IRC log of privacy on 2015-12-03

Timestamps are in UTC.

16:56:05 [RRSAgent]

RRSAgent has joined #privacy

16:56:05 [RRSAgent]

logging to http://www.w3.org/2015/12/03-privacy-irc

16:56:07 [trackbot]

RRSAgent, make logs 263

16:56:07 [Zakim]

Zakim has joined #privacy

16:56:09 [trackbot]

Zakim, this will be

16:56:09 [Zakim]

I don't understand 'this will be', trackbot

16:56:10 [trackbot]

Meeting: Privacy Interest Group Teleconference

16:56:10 [trackbot]

Date: 03 December 2015

16:56:36 [tidoust]

tidoust has joined #privacy

16:56:44 [npdoty]

rrsagent, make logs public

16:56:49 [npdoty]

Zakim, clear agenda

16:56:49 [Zakim]

agenda cleared

16:57:36 [npdoty]

agenda+ Welcome and introductions

16:57:36 [npdoty]

agenda+ Presentation API - privacy considerations - further discussion

16:57:38 [npdoty]

agenda+ High Resolution Time Level 2

16:57:39 [npdoty]

agenda+ Moving forward with the Fingerprinting Guidance

16:57:41 [npdoty]

agenda+ Moving forward with the Privacy Questionnaire

16:57:42 [npdoty]

agenda+ Follow-up re Geofencing API, Media Capture Streams

16:57:43 [npdoty]

agenda+ Ultrasound tracking beacons, Device Orientation privacy and security issues

16:57:44 [npdoty]

agenda+ AOB

16:58:51 [chaals]

chaals has joined #privacy

17:01:21 [npdoty]

present+ npdoty, christine, gnorcie

17:02:47 [christine]

Hi all. We'll just wait a couple of minutes before starting.

17:03:59 [wseltzer]

zakim, code?

17:03:59 [Zakim]

no conference has been identified yet, wseltzer

17:04:46 [wseltzer]

zakim, this is 642 381 506

17:04:46 [Zakim]

got it, wseltzer

17:04:48 [tidoust]

present+ tidoust

17:04:48 [wseltzer]

zakim, code?

17:04:48 [Zakim]

I have been told this is 642 381 506

17:04:52 [mfoltzgoogle]

mfoltzgoogle has joined #privacy

17:04:59 [npdoty]

present+ tidoust

17:05:08 [npdoty]

present+ mfoltzgoogle

17:05:43 [wseltzer]

present+

17:06:28 [npdoty]

scribenick: npdoty

17:06:45 [npdoty]

Zakim, take up agendum 1

17:06:45 [Zakim]

agendum 1. "Welcome and introductions" taken up [from npdoty]

17:07:20 [npdoty]

christine: small group this week, might be getting into holiday schedule

17:07:24 [npdoty]

welcome!

17:07:33 [npdoty]

Zakim, take up agendum 2

17:07:33 [Zakim]

agendum 2. "Presentation API - privacy considerations - further discussion" taken up [from npdoty]

17:07:45 [christine]

http://www.w3.org/TR/presentation-api/

17:08:16 [npdoty]

http://www.w3.org/TR/presentation-api/#security-and-privacy-considerations

17:09:21 [npdoty]

christine: helpful when you joined our call last time. but it sounds like you had group conversations on privacy/security while at TPAC

17:10:44 [npdoty]

mfoltzgoogle: will give estimate of current status of several privacy issues

17:11:11 [npdoty]

... how do we ensure that the context that renders the presentation, which is rendered onto a shared device potentially, what is the browsing context?

17:11:27 [npdoty]

... don't want to leak information to other browsing contexts or other presentations

17:11:46 [npdoty]

... feedback from the TAG was that there isn't any well-defined context for this already

17:12:06 [npdoty]

... we want an empty local storage, cookie jar, permissions set, etc. (like a private browsing mode)

17:12:20 [npdoty]

... should this interact with the Permissions API?

