-226-150.bredband.comhem.se)
12. # [00:25] * Joins: MikeSmith (n=MikeSmit@72-254-91-5.client.stsn.net)
13. # [00:25] * Quits: MikeSmith (n=MikeSmit@72-254-91-5.client.stsn.net) ("Tomorrow to fresh woods, and pastures new.")
14. # [00:26] * Quits: BlurstOfTimes (n=blurstof@168.203.117.66) ("Leaving...")
15. # [00:26] * Joins: MikeSmith (n=MikeSmit@72-254-91-5.client.stsn.net)
16. # [00:28] * Joins: mpt_ (n=mpt@canonical/mpt)
17. # [00:30] * Joins: webben (n=benh@nat/yahoo/x-9e1aa91fd63f75bc)
18. # [00:31] * Quits: borismus_ (n=borismus@CMU-348674.WV.CC.CMU.EDU)
19. # [00:31] * paul_iri_ is now known as paul_irish_
20. # [00:34] * Quits: webben (n=benh@nat/yahoo/x-9e1aa91fd63f75bc) (Client Quit)
21. # [00:37] * Quits: nattokirai (n=nattokir@72-254-82-75.client.stsn.net)
22. # [00:44] * Quits: cying (n=cying@70.90.171.153) (Remote closed the connection)
23. # [00:45] * Joins: cying (n=cying@70.90.171.153)
24. # [00:47] * Quits: tantek (n=tantek@72-254-103-162.client.stsn.net)
25. # [00:54] * Joins: borismus_ (n=borismus@CMU-348674.WV.CC.CMU.EDU)
26. # [00:58] * Quits: TabAtkins (n=chatzill@72-254-99-227.client.stsn.net) (Read error: 110 (Connection timed out))
27. # [01:04] * Quits: hobertoAtWork (n=hobertoa@gw1.mcgraw-hill.com) ("Nettalk6 - www.ntalk.de")
28. # [01:05] * Joins: franksalim (n=frank@adsl-76-221-202-115.dsl.pltn13.sbcglobal.net)
29. # [01:05] * Quits: sylvaing (n=sylvaing@72-254-86-181.client.stsn.net) (Read error: 110 (Connection timed out))
30. # [01:18] * Joins: tantek (n=tantek@72-254-103-162.client.stsn.net)
31. # [01:19] * Joins: BlurstOfTimes (n=blurstof@168.203.117.66)
32. # [01:21] * Quits: aroben (n=aroben@unaffiliated/aroben) (Read error: 104 (Connection reset by peer))
33. # [01:21] * Quits: weinig (n=weinig@72-254-102-177.client.stsn.net)
34. # [01:22] * lmorchard|away is now known as lmorchard
35. # [01:23] * Joins: zcorpan_ (n=zcorpan@c83-252-193-59.bredband.comhem.se)
36. # [01:30] * Joins: wakaba_ (n=wakaba_@122x221x184x68.ap122.ftth.ucom.ne.jp)
37. # [01:37] * Quits: mpt_ (n=mpt@canonical/mpt) (Read error: 110 (Connection timed out))
38. # [01:38] * Joins: weinig (n=weinig@72-254-102-177.client.stsn.net)
39. # [01:39] * Quits: zcorpan_ (n=zcorpan@c83-252-193-59.bredband.comhem.se) (Read error: 110 (Connection timed out))
40. # [01:52] * Quits: pmuellr (n=pmuellr@user-0ce2l9d.cable.mindspring.com)
41. # [01:54] * Quits: dglazkov (n=dglazkov@nat/google/x-60fd8eacd6745fde)
42. # [02:00] * Quits: borismus_ (n=borismus@CMU-348674.WV.CC.CMU.EDU)
43. # [02:03] * Joins: sylvaing (n=sylvaing@72-254-86-181.client.stsn.net)
44. # [02:03] * Quits: sylvaing (n=sylvaing@72-254-86-181.client.stsn.net) (Client Quit)
45. # [02:04] * Joins: borismus_ (n=borismus@CMU-348674.WV.CC.CMU.EDU)
46. # [02:13] * Quits: weinig (n=weinig@72-254-102-177.client.stsn.net)
47. # [02:20] * Quits: shepazu (n=schepers@72-254-102-222.client.stsn.net)
48. # [02:20] * Quits: Lachy (n=Lachlan@72-254-56-137.client.stsn.net) ("This computer has gone to sleep")
49. # [02:21] * Quits: ap (n=ap@17.246.19.174)
50. # [02:22] * Quits: borismus_ (n=borismus@CMU-348674.WV.CC.CMU.EDU)
51. # [02:30] * Quits: tantek (n=tantek@72-254-103-162.client.stsn.net)
52. # [02:30] * Quits: dbaron (n=dbaron@nat/mozilla/x-c0c4f49745ab24aa) ("8403864 bytes have been tenured, next gc will be global.")
53. # [02:39] * Joins: tantek (n=tantek@72-254-103-162.client.stsn.net)
54. # [02:44] * Quits: annevk2 (n=annevk@72-254-82-30.client.stsn.net)
55. # [02:46] * Quits: othermaciej (n=mjs@72-254-84-91.client.stsn.net)
56. # [02:48] * Joins: erlehmann_ (n=erlehman@82.113.106.22)
57. # [02:48] * Quits: doublec (n=doublec@65.49.60.216) (Read error: 104 (Connection reset by peer))
58. # [02:50] * Joins: annevk2 (n=annevk@72-254-82-30.client.stsn.net)
59. # [02:52] * Joins: borismus_ (n=borismus@c-98-219-161-78.hsd1.pa.comcast.net)
60. # [02:56] * Quits: erlehmann (n=erlehman@8.121.113.82.net.de.o2.com) (Read error: 60 (Operation timed out))
61. # [02:56] * Joins: dglazkov (n=dglazkov@c-67-188-0-62.hsd1.ca.comcast.net)
62. # [02:58] * Joins: dglazkov_ (n=dglazkov@216.239.45.130)
63. # [03:01] * Quits: Amorphous (i=jan@unaffiliated/amorphous) (Read error: 60 (Operation timed out))
64. # [03:01] * Quits: borismus_ (n=borismus@c-98-219-161-78.hsd1.pa.comcast.net) ("http://www.borismus.com")
65. # [03:02] * Joins: weinig (n=weinig@c-67-180-35-124.hsd1.ca.comcast.net)
66. # [03:03] * Quits: weinig (n=weinig@c-67-180-35-124.hsd1.ca.comcast.net) (Remote closed the connection)
67. # [03:03] * Joins: JonathanNeal (n=Jonathan@76-219-69-134.lightspeed.breaca.sbcglobal.net)
68. # [03:03] <JonathanNeal> So, the <header> element isn't necessary for the root <body> element, but can exist within <section> elements, is that right?
69. # [03:04] <MikeSmith> JonathanNeal: yeah, it can be a child of a section
70. # [03:04] <MikeSmith> and it's not required anywhere
71. # [03:05] <JonathanNeal> Groovy, in the company-home demo, I noticed that the page's main navigation existed within the <header> element, is that recommended that the "global"-like navigation for a site exist within the <header> ?
72. # [03:06] * Quits: dglazkov (n=dglazkov@c-67-188-0-62.hsd1.ca.comcast.net) (Read error: 60 (Operation timed out))
73. # [03:06] * dglazkov_ is now known as dglazkov
74. # [03:06] * Quits: tantek (n=tantek@72-254-103-162.client.stsn.net)
75. # [03:16] * Quits: cying (n=cying@70.90.171.153)
76. # [03:16] * Quits: slightlyoff (n=slightly@72.14.229.81)
77. # [03:19] * Joins: Amorphous (i=jan@unaffiliated/amorphous)
78. # [03:22] * Joins: mmn (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com)
79. # [03:27] * Quits: yutak (n=yutak@220.109.219.244) ("Leaving")
80. # [03:33] <JonathanNeal> Did that make sense. Maybe I asked the question poorly?
