< be ... bleything. > < synf ... gmail. > < svbi ... gmail. > < svbi ... gmail. > < squ ... google. > < svbi ... gmail. > < squ ... google. > < svbi ... gmail. > < nol ... live. > < squ ... google. > < svbi ... gmail. > < svbi ... gmail. > < squ ... google. > < blog ... googlegroups. > < blog ... googlegroups. < blog ... googlegroups. > < blog ... googlegroups. < blog ... googlegroups. > < blog ... googlegroups. < blog ... googlegroups. > < blog ... googlegroups. > < blog ... googlegroups. < blog ... googlegroups. > < blog ... googlegroups. > < guil ... gmail. > < fran ... googlemail. >< guil ... gmail. > < fran ... googlemail. wrote: I have been intending to propose a plete solution of this sort, although finding the spare time has been an issue. At the very least the JARs used to pile the project by should be made visible/downloadable and the versions to be considered stable / current with GroovyWS sources need to be agreed. I have a Maven pom which I started developing for GroovyWS (though I will migrate to Ivy since Maven seems heavyweight for dependency management only) which was intended to JAR download all the packages referenced by name in the ant build.properties for GroovyWS. The problem I ran into was that some of the JARs aren't served up by maven/ibiblio at all (or at least i struggled to find them!) Then, those which I did find were often not available in exactly the version of the properties file, so I took a best guess. In the process I upgraded to later versions in several JARs and pruned out about 4-5 JARs which were not neccessary for the pile - my doing so could pose problems at runtime for aspects of WS interoperability which we weren't using. This implies any JARs not needed at pile time need to be separated out into a /dist folder or something. The lack of a any tests hides potential runtime problems caused by removal of JARs (at the very least) and makes it hard for developers to know if changes they make or propose are valid or would cause failures for others. A further change I would dearly like to see for the GroovyWS Client / Server classes is to extract all the logic that's presently inbuilt into the constructors into a separate initializer method. ttpbbssvn.codehaus./groovy-contrib/groovyws/trunk/src/main/java/groovyx//ws/WSClient.java ttpbbssvn.codehaus./groovy-contrib/groovyws/trunk/src/main/java/groovyx//ws/WSServer.java This has posed numerous issues during test writing; MockFor actually news up instances of a type and only intercepts method calls. Thus, when we new the WSClient the many lines of code in the actual class are executed, which considering its parsing a WSDL and then building dynamic classes using XFire its pretty heavyweight and without the correct setup causes numerous problems.. a real pain for testing. A more flexible solution would be to use a default empty constructor and for backward patibility provide a factory method on the class to those who want to continue expecting the same behaviour. eg: public static WSClient instanceof(String loc, ClassLoader cl) { WSClient client = new WSClient(loc, cl); client.initialize(); return client; } public WSClient(String loc, ClassLoader cl) { = cl; this.loc = loc; } public void initialize() { URL url; try { url = new URL(loc); if (url.getProtocol().equals("ttps")) setSSL(); } catch (MalformedURLException e) { e.printStackTrace(); } if (bba) initializeBa(); if (bproxy) initializeProxy(); } On Wed, Nov 19, 2008 at 10:11 AM, Graeme Rocher < grae ... springsource. > < fran ... googlemail. > < grae ... springsource. > < pau ... asert..au > < guil ... gmail. > < jade ... gmail. >< cloj ... googlegroups. > < much for taking the time to join us. It was very, very useful! JAR: mentions pet names: that one should never trust the names given to you by anyone else ... you get to designate your own name, rather than blindly accepting the name given you by a server DC: I visit 10000 web pages a day, can't give them all pet names JAR: solution is proposed, but isn't yet usable perhaps? NM: when about to click on a link, I should know what I'm clicking on (tracker, note we're discussing ISSUE-27 IRIEverywhere-27 ) NM: if a page contains 50 links (to images for example), should I get to choose whether I want to access all 50 of them? ... associate my own pet name with a given URI? TBL: what's the process? JAR: the point is that it makes it possible for the user to discriminate NM: the user can be confused, but only the first time - when they make the pet name association TBL: system should protect you from confusing your pet names JAR: overall constraint is exactly that - to make it more difficult to confuse the user with names DC: can you (JAR) post to www-tag about pet names? LMM: how about IRI list instead? note that petnames were discussed and even speced *extensively* in the WSC WG. Implementers wouldn't have any of that. ACTION: jonathan discuss petname application to IRI spoofing in public-iri and www-tag [recorded in [29] www.w3./2009/12/08-tagmem-minutes.html#action02 ] [29] www.w3./2009/12/08-tagmem-minutes.html#action02 Created ACTION-343 - Discuss petname application to IRI spoofing in public-iri and www-tag [on Jonathan Rees - due 2009-12-15]. HTML5, WebSockets, XHR, CORS action-343? ACTION-343 -- Larry Masinter to discuss petname application to IRI spoofing in public-iri and www-tag -- due 2009-12-15 -- OPEN [30] www.w3./2001/tag/group/track/actions/343 [30] www.w3./2001/tag/group/track/actions/343 NM: WebSockets is moving fast... LMM: wanted to noted the IETF meeting on HyBi [31] dev.w3./html5/websockets/ [31] dev.w3./html5/websockets/ LMM: two groups - one documenting current practice on long-polling et al with HTTP [32] tools.ietf./html/draft-hixie-thewebsocketprotocol [32] tools.ietf./html/draft-hixie-thewebsocketprotocol LMM: and another discussing WebSockets ... result, I believe, was that WG forming would focus on WebSockets NM: how about CORS? ACTION-331 ? ACTION-331 -- Dan Connolly to consider ways to track the 'confused deputy problem' issue in webapps/cors -- due 2009-11-24 -- PENDINGREVIEW [33] www.w3./2001/tag/group/track/actions/331 [33] www.w3./2001/tag/group/track/actions/331 [34] www.w3./2008/webapps/track/issues/108 [34] www.w3./2008/webapps/track/issues/108 DC: TPAC goal achieved ... Mark Miller took the ball, resulting in the UMP proposal: [35] lists.w3./Archives/Public/public-webapps/2009OctDec/at t-0931/draft.html [35] lists.w3./Archives/Public/public-webapps/2009OctDec/att-0931/draft.html DanC: what's critically different between UniformRequest and XMLHTTPRequest is that no cookies go out; it's not clear to me why that's more secure NM: Note that uniform messaging looks at the Javascript level just like XHR, except that you "new" a different object to start. ... if you want to do something different, you have to put your credential/permission elsewhere JK: there are two parts to the spec: HT: yes, you put it in your code DanC: but who is "you"? the server? the client? the attacker? i) that an HTTP response header can be sent saying that the server opts-out of SOP JAR: the code is the attacker... ... if he doesn't have permission, he can't do anything dangerous. ii) the UA uses a new XHR that doesn't send cookies meaning any "credentials" are i) not site-specific ii) not sent implicitly DanC_, you wanted to talk about credential/permission DC: some concerns about the terminology regarding 'permission' sent as editorial ments on permission and such [36] lists.w3./Archives/Public/www-archive/2009Dec/0021.htm l [36] lists.w3./Archives/Public/www-archive/2009Dec/0021.html JAR: proof of permission? "proof of permission" would be good; maybe I'll suggest that in email to the editors noah, you wanted to ask about munity reaction to uniform messaging draft DC: it's good that CORS has an issue open on confused deputy so the WG has to choose UM or not before going to LC ... how, for example, does this impact sandboxed iframes, for example? ACTION Jonathan to alert TAG chair when CORS and/or UMP goes to LC Created ACTION-344 - Alert TAG chair when CORS and/or UMP goes to LC [on Jonathan Rees - due 2009-12-15]. close action-321 ACTION-321 lightly edit TAG input to DAP WG per 8 Oct and tell Noah closed action-331? ACTION-331 -- Dan Connolly to consider ways to track the 'confused deputy problem' issue in webapps/cors -- due 2009-11-24 -- PENDINGREVIEW [37] www.w3./2001/tag/group/track/actions/331 [37] www.w3./2001/tag/group/track/actions/331 close action-331 ACTION-331 Consider ways to track the 'confused deputy problem' issue in webapps/cors closed Review agenda, meeting goals NM: we discussed 3 big items (linked in agenda) before the summer ... later moved to closely study HTML5 ... is there something bigger than the sum of the parts (ie. action items) similar to webarch that we want to do beyond review of detailed actions? AM: as we begin talking about web apps, metadata it might bee obvious if we want to write something more "overarching" LMM: we had talked about creating products of long-term value? NM: such as the "architecture of web applications" ... agenda is in service of a set of goals ... agenda does reflect those goals Metadata Architecture: ISSUE-63: Metadata Architecture for the Web ACTION-282 ACTION-282? ACTION-282 -- Jonathan Rees to draft a finding on metadata architecture. -- due 2009-12-02 -- PENDINGREVIEW [38] www.w3./2001/tag/group/track/actions/282 [38] www.w3./2001/tag/group/track/actions/282 JAR:Our job is to encourage a connected, open Web, and a "global" approach to metadata seems important for that. Is there a related way to understand some of the "puzzles" - RDFa vs. Microdata, XRD/LRDD/Link, related HTTP semantics; using URIs to "refer" rather than to "locate"; link rel="canonical", multimedia "bookmarking" and the nature of "authoritative"? [Jonathan's draft at [39] www.w3./2001/tag/2009/12/metameta.html is what we're reviewing] [39] www.w3./2001/tag/2009/12/metameta.html TBL: I thought