Planning the 2024-03-20 meeting

[dveditz]

Planning the 2024-03-20 WebAppSec meeting. Please add potential topics below

[javifernandez]

I'd like to get feedback about this PR to merge the Ed25519 and X25519 algorithms from the Secure Curves Community Group Draft Report into the Web Cryptography API specification.

In this issue it's described the current implementation status.

[twiss]

I'd also like to discuss Curve25519 indeed, as well as a proposal for other modern algorithms in Web Crypto, and feature detection (e.g. crypto.subtle.supports).

[shhnjk]

I'd like to discuss about adding reports for iframes into Permissions Policy: https://github.com/w3c/webappsec-permissions-policy/issues/537

[aaronshim]

I'd also like to continue the discussion on this PR around the WebAppSec Mitigations Wiki and where the most appropriate permanent home for this information might be.

[plehegar]

agenda+ TPAC 2024: webappsec meeting?

[[ The schedule of the week should be as follows:

• Monday 23 September: Group meetings
• Tuesday 24 September: Group meetings all day, AC plenary sessions in the afternoon
• Wednesday 25 September: Breakout sessions all day
• Thursday 26 September: Group meetings
• Friday 27 September: Group meetings

Each group will be able to ask for 90-minute and/or 2-hour slots. You may ask for several slots. ]]

[plehegar]

agenda+ charter: https://github.com/w3c/webappsec/issues/645, https://github.com/w3c/webappsec/issues/646

[plehegar]

agenda+ Introducing @simoneonofri , new W3C Web Security Lead

[lukewarlow]

Could we add https://github.com/w3c/webappsec-csp/issues/651 to the agenda please, sorry it's a bit late.

[lukewarlow]

And also could we add https://github.com/w3c/trusted-types/issues/221 please.

[mikewest]

@lukewarlow: I'll add these to the agenda.

@camillelamy: I'll add https://github.com/explainers-by-googlers/document-isolation-policy/ as well, per our conversation elsewhere.