81. # [03:34] * Joins: doublec (n=doublec@li30-216.members.linode.com)
82. # [03:42] * Quits: ttepasse (n=ttepas--@p5B01750B.dip.t-dialin.net) ("?Q")
83. # [03:46] * Joins: mmn1 (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com)
84. # [03:46] * Quits: mmn (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com) (Read error: 54 (Connection reset by peer))
85. # [03:50] <JonathanNeal> Either the question sucked, or MikeSmith took off.
86. # [03:51] <MikeSmith> JonathanNeal: I'm still here
87. # [03:52] <MikeSmith> just in a meeting at the moement
88. # [03:52] <MikeSmith> moment
89. # [03:52] <MikeSmith> what you describe sounds perfectly fine
90. # [03:53] <MikeSmith> as far as the intended use of header and nav goes
91. # [03:53] <MikeSmith> I think one of the examples in the spec actually does what you describe
92. # [03:54] <MikeSmith> JonathanNeal: have you looked at the HTML5 spec itself? or are you working from one of the tutorials or articles?
93. # [03:54] <MikeSmith> it's worth looking through the spec and the examples in it
94. # [03:54] <JonathanNeal> I did, and I noticed a consistancy of the main <nav> being placed inside the <header> along with the <hgroup>/<h1>/etc
95. # [04:01] <MikeSmith> JonathanNeal: that sounds the same as what you described above
96. # [04:04] <JonathanNeal> Yes, basically ... the header inevitably contains my global heading, and I'm trying to intelligently group my outline, but the header element isn't part of the "outline algorithm", but navs do, but those navs don't have their own headers <h1>
97. # [04:04] <MikeSmith> I see
98. # [04:06] <JonathanNeal> <header><h1>My Site</h1><nav><ul><li>Page 1</li><li>Page 2</li></ul></header> ... trying to follow the spec, I don't feel sure whether or not I'm saying that the <nav> a piece of the <header> but has no outline itself, even an example with a <header> and <nav> @ http://www.whatwg.org/specs/web-apps/current-work/multipage/sections.html#the-header-element produces a headerless "section", per the description of a sectio
99. # [04:06] <JonathanNeal> n.
100. # [04:09] <JonathanNeal> Well, not to mention that the example doesn't have any closing </li>'s
101. # [04:11] <JonathanNeal> Unless they're not required. I swear I'm American and educated, even though my sentences would indicate otherwise :-(
102. # [04:12] <MikeSmith> JonathanNeal: the closing tags for <li> are not required in the HTML syntax
103. # [04:13] <MikeSmith> they have never been required in the HTML syntax, since the very begining of HTML
104. # [04:13] <MikeSmith> they are only required in XHTML
105. # [04:15] <JonathanNeal> Oh, brilliant. I never knew that. Maybe this helps explain my problem @ http://gsnedders.html5.org/outliner/process.py?url=http%3A%2F%2Fsandbox.thewikies.com%2Fhtml5-outline-question
106. # [04:15] <JonathanNeal> With the source @ http://sandbox.thewikies.com/html5-outline-question/
107. # [04:17] <MikeSmith> JonathanNeal: I have to drop off
108. # [04:17] <MikeSmith> but you are asking in the right place
109. # [04:17] <JonathanNeal> Okay, thanks for your time though.
110. # [04:17] <MikeSmith> cheers
111. # [04:17] * Quits: MikeSmith (n=MikeSmit@72-254-91-5.client.stsn.net) ("Tomorrow to fresh woods, and pastures new.")
112. # [04:19] * Joins: mmn (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com)
113. # [04:20] * Quits: mmn1 (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com) (Read error: 104 (Connection reset by peer))
114. # [04:27] * Quits: jwalden (n=waldo@nat/mozilla/x-60c3baf7cc7ab5b0) ("ChatZilla 0.9.85-rdmsoft [XULRunner 1.9.1.4/20091027080902]")
115. # [04:28] <JonathanNeal> Hey, anybody else about?
116. # [04:32] <jcranmer> nope, we're all dead
117. # [04:33] * Quits: JoePeck (n=JoePeck@cpe-74-69-85-249.rochester.res.rr.com) (Read error: 104 (Connection reset by peer))
118. # [04:33] * Joins: JoePeck (n=JoePeck@cpe-74-69-85-249.rochester.res.rr.com)
119. # [04:34] <JonathanNeal> jcranmer, I'm sorry for your losses.
120. # [04:35] <jcranmer> I'm not sorry for my loss
121. # [04:37] <JonathanNeal> well, everyone else who died, apparently :-)
122. # [04:42] * Joins: roc_ (n=roc@203-97-204-82.dsl.clear.net.nz)
123. # [04:49] * Quits: annevk2 (n=annevk@72-254-82-30.client.stsn.net) (Remote closed the connection)
124. # [04:49] * Joins: avidvivid (n=avidvivi@209-180-139-110.phnx.qwest.net)
125. # [04:51] * Joins: nessy (n=Adium@adsl-69-107-93-121.dsl.pltn13.pacbell.net)
126. # [04:51] * Quits: roc (n=roc@203-97-204-82.dsl.clear.net.nz) (Read error: 110 (Connection timed out))
127. # [04:51] * roc_ is now known as roc
128. # [04:52] * Quits: mmn (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com) (Read error: 104 (Connection reset by peer))
129. # [04:52] * Joins: mmn (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com)
130. # [04:55] * Joins: nattokirai (n=nattokir@12.229.246.2)
131. # [04:55] * Quits: nattokirai (n=nattokir@12.229.246.2) (Client Quit)
132. # [05:09] * Joins: fishd (n=darin@c-98-207-16-168.hsd1.ca.comcast.net)
133. # [05:09] * Quits: bugfux (n=bugfux@209-234-175-134.static.twtelecom.net) (Remote closed the connection)
134. # [05:10] * Joins: bugfux (n=bugfux@209-234-175-134.static.twtelecom.net)
135. # [05:10] * Quits: bugfux (n=bugfux@209-234-175-134.static.twtelecom.net) (Remote closed the connection)
136. # [05:16] * Joins: mmn1 (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com)
137. # [05:17] * Quits: mmn (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com) (Read error: 104 (Connection reset by peer))
138. # [05:20] * Joins: onar_ (n=onar@c-67-180-87-66.hsd1.ca.comcast.net)
139. # [05:20] * Quits: nessy (n=Adium@adsl-69-107-93-121.dsl.pltn13.pacbell.net) (Read error: 104 (Connection reset by peer))
140. # [05:20] * Joins: nessy1 (n=Adium@adsl-69-107-93-121.dsl.pltn13.pacbell.net)
141. # [05:25] * nessy1 is now known as nessy
142. # [05:25] * Joins: fishd_ (n=darin@216.239.45.130)
143. # [05:31] * Joins: yutak (n=yutak@220.109.219.244)
144. # [05:32] * Joins: TabAtkins (n=chatzill@72-254-39-86.client.stsn.net)
145. # [05:44] * Quits: fishd (n=darin@c-98-207-16-168.hsd1.ca.comcast.net) (Read error: 110 (Connection timed out))
146. # [05:48] * Quits: yutak (n=yutak@220.109.219.244) ("Leaving")
147. # [05:48] * Joins: mmn (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com)
148. # [05:49] * Quits: mmn1 (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com) (Read error: 104 (Connection reset by peer))
149. # [05:49] * Quits: karlcow (n=karl@nerval.la-grange.net) ("This computer has gone to sleep")
150. # [06:02] * fishd_ is now known as fishd
151. # [06:08] * Joins: all-R (n=all-R@modemcable036.154-203-24.mc.videotron.ca)
152. # [06:08] * Parts: all-R (n=all-R@modemcable036.154-203-24.mc.videotron.ca)
153. # [06:08] * Joins: oojacoboo (n=jacob@61-229-171-89.dynamic.hinet.net)
154. # [06:09] <oojacoboo> so, are all you guys coding in strictly HTML5 now?
155. # [06:13] * Joins: yutak (n=yutak@220.109.219.244)
156. # [06:15] * Quits: onar_ (n=onar@c-67-180-87-66.hsd1.ca.comcast.net)
157. # [06:22] * Joins: mmn1 (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com)
158. # [06:23] * Quits: mmn (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com) (Read error: 104 (Connection reset by peer))
159. # [06:28] <JonathanNeal> In an outline, is it okay to have untitled sections? Like in a <nav> ?