we were doing an overall model of the whole "shebang" - not just philosophical layer. This includes APIs, no? JAR: that seems like an opportunity we have (I'm not sure I agree with TBL that the AWWSW model is "not philosophical". I'm not sure there any falsifiable claims in it. Maybe around "immutable resources", but I don't see that as a pressing issue.) AM: we should start from metadata use-cases ... these are the situations in which you might want some metadata ... then we can say "in situation N, here's what you ought to do..." JAR: yes, use-cases are very important JK: what if someone doesn't acquire metadata in the way you suggest even in a given use-case? TBL: You can tell them what they would be losing by doing it differently LMM: in my earlier work, I was taking a narrower perspective on "what is metadata" than I think we have generally taken. For example, perhaps related to the difference between metadata about information resources vs. metadata about non-information resources? TBL: Metadata is data about documents. If it's about an information resource, then it's metadata. If it is about something else, it isn't. LMM: That's the conventional meaning, I think [40] www.e-learningguru./articles/metacrap.htm [40] www.e-learningguru./articles/metacrap.htm JAR: that is part of the work we need to do to bound this project. Metadata can e from many different places - a protocol might only get that metadata from one place - "first-party provided" metadata NM: you're stopping short of discussing the impact of provenance? JAR:No. NM:There is a big difference between we know a claim about something, or whether we know the thing itself. There is a difference of trust. Is the statement "noah says the wall is brown", or "the wall is brown"? AM: yes [the metacrap reference is old: Version 1.3: 26 August 2001 -- here's the original [41] www.well./~doctorow/metacrap.htm ] [41] www.well./~doctorow/metacrap.htm TBL: Almost anyone who deals with any data on the web technology deals with and is aware of provenence. It is a large area, but we don't have to get into it deeply now. JAR: Most of my draft is a list of questions. Those questions could stimulate actions items - there is a lot of work here. Does metadata have any special role on the web? TBL: Metadata is data about documents, and as docuements have a special role in web architecture, so metdata has a special role to a certain extent. LMM: In the narrow definition, metadata is data about "information resources" NM: if someone makes a statement about a document, it is clearly metadata. If someone makes a statement such as "I was born on November 3rd" what do we call that statement? LMM: There are some special properties of documents that make them more interesting in this regard. DC: Can you be more specific? HT: There's a fundamental difference between representations whose referents are available digitally and those which are not. Therefore reasoning about them is different DC: Larry, can you be more specific about the properties of a document that make it more interesting this way? TBL: AWWW spends a lot of time trying to describe this so it's very important - deal with the Web, you deal with docs. the library and digital library munity have a long history of establishing "metadata" for items that might appear in a world of managed information, and that this tradition is instructive, helpful, and with available techniques for management, refinement. The general "knowledge management" problem is hard, but the "metadata management" problems are tractable NM: take a set of measurements and record them ... if I then also record that I took these measurements on a particular date, then that is metadata about the measurements ... if you limit only to digital representations, it seems to me you lose the historical meaning of metadata ("I don't want to get hung up on terminology" <-- famous last words. terminology _is_ the problem. Agreeing on terminology is solving the problem.) LMM: metadata was about "what was in the card catalogue" let's do terminology after we cover use cases. no, let's not LMM: mon way to describe that the book in library a was the same book as in library b let's try out terminology as we discuss use cases, and keep careful eye on which terms fortably fit and which ones don't. LMM: Dublin Core was a way of cataloging metadata about documents / IRs ... value is to leverage that work NM: you don't buy my 'measurements' example? ... not scoped only to library usage AM: I think we should ask different questions there are things that are on the boundary ... you can treat them as "information resources" or not AM: what could *we* write that would be useful here? ([42] en.wikipedia./wiki/Metadata is disappointing in that it doesn't have a history section like most good encyclopedia articles) [42] en.wikipedia./wiki/Metadata ht, you wanted to say "yes" to NM wrt measurements Dublin Core: I think you should split the screen HT: yes, Noah, your example is