From 0f430209bd2e1bb7d85a3f400f39b69b7bcfaaf7 Mon Sep 17 00:00:00 2001
From: ctcpip <ctcpip@users.noreply.github.com>
Date: Wed, 14 Feb 2024 14:50:49 -0600
Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=202024-02-14?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md                         |  2 +-
 meetings/notes/2024/2024-02-14.md | 51 +++++++++++++++++++++++++------
 meetings/notes/2024/2024-02-27.md | 20 ++++++++++++
 3 files changed, 62 insertions(+), 11 deletions(-)
 create mode 100644 meetings/notes/2024/2024-02-27.md

diff --git a/README.md b/README.md
index e23ee9c..815e203 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@ This repository contains documents, agendas, and notes for the ECMAScript - Secu
 
 ## Agenda
 
-see [2024-02-14](meetings/notes/2024/2024-02-14.md) and [the backlog](meetings/notes/backlog.md) 👀
+see [2024-02-27](meetings/notes/2024/2024-02-27.md) and [the backlog](meetings/notes/backlog.md) 👀
 
 ## Meetings
 
diff --git a/meetings/notes/2024/2024-02-14.md b/meetings/notes/2024/2024-02-14.md
index 3c096be..b6e4d91 100644
--- a/meetings/notes/2024/2024-02-14.md
+++ b/meetings/notes/2024/2024-02-14.md
@@ -2,10 +2,15 @@
 
 ## Folks
 
-| Name      | GH Username     | TLA | Affiliation  |
-| --------- | --------------- | --- | ------------ |
-| Full Name | @githubUsername | FNE | organization |
-|           |                 |     |              |
+| Name             | GH Username     | TLA | Affiliation  |
+| ---------------- | --------------- | --- | ------------ |
+| Full Name        | @githubUsername | FNE | organization |
+| Chris de Almeida | @ctcpip         | CDA | IBM          |
+| Mark Miller      | @erights        | MM  | Agoric       |
+| Jordan Harband   | @ljharb         | JHD | HeroDevs     |
+| Kris Kowal       | @kriskowal      | KKL | Agoric       |
+| Richard Gibson   | @gibson042      | RGN | Agoric       |
+| Daniel Veditz    | @dveditz        | DVE | Mozilla      |
 
 ## Agenda
 
@@ -14,12 +19,38 @@
 
 Happy Valentine's Day to all whom'st've celebrate! 💘
 
-| Topic                                                                                  | Presenter(s)     |
-| -------------------------------------------------------------------------------------- | ---------------- |
-| review issues in security repo                                                         | Chris de Almeida |
-| ? discuss [WasmGC shared memory proposal][wasm] / [shared structs proposal][structs] ? |                  |
-| ? does TC39 need a formal security review for proposals? [related issue][related]      |                  |
+| Topic                                                                                                           | Presenter(s) |
+| --------------------------------------------------------------------------------------------------------------- | ------------ |
+| discuss [WasmGC shared memory proposal][wasm] / [shared structs proposal][structs] / [convergence][convergence] |              |
+
+### [WasmGC shared memory proposal][wasm] / [shared structs proposal][structs] / [convergence][convergence]
+
+MM:
+
+- does not want shared mem multi-threading in JS
+- dangerous for engine integrity
+- concurrent GC dangerous for engine integrity
+- will discuss concerns at upcoming structs mtg
+- also: general issue of JS as a language to support defensive programming, integrity protection
+
+  - shared mem multithreading difficult to defend, not a that supports interaction of components, whereas comm event loops does support
+  - related: <https://papers.agoric.com/papers/concurrency-among-strangers/abstract/>
+
+- structs mtg tomorrow at 18:00 UTC
+  - MM, others attending
+
+ACTION: CDA, invite SYG to TG3 to discuss, also ask for new version of proposal referenced in slides (splitting into MVP for WASM convergence)
+
+JHD: us govt requirements suggest that in near future, memory-unsafe languages will be forbidden in any products/services consumed
+
+- <https://media.defense.gov/2023/Dec/06/2003352724/-1/-1/0/THE-CASE-FOR-MEMORY-SAFE-ROADMAPS-TLP-CLEAR.PDF>
+
+related: overwhelming majority of all security vulns are caused by memory safety issues
+
+CDA: recommendation for proposals repo: presentation history
+
+- need to better understand the split of the TC39 structs proposal re: MVP for WASM proposal convergence/delivery/ask for stage 2 at TC39
 
 [wasm]: https://github.com/WebAssembly/shared-everything-threads/blob/main/proposals/shared-everything-threads/Overview.md
 [structs]: https://github.com/tc39/proposal-structs
-[related]: https://github.com/tc39/security/issues/4
+[convergence]: https://docs.google.com/presentation/d/1j0W_mFaR8wEBqgBPRzJ0h4-lmgl87U92TQeokfy0N2w/edit#slide=id.gc6f889893_0_0
diff --git a/meetings/notes/2024/2024-02-27.md b/meetings/notes/2024/2024-02-27.md
new file mode 100644
index 0000000..dffc246
--- /dev/null
+++ b/meetings/notes/2024/2024-02-27.md
@@ -0,0 +1,20 @@
+# TG3 - 2024-02-27
+
+## Folks
+
+| Name      | GH Username     | TLA | Affiliation  |
+| --------- | --------------- | --- | ------------ |
+| Full Name | @githubUsername | FNE | organization |
+|           |                 |     |              |
+
+## Agenda
+
+> [!NOTE]
+> See [backlog.md](backlog.md) for outstanding action items and agenda topics.
+
+| Topic                                      | Presenter(s) |
+| ------------------------------------------ | ------------ |
+| review of previous agenda and action items |              |
+|                                            |              |
+
+### review of previous agenda and action items