160. # [06:32] * Joins: dbaron (n=dbaron@c-98-234-51-190.hsd1.ca.comcast.net)
161. # [06:39] * Quits: mitnavn (n=mitnavn@unaffiliated/mitnavn) (Read error: 110 (Connection timed out))
162. # [06:43] * Quits: TabAtkins (n=chatzill@72-254-39-86.client.stsn.net) (Read error: 60 (Operation timed out))
163. # [06:44] * Quits: kristallpirat (n=kristall@c-base/crew/kristall) (wolfe.freenode.net irc.freenode.net)
164. # [06:44] * Quits: Rik|work (n=Rik|work@193.93.127.141) (wolfe.freenode.net irc.freenode.net)
165. # [06:44] * Joins: kristallpirat (n=kristall@c-base/crew/kristall)
166. # [06:44] * Joins: Rik|work (n=Rik|work@193.93.127.141)
167. # [06:47] * Joins: onar_ (n=onar@c-67-180-87-66.hsd1.ca.comcast.net)
168. # [06:55] * Quits: mmn1 (n=mmn@CPE0014d1463485-CM00194746f84a.cpe.net.cable.rogers.com) (Read error: 104 (Connection reset by peer))
169. # [06:59] * Joins: dglazkov_ (n=dglazkov@c-67-188-0-62.hsd1.ca.comcast.net)
170. # [07:01] * Quits: dglazkov (n=dglazkov@216.239.45.130) (Read error: 104 (Connection reset by peer))
171. # [07:01] * dglazkov_ is now known as dglazkov
172. # [07:04] * Parts: oojacoboo (n=jacob@61-229-171-89.dynamic.hinet.net)
173. # [07:13] * Joins: Lachy (n=Lachlan@72-254-97-4.client.stsn.net)
174. # [07:13] * Quits: Lachy (n=Lachlan@72-254-97-4.client.stsn.net) (Remote closed the connection)
175. # [07:13] * Joins: Lachy (n=Lachlan@72-254-97-4.client.stsn.net)
176. # [07:18] * Quits: fishd (n=darin@216.239.45.130) (Read error: 104 (Connection reset by peer))
177. # [07:18] * Joins: fishd (n=darin@216.239.45.130)
178. # [07:21] * Quits: kristallpirat (n=kristall@c-base/crew/kristall) ("Wünsche weiterhin guten Flug")
179. # [07:28] * Quits: dglazkov (n=dglazkov@c-67-188-0-62.hsd1.ca.comcast.net)
180. # [07:33] * Quits: onar_ (n=onar@c-67-180-87-66.hsd1.ca.comcast.net)
181. # [07:37] * Joins: onar_ (n=onar@c-67-180-87-66.hsd1.ca.comcast.net)
182. # [07:38] * Quits: dbaron (n=dbaron@c-98-234-51-190.hsd1.ca.comcast.net) (Read error: 60 (Operation timed out))
183. # [07:43] * lmorchard is now known as lmorchard|away
184. # [07:44] * Joins: weinig (n=weinig@c-67-180-35-124.hsd1.ca.comcast.net)
185. # [07:49] * Joins: archtech (i=stanv@83.228.56.37)
186. # [07:52] * Quits: fishd (n=darin@216.239.45.130) (Read error: 110 (Connection timed out))
187. # [07:59] * Joins: mitnavn (n=mitnavn@unaffiliated/mitnavn)
188. # [08:03] * Joins: maikmerten (n=merten@ls5dhcp196.cs.uni-dortmund.de)
189. # [08:04] * Joins: dbaron (n=dbaron@c-98-234-51-190.hsd1.ca.comcast.net)
190. # [08:04] * Quits: erlehmann_ (n=erlehman@82.113.106.22) ("Ex-Chat")
191. # [08:13] * Joins: erlehmann (n=erlehman@82.113.106.22)
192. # [08:15] * Quits: virtuelv (n=virtuelv@162.179.251.212.customer.cdi.no) (Read error: 60 (Operation timed out))
193. # [08:16] * Joins: primal1 (n=primal1@pool-72-67-53-59.lsanca.fios.verizon.net)
194. # [08:16] * Quits: onar_ (n=onar@c-67-180-87-66.hsd1.ca.comcast.net)
195. # [08:16] * Joins: TabAtkins (n=chatzill@72-254-39-86.client.stsn.net)
196. # [08:19] <TabAtkins> JonathanNeal: Yeah, it is. You should generally try to avoid it, but there's nothing *wrong* with it.
197. # [08:37] <TabAtkins> Can anyone point me to the quirks-mode flowchart?
198. # [08:38] * Joins: shepazu (n=schepers@72-254-85-102.client.stsn.net)
199. # [08:38] * Quits: roc (n=roc@203-97-204-82.dsl.clear.net.nz)
200. # [08:43] * Joins: TabAtkins_ (n=chatzill@72-254-39-86.client.stsn.net)
201. # [08:43] * Quits: TabAtkins (n=chatzill@72-254-39-86.client.stsn.net) (Read error: 54 (Connection reset by peer))
202. # [08:43] * TabAtkins_ is now known as TabAtkins
203. # [08:45] * Joins: Maurice (n=ano@a80-101-46-164.adsl.xs4all.nl)
204. # [08:50] * Quits: dbaron (n=dbaron@c-98-234-51-190.hsd1.ca.comcast.net) ("8403864 bytes have been tenured, next gc will be global.")
205. # [08:57] <jgraham> TabAtkins: Which quirks mode flowchart? There is an IE8-pecific one: http://hsivonen.iki.fi/doctype/ie8-mode.png
206. # [08:57] <jgraham> *specific
207. # [08:58] <TabAtkins> That's the one I was looking for, thanks.
208. # [09:08] * Quits: archtech (i=stanv@83.228.56.37)
209. # [09:11] * Quits: nessy (n=Adium@adsl-69-107-93-121.dsl.pltn13.pacbell.net) ("Leaving.")
210. # [09:12] * Joins: archtech (i=stanv@83.228.56.37)
211. # [09:15] * Quits: gavin_ (n=gavin@firefox/developer/gavin) (Read error: 104 (Connection reset by peer))
212. # [09:23] * Quits: GPHemsley (n=GPHemsle@pdpc/supporter/student/GPHemsley) ("This computer has gone to sleep")
213. # [09:33] * Quits: TabAtkins (n=chatzill@72-254-39-86.client.stsn.net) (Read error: 110 (Connection timed out))
214. # [09:38] * Joins: KevinMarks (n=KevinMar@c-67-164-14-96.hsd1.ca.comcast.net)
215. # [09:40] <erlehmann> jgraham, that thing makes me unhappy
216. # [09:40] * Quits: primal1 (n=primal1@pool-72-67-53-59.lsanca.fios.verizon.net)
217. # [09:50] * Joins: webben (n=benh@dip5-fw.corp.ukl.yahoo.com)
218. # [09:51] <hsivonen> erlehmann: and I haven't even added Chrome Frame to the flowchart yet
219. # [09:52] <erlehmann> hsivonen, DONT
220. # [09:52] <erlehmann> just dont
221. # [09:52] <erlehmann> nuke redmond from orbit
222. # [09:53] <erlehmann> its the only way to be sure
223. # [09:53] * Quits: GarethAdams|Home (n=GarethAd@pdpc/supporter/active/GarethAdams)
224. # [09:54] * Quits: Someguy (n=Andy_F@pool-96-255-124-28.washdc.fios.verizon.net) ("Leaving")
225. # [09:57] * Joins: gsnedders (n=gsnedder@c83-252-226-150.bredband.comhem.se)
226. # [10:05] * Joins: roc (n=roc@121-72-179-155.dsl.telstraclear.net)
227. # [10:06] * Joins: BARTdG (n=BARTdG@5ED43020.cable.ziggo.nl)
228. # [10:09] * Quits: gsnedders (n=gsnedder@c83-252-226-150.bredband.comhem.se)
229. # [10:10] * Joins: zcorpan_ (n=zcorpan@c83-252-193-59.bredband.comhem.se)
230. # [10:16] * Joins: michaelforrest (n=michaelf@91.189.88.12)
231. # [10:16] * Quits: webben (n=benh@dip5-fw.corp.ukl.yahoo.com) ("Leaving.")