within "metadata" scope ... I think Dublin Core is useful for any set of digital data right... JAR: back to document... ... not a lot of standardization ... poor incentives for creating explicit metadata ... difficult to deploy - why? ... difficult to validate ... it doesn't feel that all of these things are adequately connected - it doesn't feel like a "Web" (the mismatch betwen CiteULike and Amazon ... I wonder how many man-hours a day that costs the world. Sounds a lot like what LMM was talking about for library metadata in the 1st place... "how do you know it's the same book?") HT: host-meta is data about a set of resources LMM: there's a question about metadata when related to statements made about a person TBL: lots of people are not doing metadata when they are making statements of identity of people. The issue of different people assigning different names to the same person is quite general. Let's not expand the scope of "Metadata" to the semantic web in general. There is a general problem of co-reference... different people assigning different names to the same thing ... let's not try to tackle that under the rubric Metadata as though it were special to people or people were special to metadata. TBL: people, music, place names, countries (and other administrative areas) all have data about them and coreference issues ... we shouldn't focus only on authors JAR: is RDF "nose-following" a metadata use-case? LMM: metadata has a data model, a vocab, a serialization, and method of association (linking/embedding) [43]Framing an Architecture for Metadata on the Web [43] lists.w3./Archives/Public/www-tag/2009Jul/0153.html LMM was talking about that ^ RDF nose-following is a technical solution for many of these problems, coupled with the stitched-together quilt of grass-roots ontologies. From Wikipedia: JAR: what are interesting cases that deal with metadata? Metadata (meta data, or sometimesmetainformation) is "data about data", of any sort in any media. Metadata is text, voice, or image that describes what the audience wants or needs to see or experience. The audience could be a person, group, or software program. LMM: if we have a framework for metadata, we can use this to explore the specific cases and see how/if it applies The above is Wikipedia def of metadata. Consonant with my assumptions. JAR: that suggests a matrix between your framework items (LMM - see earlier list) and the uses documented in my draft ... (describes examples listed in linked document) note [44] tools.ietf./html/draft-reschke-rfc2731bis-05 [44] tools.ietf./html/draft-reschke-rfc2731bis-05 JAR: is anything different since RDF/Dublin Core? ... (references Metadata Activity statement) [45] dublincore./documents/2008/08/04/dc-html/ [45] dublincore./documents/2008/08/04/dc-html/ metadata activity statement: [46] www.w3./Metadata/Activity [46] www.w3./Metadata/Activity NM: ADJOURN FOR LUNCH [47] gov2..au/files/2009/12/Draft-Government-2-0-Report-rel ease.pdf [47] gov2..au/files/2009/12/Draft-Government-2-0-Report-release.pdf jar, [48] gov2..au/about/draftreport/#rec6 [48] gov2..au/about/draftreport/#rec6 that's wierd. -------------------------- scribenick: timbl just a sec while I sync the agenda Noah: We have to Web App Arch slots, one now and one for the same time tomorrow. Raman: I can't make tomorrow morning PST ... I can make 15:00-17:00 EST Noah: Philippe Le Hégaret has offered to join us. [49] www.w3./2001/tag/tag-weekly#Application [49] www.w3./2001/tag/tag-weekly#Application Web Application Architecture [50] www.w3./2001/tag/doc/content-to-apps.html [50] www.w3./2001/tag/doc/content-to-apps.html [51] www.w3./2001/tag/2009/09/webAppsTOC-20090921 That is the thing which Ashok et al did, This is what JAR did [51] www.w3./2001/tag/2009/09/webAppsTOC-20090921 Noah: We have two documents to frame this discussion: 1. Jonathan as revised the [52]Table of Contents for Web Application Architecture that was gathered at the June and Sept. TAG F2F Meetings. 2. Ashok, with help from Raman and Larry, has prepared [53]From Web Content to Applications [52] www.w3./2001/tag/2009/09/webAppsTOC-20090921 [53] www.w3./2001/tag/doc/content-to-apps.html Ashok: Most of this talks about how the web started as a web of documents, and is now turning into a web of apps. ... That is useful stuff, but we wanted to extract the issues engendered by this fundamental shift. ... None of us looked at Web IDL -- we didn't have the knowledge ... One question is, how to capture state. This is plicated. ... There is HTML5 work split out into Storing Client-Side State, as there are two specs, one SQL-based, and the other keyword/value based. ... You send in data from the user, and the app by its nature has lots of data. It has to be protected: it has to have policies about its access. ... The third on which Larry put up is that the Web is now more plex. ... It has different sorts of user agent, different URI schemes, and so on. What does this imply? ... So those were are