232. # [10:29] <jgraham> erlehmann: It seems unfair to blame me :)
233. # [10:29] <erlehmann> shoot the messenger :D
234. # [10:30] <erlehmann> it worked in ye olde timeth
235. # [10:33] * Joins: mat_t (n=mattomas@91.189.88.12)
236. # [10:43] * Joins: virtuelv (n=virtuelv@pat-tdc.opera.com)
237. # [10:50] * Joins: Phae (n=phaeness@gateb.mh.bbc.co.uk)
238. # [10:58] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
239. # [10:58] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
240. # [10:58] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
241. # [10:58] * Joins: hamaji (n=hamaji@220.109.219.244)
242. # [10:58] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
243. # [10:58] * Joins: k0rnel (n=k0rnel@krtko.org)
244. # [11:02] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
245. # [11:02] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
246. # [11:02] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
247. # [11:02] * Joins: hamaji (n=hamaji@220.109.219.244)
248. # [11:02] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
249. # [11:02] * Joins: k0rnel (n=k0rnel@krtko.org)
250. # [11:03] * Quits: Maurice (n=ano@a80-101-46-164.adsl.xs4all.nl) (Read error: 54 (Connection reset by peer))
251. # [11:03] * Joins: ROBOd (n=robod@89.122.216.38)
252. # [11:03] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
253. # [11:03] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
254. # [11:03] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
255. # [11:04] * Joins: hamaji (n=hamaji@220.109.219.244)
256. # [11:04] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
257. # [11:04] * Joins: k0rnel (n=k0rnel@krtko.org)
258. # [11:04] * Joins: workmad3 (n=davidwor@cspool65.cs.man.ac.uk)
259. # [11:05] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
260. # [11:05] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
261. # [11:05] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
262. # [11:06] * Joins: hamaji (n=hamaji@220.109.219.244)
263. # [11:06] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
264. # [11:06] * Joins: k0rnel (n=k0rnel@krtko.org)
265. # [11:09] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
266. # [11:09] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
267. # [11:09] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
268. # [11:09] * Joins: hamaji (n=hamaji@220.109.219.244)
269. # [11:09] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
270. # [11:09] * Joins: k0rnel (n=k0rnel@krtko.org)
271. # [11:10] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
272. # [11:10] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
273. # [11:10] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
274. # [11:11] * Joins: hamaji (n=hamaji@220.109.219.244)
275. # [11:11] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
276. # [11:11] * Joins: k0rnel (n=k0rnel@krtko.org)
277. # [11:12] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
278. # [11:12] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
279. # [11:12] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
280. # [11:13] * Joins: hamaji (n=hamaji@220.109.219.244)
281. # [11:13] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
282. # [11:13] * Joins: k0rnel (n=k0rnel@krtko.org)
283. # [11:13] * jgraham is disappointed that no one has yet pointed out how close the <h1 src=""> proposal is to the <include> and <a include> proposals from 1993 that mpilgrim recently blogged
284. # [11:16] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
285. # [11:16] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
286. # [11:16] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
287. # [11:16] * Joins: hamaji (n=hamaji@220.109.219.244)
288. # [11:16] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
289. # [11:16] * Joins: k0rnel (n=k0rnel@krtko.org)
290. # [11:18] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
291. # [11:18] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
292. # [11:18] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
293. # [11:18] * Joins: hamaji (n=hamaji@220.109.219.244)
294. # [11:18] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
295. # [11:18] * Joins: k0rnel (n=k0rnel@krtko.org)
296. # [11:18] * Quits: erlehmann (n=erlehman@82.113.106.22) (No route to host)
297. # [11:21] * Quits: wakaba_ (n=wakaba_@122x221x184x68.ap122.ftth.ucom.ne.jp) ("Leaving...")
298. # [11:21] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
299. # [11:21] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
300. # [11:21] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
301. # [11:22] * Joins: hamaji (n=hamaji@220.109.219.244)
302. # [11:22] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
303. # [11:22] * Joins: k0rnel (n=k0rnel@krtko.org)
304. # [11:23] * Joins: webben (n=benh@nat/yahoo/x-8454fd5329ad5b7d)
305. # [11:23] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
306. # [11:23] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
307. # [11:23] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
308. # [11:24] * Joins: hamaji (n=hamaji@220.109.219.244)
309. # [11:24] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
310. # [11:24] * Joins: k0rnel (n=k0rnel@krtko.org)
311. # [11:25] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
312. # [11:25] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
313. # [11:25] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
314. # [11:25] * Joins: hamaji (n=hamaji@220.109.219.244)
315. # [11:25] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
316. # [11:25] * Joins: k0rnel (n=k0rnel@krtko.org)
317. # [11:27] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
318. # [11:27] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
319. # [11:27] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
320. # [11:27] * Joins: hamaji (n=hamaji@220.109.219.244)
321. # [11:27] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
322. # [11:27] * Joins: k0rnel (n=k0rnel@krtko.org)
323. # [11:29] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
324. # [11:29] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
325. # [11:29] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
326. # [11:29] * Joins: hamaji (n=hamaji@220.109.219.244)
327. # [11:29] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
328. # [11:29] * Joins: k0rnel (n=k0rnel@krtko.org)
329. # [11:30] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
330. # [11:30] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
331. # [11:30] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
332. # [11:31] * Joins: hamaji (n=hamaji@220.109.219.244)
333. # [11:31] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
334. # [11:31] * Joins: k0rnel (n=k0rnel@krtko.org)
335. # [11:31] * Joins: mpt (n=mpt@canonical/mpt)
336. # [11:32] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
337. # [11:32] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
338. # [11:32] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
339. # [11:33] * Joins: hamaji (n=hamaji@220.109.219.244)
340. # [11:33] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
341. # [11:33] * Joins: k0rnel (n=k0rnel@krtko.org)
342. # [11:36] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
343. # [11:36] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
344. # [11:36] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
345. # [11:37] * Joins: hamaji (n=hamaji@220.109.219.244)
346. # [11:37] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
347. # [11:37] * Joins: k0rnel (n=k0rnel@krtko.org)
348. # [11:40] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
349. # [11:40] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
350. # [11:40] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
351. # [11:41] * Joins: hamaji (n=hamaji@220.109.219.244)
352. # [11:41] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
353. # [11:41] * Joins: k0rnel (n=k0rnel@krtko.org)
354. # [11:44] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
355. # [11:44] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
356. # [11:44] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
357. # [11:44] * Joins: hamaji (n=hamaji@220.109.219.244)
358. # [11:44] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
359. # [11:44] * Joins: k0rnel (n=k0rnel@krtko.org)
360. # [11:46] * Joins: adactio (n=adactio@host86-163-206-16.range86-163.btcentralplus.com)
361. # [11:48] * Quits: mitnavn (n=mitnavn@unaffiliated/mitnavn) (Read error: 54 (Connection reset by peer))
362. # [11:48] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
363. # [11:48] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
364. # [11:48] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
365. # [11:48] <zcorpan_> hsivonen: the spoon feed bug is about the xml parser
366. # [11:48] * Joins: hamaji (n=hamaji@220.109.219.244)
367. # [11:48] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
368. # [11:48] * Joins: k0rnel (n=k0rnel@krtko.org)
369. # [11:48] <zcorpan_> hsivonen: innerHTML says to feed the xml parser the string of a start tag and an end tag, iirc
370. # [11:49] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
371. # [11:49] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
372. # [11:49] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
373. # [11:50] * Joins: hamaji (n=hamaji@220.109.219.244)
374. # [11:50] * Joins: hcr (n=hamcore@unaffiliated/hamcore)
375. # [11:50] * Joins: k0rnel (n=k0rnel@krtko.org)
376. # [11:51] * Quits: hamaji (n=hamaji@220.109.219.244) (wolfe.freenode.net irc.freenode.net)
377. # [11:51] * Quits: k0rnel (n=k0rnel@krtko.org) (wolfe.freenode.net irc.freenode.net)
378. # [11:51] * Quits: hcr (n=hamcore@unaffiliated/hamcore) (wolfe.freenode.net irc.freenode.net)
379. # [11:51] * Joins: k0rnel (n=k0rnel@krtko.org)
380. # [11:51] * Joins: hamaji (n=hamaji@220.109.219.244)
381. # [11:59] <hsivonen> zcorpan_: ok. oops.
382. # [12:01] * Joins: hcr (n=hamcore@ns1.mediain.com.br)
383. # [12:02] <zcorpan_> wow validator.w3.org seems to say that anything is valid html5
384. # [12:02] <zcorpan_> way to go
385. # [12:06] <jgraham> def validate(document): return True
386. # [12:07] <jgraham> why did that take hsivonen so long?
387. # [12:07] <jgraham> I mean I know java is verbose, but even so...
388. # [12:07] <jgraham> ;)
389. # [12:10] <zcorpan_> now it's confirmed that html5 makes tag soup legal
390. # [12:10] <zcorpan_> and D.E, too
391. # [12:11] <jgraham> Hmm seems to wfm in that I get errors reported
392. # [12:11] <jgraham> (using Text Field)
393. # [12:12] <zcorpan_> you need detect automatically
394. # [12:13] <zcorpan_> and a doctype that triggers html5 validation
395. # [12:13] * Joins: othermaciej (n=mjs@c-69-181-42-237.hsd1.ca.comcast.net)
396. # [12:14] <jgraham> Erm, I may have been using validator.nu rahter than validator.w3.org. I lose.
397. # [12:16] * Joins: krisives (n=kris@c-71-236-246-41.hsd1.or.comcast.net)
398. # [12:16] <krisives> hi all!
399. # [12:16] <zcorpan_> hi krisives
400. # [12:16] <krisives> Has anyone ever talked about private/public hashing for INPUT tags for HTML5 ?
401. # [12:17] <krisives> I'm about to write out my idea into a blog post, but wanted to know if anyone else had started work or proposal on this type of thing
402. # [12:17] <webben> krisives: Maybe ... what sort of hashing? for what?
403. # [12:17] <zcorpan_> <input value=#>
404. # [12:18] <krisives> Most people use Javascript right now to do client-side hashing of things like passwords
405. # [12:18] <krisives> Like sending some salt and then doing MD5 in Javascript
406. # [12:18] <krisives> To avoid sending the password over the wire
407. # [12:18] <webben> right like this: http://drupal.org/node/36793 ?
408. # [12:19] <krisives> I haven't seen that, but from scanning it sounds like what I'm talking about
409. # [12:19] <krisives> I see it re-created all the time and thought it deserves a non-scripting solution
410. # [12:20] * Joins: karlcow (n=karl@nerval.la-grange.net)
411. # [12:20] <webben> I remember various discussion of hashing like http://www.blooberry.com/indexdot/html/tagpages/k/keygen.htm but I don't recall a discussion of singling out a field and converting it to a hash before sendng.
412. # [12:20] <webben> ah ha
413. # [12:20] <webben> krisives: http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2007-August/012385.html
414. # [12:20] <webben> so yes, it has been discussed
415. # [12:21] <krisives> one important thing is that it should be capable of doing salt
416. # [12:21] <webben> so I guess search the archives for related discussion :)
417. # [12:21] * Philip` guesses that the conclusion of the discussion was "if you care about security at all, use HTTPS"
418. # [12:22] <krisives> Thanks I'm reading the mailing list now
419. # [12:22] <krisives> HTTPS is broken
420. # [12:22] <Philip`> Less broken than HTTP :-)
421. # [12:22] <krisives> I can sign PayPals cert...
422. # [12:22] <krisives> Its obfustication now IMO
423. # [12:23] <webben> HTTPS does mean you aren't sending unencrypted traffic over the wire.
424. # [12:23] <webben> It just doesn't guarantee you aren't sending unencrypted traffic to the wrong destination.
425. # [12:23] <webben> (in practice)
426. # [12:24] <webben> so ... wouldn't one have the same problem with a salted password?
427. # [12:24] * webben is not a security expert, I should hasten to add.
428. # [12:27] * Philip` vaguely remembers the issues with fake cert signing simply being about MD5, which is easily solved by using better hashing algorithms (which already work perfectly well in HTTPS)
429. # [12:27] <krisives> The failures aren't the same
430. # [12:28] <krisives> When SSL fails you get the plain text password
431. # [12:28] <krisives> (Because it was transmitted)
432. # [12:28] <krisives> If this is broken you at best get a subset of what the password could have been, if you wasted enough FLOPS to break the hash
433. # [12:28] <krisives> Which also assumes you busted the salting technique
434. # [12:29] <Philip`> With HTTP, an attacker can easily intercept the response and send you a version of the HTML page that doesn't have the hashing enabled on the password input
435. # [12:29] <Philip`> and so you type your password in and the attacker gets it in plain text
436. # [12:29] <webben> krisives: But, if the endpoint is using (say) an MD5 hash to authenticate, and a middleman grabs your MD5 hash, can't the middleman use that to authenticate?
437. # [12:29] <krisives> Philip`: You can't use old technology to justify not creating new technology
438. # [12:30] <webben> krisives: You can if the proposed new technology doesn't solve problems the old one doesn't.
439. # [12:30] <webben> *old one does.
440. # [12:30] <webben> or doesn't solve any new problems.
441. # [12:30] * Quits: Lachy (n=Lachlan@72-254-97-4.client.stsn.net) (Read error: 104 (Connection reset by peer))
442. # [12:30] <krisives> webben: In my proposal the salt would actually not be transmitted over the wire but would be a truely private key, such as when the user registered
443. # [12:31] * Joins: Lachy (n=Lachlan@72-254-97-4.client.stsn.net)
444. # [12:31] <webben> krisives: what would be sent over the wire? what would prevent a middleman sending the same thing over the wire?
445. # [12:31] <krisives> Philip`'s scenario would keep the new technology from being created because the old technology can enable a flaw. The old (unsecure) tech should be deprecated
446. # [12:32] <krisives> webben: All that would be sent over the wire is a hash of the INPUT data and a salt
447. # [12:41] <Philip`> krisives: It would keep new technology from being created when its purpose is undermined by flaws in the current technology that it relies on and that hasn't been replaced yet
448. # [12:43] <krisives> I think you're on a logically slippery slope there
449. # [12:44] * gsnedders|work falls flat on his face
450. # [12:45] <krisives> A neat solution for that attack would be to force the salt to be based on the content delivered
451. # [12:45] <krisives> (or part of a composite salt)
452. # [12:46] <krisives> So the server delivers you content and saves the salt of the content delivered in server session for later verification
453. # [12:49] <Philip`> What is "the content"?
454. # [12:50] <krisives> the document
455. # [12:50] <Philip`> If you're using an insecure protocol like HTTP, the attacker could just replace the content of an external script that your page includes, to make it send the user's password to them
456. # [12:50] <Philip`> even if the page itself can't change
457. # [12:51] <krisives> By "replace the content of an external script", do you mean change a script on my host?
458. # [12:52] <Philip`> I mean change the content delivered to the user in response to their request for the script
459. # [12:53] <Philip`> (as a MITM attack)
460. # [12:54] <krisives> The hashing wouldn't be done in a script
461. # [12:54] <krisives> Thats the point of this "proposal"
462. # [12:55] <Philip`> I mean change the script to do "onload = function () { document.getElementById('hashed-password').removeAttribute('hash'); }" or similar
463. # [12:56] <Philip`> so that the user's browser won't hash the password
464. # [12:57] <krisives> And instead submit to the attacker
465. # [12:57] <Philip`> Yes, or send it unencrypted to the original server so the attacker can read it, or whatever
466. # [12:58] <Philip`> (I'm assuming the attacker can read and modify all unencrypted content passing between the client and server)
467. # [12:59] <Dashiva> If the attacker can control the content, you've already lost
468. # [13:01] <Philip`> Not really, because you can use encryption to know that you're talking to the server and not the attacker
469. # [13:01] <Philip`> but it seems unlikely to work unless the entire session is encrypted
470. # [13:02] <Philip`> (and also you need some way to verify identities of servers, which doesn't work so well nowadays)
471. # [13:03] <krisives> If something like this was adopted I would expect browsers to warn when sending unencrypted passwords more violently
472. # [13:03] <zcorpan_> if you care about security, you should hand over the password in person
473. # [13:03] <krisives> Or deprecated/remove the behaviour
474. # [13:04] <Dashiva> Philip`: How can you verify anything when the attacker can just MITM anything?