main pints, plus the UMP stuff -- how does UMP extends to multiple agents? (UMP = Uniform Messaging) [seee required reqding] ... The trouble is, you are going to make a request of an app, and the app is in fact behind many appliances. The appliances can municate. WHat do we do about this data being secure, protected? [54] www.w3./2001/tag/2009/09/webAppsTOC-20090921 [54] www.w3./2001/tag/2009/09/webAppsTOC-20090921 Masinter: My intent, I thought, was to elaborate some of these points into paragraphs. Masinter: Other bits still need to be done. DanC_, you wanted to answer tbl: yes, the state of the art is (a) "installed stuff", including extensions and MacOS widgets and phone apps (b) remote code, e.g. scripts in web Tim: Some times will the application be downloaded by the user and installed and trusted, making the security situation surely much simpler? Like with an installed desktop app or a iPhone app DanC: There are two design centers. The installed code, and the web site script case. But they are starting to overlap in some cases. noah, you wanted to talk about device APIs permissions TimBL: Like running Mac mail and a web version of it which try to be the same interface. Noah: If I am a smart user, then I expect there are bounds to what I have trusted it to do, and those bounds are being stretched, like with geolocation. The stickiness of the policy is where this happnes. Does the permission stick? (speaking of letting my browser run javascript, after reading crockford's writings, I installed noscript immediately. It's fairly painful, but the alternative is to turn my puter over to anybody on the inter who wants to use it for whatever purpose they see fit and blame it on me.) Noah: A huge barrier to getting people to move apps to the web, it asks anew whether it can have your location, which is frustrating. Maybe a longer term storage of the preferences would help. TimBL: I am surprised if these things are not remembered by web site Ashok: Where would that be stored? On the client or server? Noah: Not relevant DanC: In fact a Firefox extension can change that from local to remote John: A mon trust model is this origin-based thing -- a (widget) package which is verified as ing from an origin via a signature. ... Another mon trust model is like iGoogle -- Google gadgets are assembled onto a home page for you, and Google has 'vetted' the code: Google is the thing which you trust johnk, you wanted to note that code for an application might e from multiple un-trusting (of each other) elements ht, you wanted to ask TBL about gmail John: There is a third possibility we hadn't even counted about, where the client is making the mashup and assembling things from multiple sources which may not trust each oither. A more dynamic situation. This involves cross-site scripting. Henry: Normal users do not really understand the distinction. TimBL: They know whether they have installed an iphone app Noah: GMail on the gPhone is really a web abb which behaves like an app. zaki, close the queue Ashok: It looks as though there are just two cases, downloaded [installed] app and web app. There could be a third situation. Henry: No, the consumer would not distinguish. (a) The "WebApps" working group is working on something like Adobe AIR -- something that uses web technology for building traditional applications, where the fact that it's using web technology is pretty much irrelevant to the end user experience. (b) I want to see if we can separate the conversation between mechanisms for providing security, vs. the different kind of user models. of course they don't match, and getting them to match -- is that in scope for this ? JAR: The problem of getting the user to connect them is them user programming system. ack DanC_, you wanted to ask if anybody knows the state of the art in maybe cultural anthropology about how many brand names we can trust: mom, dad, my school, my town, my country, DanC: What is the state of the art in what we can trust? HT: People trust a lot. LM: There are people working on web apps more like adobe air, which is like installing an application because it gets the same privileges. LMM mentioned Adobe Air, Microsoft silverlight is another ... distributed app deployment platform Noah: There is a widget spec which allows you to make an installable thing. Masinter: Note that Web Application can be used for either animal. I propose the following working terminology for use in the TAG: Masinter: We have mechanisms for providing security -- and user perception -- and we know they don't match. But that we knew. Web Application -> < future proofing HST: The 'earliest appropriate' sentence is meant to rule that out. ... Maybe that needs to be stronger NM: I have a long history of interest in this ... I like this as a goal for many circumstances ... But there are cases where it doesn't work ... The XML 1.1 experience is illustrative in this case ... So we shouldn't require this kind of future-proofing of references ... Specifically in terms of systems which are involved in munication +1 "should future-proof" is too strong. The simple case of citing a frozen spec is fine in many cases johnk, you wanted to wonder whether it is confusing to bine conformance and referencing behaviour in one statement Seeing where you're going, Henry, unless new editions >< allow for new content, I think my concern stands. JK: Conformant implementations? Should that be separated from what is referenced? Trying to pack too much in? Or maybe I'm not guessing right as to what your concern/suggestion will be. JK: How references are written is different from what is a conformant implementation DanC_, you wanted to ask for a reminder of a specific case we're particularly interested in... it was somewhere in the HTML 5 references, yes? DC: There was a specific case wrt the HTML 5 think IETF tradition is to make the 'future proofing' more part of general policy than being specific in each draft. A1 references B1. When B2 updates B1, implementations of A1 may or may not follow B2 HT: As it stands, there are only stubs in the HTML 5 references. DC:HT: No. HT: Last I looked. E.g. following link from content-sniffing you got something that just said content sniffing. [30] dev.w3./html5/spec/references.html#references [30] dev.w3./html5/spec/references.html#references We pause to read HTML 5 references section.... HT: Ah, it's better than it was. DC: So if we pushed on any of these, we would pbly find the editor would have a reason HT: E.g. the text in the references says "[CSS] Cascading Style Sheets Level 2 Revision 1, B. Bos, T. Celik, I. Hickson, H. Lie. W3C, April 2009.", but links the undated copy. HST: So what does it mean for an implementor? Specifically, implementors 5 years from now have to figure out what was meant. We're trying to fix that. TBL, you wanted to point out that anyone using this language assumes there is a contract with future working groups to maintain the operability of the referencing spec, when TBL: If you propose we use the present and the future -- why not earlier ones? ... As for the future, that depends on the sort of WG and the sort of spec. ... If the group doesn't mit to back patibility, you can't rely on it Is the distinction between "edition" and "version" important? TBL: You might try to negotiate a mitment from the WG that they won't change. . . ... Or you might just require people to check Can distinction between "technical specification" and "applicability statement" be useful? "applicability statement" calls out specific dated versions, while general "technical specification" doesn't? Two documents, one of which updates. TBL: So it's not clear that we can go with what you propose LM: I like the difference between edition and version ... We used to differentiate between applicability statements and language specs. ... So you would only have to update the appl. statement ht, you wanted to reply to Noah wrt editions vs. versions LM: Alternatively, you could have policy outside the doc. altogether NM: You haven't addressed my concern, because it wasn't lack of back-pat that broke the XML 1.1 situation HT: The response to Noah and Tim is to say "yes, all those criticisms apply to unrestricted blank checks" (leaving aside for a sec refs to older versions), by relying on the W3C Policy for Edtions (stepping gently around XML 1.1/10 5th edition in particular), is precisely because it makes this plausible. NM: Do new editions allow new content? HT: Yes. NM: Then I still have a problem. See problems deploying XML 1.0 5th edition. A sometimes inappropriate (depending on the specs) expectation is created that implementations that haven't been updated will support new content sourced by those that have been. JR: Conformance to a spec. that has a variable in it is intrinsically vague jar, you wanted to consider classes of forming implementations (conforming to various binations of specs) JR: So there's a time-sensitivity wrt the answer to "does this conform?" noah, you wanted to mention that there can be issues with 3rd party specs. NM: TBL mentioned SOAP in passing [AM leaves] NM: SOAP wasn't sure about supporting XML 1.1 ... It depended on the Infoset, and we weren't sure that even if we went to XML 1.1, the Infoset would have been well-future-proofed enough for it all to hold together ... So in some ways, my willingness to future-proof my references depends on other specs also being well future-proofed johnk, you wanted to ask how can we apply henry'd text to the specific issue noted? HST: Yes, we have a real case of this with XML 1.0 5e and XML NS 3e JK: Addressing dated prose in conjunction with an undated URI is separate from future-proofing? LM: My assumption is that the dated ref. is normative If dated spec A normatively cites undated spec B, and artifact Z conforms to A - what does that mean? Maybe: (1) it conforms to A(B(t)) for some t, or (2) it conforms to A(B(t)) for all t, or (3) if conforms to A(B(t)) for t >