475. # [13:04] <Philip`> Dashiva: The attacker can't MITM anything, unless they put your brain in a vat and control all your sensory inputs
476. # [13:04] <Dashiva> Any client-side code is provided by the attacker
477. # [13:04] <krisives> Either way I find it hard to justify keeping the behaviour of sending the password as (obfusticated) text
478. # [13:05] <Dashiva> Philip`: They can MITM anything on the client end of the browsing session
479. # [13:08] <Philip`> Dashiva: They can MITM your internet connections for some period of time, but it's reasonable to assume that e.g. they didn't alter your installation of CD of Windows, and that means they didn't alter your OS's root certificate store, and you assume they didn't get Microsoft to install fake certificates, etc
480. # [13:08] <Philip`> s/of CD/CD/
481. # [13:08] <Dashiva> Philip`: Unsecure connection was a premise here, wasn't it?
482. # [13:08] <Philip`> and you assume certificate authorities are perfect
483. # [13:09] <krisives> I understand where everyone is going with this, but does it really justify continuing to send passwords as obfuscated plain text ?
484. # [13:10] <Philip`> Dashiva: I think the premise was a combination of insecure and secure parts of the connection (e.g. sending the password 'securely')
485. # [13:10] <Dashiva> I thought the premise was trying to do secure communication on an insecure connection
486. # [13:11] <Philip`> TCP is an insecure connection but you can do secure communication over it using SSL
487. # [13:11] <Dashiva> Because you control the code on your endpoint
488. # [13:11] <krisives> Dashiva: Philip` believes that a more secure password authentication that doesn't send the password over the wire, and instead sends a hash, is not worth having because the MITM can just rely on deprecated behaviour
489. # [13:11] <Dashiva> With a webpage, you're using code provided by an unknown party
490. # [13:12] <krisives> Philip`: I remind you again that SSL is broken
491. # [13:12] <Philip`> krisives: I don't think it justifies that, but I think the point is it doesn't justify spending effort on a solution that doesn't actually solve the problem in practice (due to flaws in the underlying technology) - the effort would be better spent on a solution that has a much better chance of working and isn't fundamentally broken, like SSL
492. # [13:13] <krisives> I disagree, because we'll be putting faith once again in another technology like SSL, that when/if broken will give access to plaintext passwords again.
493. # [13:13] <Philip`> (Uh, I mean that something like SSL isn't fundamentally broken)
494. # [13:13] <Philip`> (and didn't mean to imply the opposite)
495. # [13:14] <Philip`> Dashiva: You're using code provided by your favourite browser vendor, who might be able to implement features that ensure communication is secure
496. # [13:14] <Philip`> in theory
497. # [13:15] <Philip`> (though in practice there's so much flexibility allowed to scripts that the only solution that seems feasible is to encrypt the entire session)
498. # [13:16] <zcorpan_> maybe the attacker could modify the browser and push it onto the user with autoupdate
499. # [13:16] <krisives> Again though, "doesn't actually solve the problem in practice" only because of deprecated old technology
500. # [13:17] <Philip`> "deprecated old technology" is what exists in practice so we have to deal with it :-)
501. # [13:17] <Philip`> zcorpan_: Autoupdates are signed
502. # [13:17] <Philip`> or at least I hope they are, because browser developers can't be idiots
503. # [13:18] <Philip`> so they're guaranteed to be safe by the person who you originally trusted to download the browser from
504. # [13:19] <gsnedders|work> Philip`: I'm an idiot.
505. # [13:19] <Philip`> gsnedders|work: I mean collectively, not each individual
506. # [13:20] * krisives is probably dumber
507. # [13:20] <krisives> STUPID WAR!
508. # [13:23] <zcorpan_> gsnedders|work: you're not a browser developer
509. # [13:23] <gsnedders|work> zcorpan_: True.
510. # [13:23] <gsnedders|work> zcorpan_: I just find their mistakes.
511. # [13:25] <zcorpan_> have you found any autoupdate mistakes?
512. # [13:25] <gsnedders|work> YEs
513. # [13:25] <gsnedders|work> *Yes
514. # [13:27] <Philip`> Were you responsible for finding the mistake that autoupdate didn't exist?
515. # [13:29] <gsnedders|work> No
516. # [13:29] <Philip`> I suppose that was a subtle one and easy to miss
517. # [13:37] * Joins: kristallpirat (n=kristall@c-base/crew/kristall)
518. # [13:38] <jgraham> Philip`: He didn't say he missed it just that he didn't have responsibility for noticing it
519. # [13:39] * Parts: adactio (n=adactio@host86-163-206-16.range86-163.btcentralplus.com)
520. # [13:45] * Joins: adactio (n=adactio@host86-163-206-16.range86-163.btcentralplus.com)
521. # [14:04] * beowulf is now known as nagelring
522. # [14:05] * nagelring is now known as beowulf
523. # [14:11] * Quits: mpt (n=mpt@canonical/mpt) (Remote closed the connection)
524. # [14:12] * Joins: mpt (n=mpt@canonical/mpt)
525. # [14:17] * Joins: Sefyroth (n=Sefyroth@unaffiliated/sefyroth)
526. # [14:24] * Quits: BARTdG (n=BARTdG@5ED43020.cable.ziggo.nl) ("USB-apparaat voor massa-opslag uit het systeem verwijderd.")
527. # [14:51] * Parts: Sefyroth (n=Sefyroth@unaffiliated/sefyroth)
528. # [14:56] * lmorchard|away is now known as lmorchard
529. # [14:56] * Joins: pmuellr (n=pmuellr@nat/ibm/x-543bc8e53ac32ff8)
530. # [15:02] * Joins: ciaran_lee (i=leecn@spoon.netsoc.tcd.ie)
531. # [15:08] * Joins: nessy (n=Adium@adsl-69-107-93-121.dsl.pltn13.pacbell.net)
532. # [15:08] * Quits: nessy (n=Adium@adsl-69-107-93-121.dsl.pltn13.pacbell.net) (Remote closed the connection)
533. # [15:18] * Quits: paul_irish_ (n=paul_iri@c-71-192-163-128.hsd1.nh.comcast.net) ("Leaving...")
534. # [15:27] * Quits: virtuelv (n=virtuelv@pat-tdc.opera.com) ("Ex-Chat")
535. # [15:27] * Joins: virtuelv (n=virtuelv@pat-tdc.opera.com)
536. # [15:28] * Quits: kristallpirat (n=kristall@c-base/crew/kristall) ("Wünsche weiterhin guten Flug")
537. # [15:31] * Joins: miketaylr (n=miketayl@38.117.156.163)
538. # [15:31] * Joins: svl (n=me@ip565744a7.direct-adsl.nl)
539. # [15:49] * Joins: aroben (n=aroben@unaffiliated/aroben)
540. # [15:55] * Joins: annevk2 (n=annevk@72-254-82-30.client.stsn.net)
541. # [15:55] * gsnedders|work decides on domain for his new website
542. # [15:56] <Rik`> gsnedders|work: someone told me that your outliner should give hints about where are "Untitled sections"
543. # [15:57] <gsnedders|work> Rik`: I have plans to deal with a lot of the ambiguity. It just so happens that it also involves rewriting the entire thing :)
544. # [15:59] <gsnedders|work> Rik`: And it also means being careful in IE about infinite loops :(
545. # [15:59] <Rik`> in IE ?
546. # [15:59] * Joins: webben1 (n=benh@nat/yahoo/x-fcb8ab22b1b0013b)
547. # [15:59] * Quits: webben (n=benh@nat/yahoo/x-8454fd5329ad5b7d) ("Leaving.")
548. # [16:00] <gsnedders|work> Rik`: New impl will be JS based
549. # [16:00] <Rik`> oh
550. # [16:00] <gsnedders|work> Rik`: IE can create circular DOMs.
551. # [16:00] <Rik`> why JS based ?
552. # [16:01] <gsnedders|work> Rik`: A lot of the features people have been asking for are very hard to do without modifying the source document in some way, or are only possible with scripting that can touch that document
553. # [16:02] <Rik`> I can has a textarea to copy/paste ?
554. # [16:02] <gsnedders|work> Rik`: Yeah, I guess I'll allow that
555. # [16:04] <zcorpan_> gsnedders|work: there's a js implementation already
556. # [16:04] <Rik`> thanks ! :)
557. # [16:05] * Quits: archtech (i=stanv@83.228.56.37)
558. # [16:05] <gsnedders|work> zcorpan_: But does it have an über-cool UI?
559. # [16:05] <zcorpan_> gsnedders|work: no
560. # [16:05] <zcorpan_> but you can implement your own ui for it
561. # [16:06] <gsnedders|work> zcorpan_: Where is the impl?
562. # [16:08] <zcorpan_> gsnedders|work: http://d.hatena.ne.jp/amachang/20090915/1252999677
563. # [16:10] <jgraham> zcorpan_: No licensing information that I can see
564. # [16:11] <gsnedders|work> zcorpan_: Also, IRC logs from before have me concluding that doesn't protect itself from IE
565. # [16:12] <gsnedders|work> Also: I want decent blog software
566. # [16:12] <zcorpan_> who cares about ie
567. # [16:12] <zcorpan_> gsnedders|work: me too, and a pony
568. # [16:13] <gsnedders|work> Habari claims to include a pony, but it still isn't decent.
569. # [16:13] * jgraham doesn't want a pony
570. # [16:13] <gsnedders|work> (but is nevertheless used on gsnedders.com)
571. # [16:13] <gsnedders|work> (but is PHP and so is evil)
572. # [16:13] <jgraham> They seem like a lot of effort to look after and in any case I am probably too tall to ride one
573. # [16:13] <gsnedders|work> (w00t for languages without Unicode support)
574. # [16:14] <jgraham> So it seems like it would mostly be a drag
575. # [16:14] <jgraham> After the initial cuteness wore off
576. # [16:14] * gsnedders|work thinks, then realizes it was a horse he rode a couple of years back
577. # [16:19] * Quits: BenGerrissen (n=chatzill@213.208.242.186) ("ChatZilla 0.9.85 [Firefox 3.0.15/2009101601]")
578. # [16:20] * Joins: ttepasse (n=ttepas--@p5B017240.dip.t-dialin.net)
579. # [16:24] * Joins: dglazkov (n=dglazkov@c-67-188-0-62.hsd1.ca.comcast.net)
580. # [16:28] * Joins: myakura (n=myakura@72-254-122-171.client.stsn.net)
581. # [16:30] * Quits: Rik` (n=Rik`@chn38-1-78-231-168-7.fbx.proxad.net)
582. # [16:30] * Joins: kristallpirat (n=kristall@c-base/crew/kristall)
583. # [16:33] * Quits: JoePeck (n=JoePeck@cpe-74-69-85-249.rochester.res.rr.com) (Read error: 54 (Connection reset by peer))
584. # [16:33] * Quits: KevinMarks (n=KevinMar@c-67-164-14-96.hsd1.ca.comcast.net) ("The computer fell asleep")
585. # [16:33] * Joins: JoePeck (n=JoePeck@cpe-74-69-85-249.rochester.res.rr.com)
586. # [16:36] * Joins: hobertoAtWork (n=hobertoa@gw1.mcgraw-hill.com)
587. # [16:42] * Parts: krisives (n=kris@c-71-236-246-41.hsd1.or.comcast.net)
588. # [16:42] * hsivonen reads Noah Mendelsohn's slides
589. # [16:42] <hsivonen> no 'con' about proprietary lock-in
590. # [16:43] <hsivonen> also, is the implied assumption that HTML, SVG and Math WGs shouldn't have to coordinate?
591. # [16:43] * Quits: weinig (n=weinig@c-67-180-35-124.hsd1.ca.comcast.net)
592. # [16:44] <annevk2> not sure
593. # [16:44] <annevk2> I wonder how that panel will go
594. # [16:44] <annevk2> starts in an hour
595. # [16:45] * Quits: zcorpan_ (n=zcorpan@c83-252-193-59.bredband.comhem.se)
596. # [16:46] <hsivonen> not many people on #tpac
597. # [16:46] <hsivonen> is the session going to be IRC-minuted
598. # [16:48] <annevk2> there's #tpac, #tp, and #tpac09
599. # [16:48] <annevk2> #tpac seems most popular but only #tp has a topic
600. # [16:49] <annevk2> not sure about minutes, but given how things went last year I'd assume so
601. # [16:49] <annevk2> last year there was a live video channel as well I think
602. # [16:49] <Dashiva> There were some sessions minuted in #webapps
603. # [16:52] <hsivonen> I'm always puzzled when W3C specs like SVG and MathML are put forward as decentralized extensions without coordination
604. # [16:52] <hsivonen> surely they are centralized at the W3C and should be coordinated
605. # [16:53] <hsivonen> annevk2: thanks. I joined all those channel
606. # [16:53] <hsivonen> s
607. # [16:53] <hsivonen> I didn't find a link to a video or audio feed
608. # [16:54] <annevk2> me neither
609. # [16:54] <annevk2> I'm sure some more W3C staff will be around on IRC later
610. # [16:54] <annevk2> they can prolly help out
611. # [16:54] <gsnedders|work> I don't think there was any video last year
612. # [16:55] <gsnedders|work> (And if there was, I guess it was incomplete due to losing power during the keynote)
613. # [16:55] * Quits: Lachy (n=Lachlan@72-254-97-4.client.stsn.net) (Read error: 104 (Connection reset by peer))
614. # [16:55] * Joins: jamalta (n=jamalta@209.20.66.76)
615. # [16:55] <hsivonen> I've been to a TPAC where there was audio and the captioner couldn't keep up with TimBL
616. # [16:55] * Joins: Lachy (n=Lachlan@72-254-97-4.client.stsn.net)
617. # [16:56] <gsnedders|work> 07, no?
618. # [16:57] <hsivonen> maybe
619. # [16:58] * Quits: maikmerten (n=merten@ls5dhcp196.cs.uni-dortmund.de) (Remote closed the connection)
620. # [17:04] * Quits: dglazkov (n=dglazkov@c-67-188-0-62.hsd1.ca.comcast.net)
621. # [17:05] * Joins: TabAtkins (n=chatzill@72-254-47-172.client.stsn.net)
622. # [17:07] * Quits: shepazu (n=schepers@72-254-85-102.client.stsn.net)
623. # [17:12] * Joins: cardona507 (n=cardona5@72-254-49-2.client.stsn.net)
624. # [19:19] * Disconnected
625. # [19:20] * Attempting to rejoin channel #whatwg
626. # [19:20] * Rejoined channel #whatwg
627. # [19:20] * Topic is 'WHATWG: http://www.whatwg.org/ -- logs: http://krijnhoetmer.nl/irc-logs/ -- stats: http://gavinsharp.com/irc/whatwg.html -- Please leave your sense of logic at the door, thanks!'
628. # [19:20] * Set by annevk42 on Mon Oct 19 22:03:06
629. # [21:21] * Disconnected
630. # [21:22] * Attempting to rejoin channel #whatwg
631. # [21:22] * Rejoined channel #whatwg
632. # [21:22] * Topic is 'WHATWG: http://www.whatwg.org/ -- logs: http://krijnhoetmer.nl/irc-logs/ -- stats: http://gavinsharp.com/irc/whatwg.html -- Please leave your sense of logic at the door, thanks!'
633. # [21:22] * Set by annevk42 on Mon Oct 19 22:03:06
634. # [21:29] * Joins: Lachy (n=Lachlan@72-254-97-4.client.stsn.net)
635. # [21:31] * Quits: cardona507 (n=cardona5@72-254-49-2.client.stsn.net)
636. # [21:34] * Joins: tantek (n=tantek@72-254-104-232.client.stsn.net)
637. # [21:35] * Quits: zcorpan (n=zcorpan@c83-252-193-59.bredband.comhem.se) (Read error: 60 (Operation timed out))
638. # [21:37] * maikmerten is now known as maik|afk
639. # [21:39] * Joins: Midler (n=midler@79.138.217.178.bredband.tre.se)
640. # [21:40] * Quits: JoePeck (n=JoePeck@jpecoraro.rit.edu)
641. # [21:42] * Joins: JoePeck (n=JoePeck@jpecoraro.rit.edu)
642. # [21:46] * Quits: TabAtkins (n=chatzill@72-254-47-172.client.stsn.net) (Read error: 110 (Connection timed out))
643. # [21:47] * ryduh is now known as ryduh-lunch
644. # [21:49] * Joins: JoePeck_ (n=JoePeck@jpecoraro.rit.edu)
645. # [21:51] * Quits: tantek (n=tantek@72-254-104-232.client.stsn.net)
646. # [21:54] * Quits: Lachy (n=Lachlan@72-254-97-4.client.stsn.net) ("This computer has gone to sleep")
647. # [21:57] * Quits: JoePeck_ (n=JoePeck@jpecoraro.rit.edu) (Read error: 60 (Operation timed out))
648. # [21:58] * Joins: cardona507 (n=cardona5@209.172.114.240)
649. # [21:58] * Quits: JoePeck (n=JoePeck@jpecoraro.rit.edu) (Connection timed out)
650. # [21:59] * Joins: Lachy (n=Lachlan@72-254-97-4.client.stsn.net)
651. # [22:02] * Quits: ROBOd (n=robod@89.122.216.38) ("http://www.robodesign.ro")
652. # [22:03] * Quits: maik|afk (n=maikmert@U04a0.u.pppool.de) (Read error: 104 (Connection reset by peer))
653. # [22:03] * Quits: cardona507 (n=cardona5@209.172.114.240) (Read error: 104 (Connection reset by peer))
654. # [22:03] * Joins: cardona507 (n=cardona5@209.172.114.240)
655. # [22:05] * Quits: Lachy (n=Lachlan@72-254-97-4.client.stsn.net) ("This computer has gone to sleep")
656. # [22:06] * Joins: Lachy (n=Lachlan@72-254-97-4.client.stsn.net)
657. # [22:14] * Joins: JoePeck (n=JoePeck@jpecoraro.rit.edu)
658. # [22:14] * Quits: fishd (n=darin@nat/google/x-5ac880f6da7ad1ab) (Read error: 110 (Connection timed out))
659. # [22:17] * Joins: dbaron (n=dbaron@nat/mozilla/x-a7030c749ff08582)
660. # [22:17] * Quits: Lachy (n=Lachlan@72-254-97-4.client.stsn.net) ("This computer has gone to sleep")
661. # [22:20] * Quits: webben (n=benh@nat/yahoo/x-d04846f5b39769c6) (Client Quit)
662. # [22:20] * Quits: cardona507 (n=cardona5@209.172.114.240) (Read error: 104 (Connection reset by peer))
663. # [22:21] * Joins: cardona507 (n=cardona5@209.172.114.240)
664. # [22:22] * Quits: cardona507 (n=cardona5@209.172.114.240) (Client Quit)
665. # [22:26] * aroben|lunch is now known as aroben
666. # [22:29] * Joins: Lachy (n=Lachlan@72-254-97-4.client.stsn.net)
667. # [22:29] * Quits: gsnedders (n=gsnedder@c83-252-236-152.bredband.comhem.se) (Remote closed the connection)
668. # [22:29] * Joins: gsnedders (n=gsnedder@c83-252-236-152.bredband.comhem.se)
669. # [22:31] * Joins: myakura (n=myakura@72-254-122-171.client.stsn.net)
670. # [22:32] * Joins: annevk2 (n=annevk@72-254-82-30.client.stsn.net)
671. # [22:35] * Joins: ttepasse (n=ttepas--@dslb-084-060-053-162.pools.arcor-ip.net)
672. # [22:36] * Joins: cardona507 (n=cardona5@72-254-49-2.client.stsn.net)
673. # [22:49] * Joins: fishd (n=darin@nat/google/x-5274e6a23f06af54)
674. # [23:01] * Joins: nessy (n=Adium@216.239.45.19)
675. # [23:02] * ap_ is now known as ap
676. # [23:03] * aroben is now known as aroben|meeting
677. # [23:16] * ryduh-lunch is now known as ryduh
678. # [23:18] * Quits: BlurstOfTimes (n=blurstof@168.203.117.66) ("Leaving...")
679. # [23:18] * Joins: tantek (n=tantek@72-254-104-232.client.stsn.net)
680. # [23:20] * Quits: othermaciej (n=mjs@c-69-181-42-237.hsd1.ca.comcast.net)
681. # [23:21] * Joins: CriticalMass (n=chatzill@195.69.154.32)
682. # [23:22] * Quits: CriticalMass (n=chatzill@195.69.154.32) (Client Quit)
683. # [23:26] * Joins: ojan (n=ojan@72.14.229.81)
684. # [23:27] * Joins: riven` (n=colin@53518387.cable.casema.nl)
685. # [23:28] <gsnedders> Hmm, debit card failing, yet bank says it is still active.
686. # [23:29] * Quits: riven (n=colin@53518387.cable.casema.nl) (Read error: 54 (Connection reset by peer))
687. # [23:29] * Quits: bzed (n=bzed@devel.recluse.de) (Read error: 60 (Operation timed out))
688. # [23:29] * Joins: bzed_ (n=bzed@devel.recluse.de)
689. # [23:29] * bzed_ is now known as bzed
690. # [23:32] * Quits: pmuellr (n=pmuellr@nat/ibm/x-543bc8e53ac32ff8) (Read error: 110 (Connection timed out))
691. # [23:40] * Quits: gsnedders (n=gsnedder@c83-252-236-152.bredband.comhem.se)
692. # [23:43] * Joins: doublec_ (n=doublec@203-97-204-82.dsl.clear.net.nz)
693. # [23:45] * Quits: doublec_ (n=doublec@203-97-204-82.dsl.clear.net.nz) (Client Quit)
694. # [23:45] * Quits: doublec (n=doublec@li30-216.members.linode.com) ("ZNC - http://znc.sourceforge.net")
695. # [23:46] <dglazkov> have we pulled datagrid from html5?
696. # [23:46] * Joins: doublec (n=doublec@li30-216.members.linode.com)
697. # [23:46] <dglazkov> is it gone-gone or just moved to another spec?
698. # [23:46] <annevk2> it was commented out
699. # [23:46] <annevk2> it was not stable enough
700. # [23:46] <annevk2> I believe dhyatt is toying with an alternate design for it
701. # [23:47] * aroben|meeting is now known as aroben
702. # [23:47] <dglazkov> annevk2: good to know.
703. # [23:48] <dglazkov> thanks
704. # [23:49] <JonathanNeal> So it's commented out of the html5 spec?
705. # [23:50] * Quits: weinig (n=weinig@17.246.16.97)
706. # [23:51] <annevk2> yes
707. # [23:51] <annevk2> maybe it is no longer in the source either; I forgot
708. # [23:52] <annevk2> it's still there
709. # [23:52] <annevk2> v2datagrid
710. # [23:53] * Quits: Maurice (i=copyman@5ED548D4.cable.ziggo.nl)
711. # [23:53] * Quits: JoePeck (n=JoePeck@jpecoraro.rit.edu)
712. # [23:54] * Quits: ttepasse (n=ttepas--@dslb-084-060-053-162.pools.arcor-ip.net) (Read error: 60 (Operation timed out))
713. # [23:56] * Joins: ttepasse (n=ttepas--@dslb-084-060-031-148.pools.arcor-ip.net)
714. # [23:59] * lmorchard is now known as lmorchard|away
715. # Session Close: Thu Nov 05 00:00:00 2009

The end :)