17:12:44 [npdoty]

... currently investigating the ability to see whether a presentation screen is available already or not

17:13:02 [npdoty]

... how should the spec interact with mixed content?

17:13:43 [npdoty]

... how should the API interact with nested browsing contexts? does the top-level browsing context control how iframes have the ability to request presentations?

17:14:04 [npdoty]

... okay to allow this by default, because risks are just annoying the user

17:14:36 [npdoty]

... but top-level contexts will have the ability to blacklist or prevent its frames from using presentation

17:15:00 [npdoty]

... if the controlling context is on a different device than the presentation, how do we secure the channel for messages?

17:15:34 [npdoty]

... defining that protocol is out of scope, but a Community Group will define a network-level protocol for presentations, including one way to secure presentations

17:16:38 [npdoty]

christine: very busy as a group

17:16:40 [npdoty]

... any questions?

17:16:43 [npdoty]

q+

17:16:49 [tidoust]

q+

17:16:55 [wseltzer]

q+

17:22:20 [npdoty]

q-

17:22:41 [npdoty]

npdoty: questions about the cleared local state context

17:22:56 [npdoty]

mfoltzgoogle: can send authentication tokens across messaging

17:23:19 [npdoty]

... want to avoid leakage, but also want to ensure that this will work in the cross-device situation

17:23:40 [mfoltzgoogle]

FYI: Our pull request that defines the empty browsing context: https://github.com/w3c/presentation-api/pull/219

17:24:00 [npdoty]

tidoust: not just audio/video streaming, particularly in the cross-device case

17:25:32 [npdoty]

gnorcie: more concerned about the privacy risks to the user, and streaming audio/video from the user is potentially very sensitive

17:25:50 [npdoty]

tidoust: use case is video rendered from the page, not the user's microphone/camera

17:26:18 [npdoty]

gnorcie: but seeing what is on my screen is also very sensitive (like documents open on the screen)

17:26:43 [npdoty]

tidoust: that matches how we thought about the issue

17:26:52 [npdoty]

ack tidoust

17:27:06 [npdoty]

tidoust: if there are issues we haven't addressed yet, please let us know

17:27:10 [npdoty]

... don't want to miss any strong concerns

17:27:32 [npdoty]

christine: so happy that your group is taking privacy/security so seriously

17:27:37 [npdoty]

ack wseltzer

17:28:45 [npdoty]

wseltzer: Presentation API gives a good use case for standardizing some private browsing mode, what is the minimal and safe context that can be established

17:29:08 [npdoty]

... can get a standard description of that sandboxed context that works across browsers

17:29:25 [tidoust]

[I note that the TAG discussed Private Browsing Mode in relation with the Presentation API yesterday, see draft minutes at: https://pad.w3ctag.org/p/02-12-2015-minutes.md ]

17:30:33 [npdoty]

christine: is the goal that when we have another spec with this kind of scenario, then we can suggest using this text?

17:31:35 [npdoty]

wseltzer: start collecting these use cases and the approach, possibly into a Note, or could possibly charter a group if there's some more complicated set of use cases about that private mode

17:31:54 [npdoty]

christine: could help coordinate discussion with webappsec as well

17:32:11 [npdoty]

wseltzer: PING could be helpful, particularly in setting requirements that can be used by security engineers

17:32:14 [npdoty]

q+

17:32:45 [wseltzer]

npdoty: a few different specs raise security considerations around fullscreen

17:32:56 [wseltzer]

... because user might not know origin of content

17:33:06 [wseltzer]

... could be spoofing risk

17:33:17 [gnorcie]

gnorcie has joined #privacy

17:33:20 [wseltzer]

... does presentation API consider this?

17:33:42 [gnorcie]

can someone put me in the queue to discuss privacy questionaire?

17:34:25 [gnorcie]

I need to leave at 1 so i want to make sure we discuss

17:34:56 [npdoty]

mfoltzgoogle: UX focused on making the user know which origin is being displayed, and origin being accessible after the fact

17:36:24 [npdoty]

... phishing more awkward in this scenario because the user has to grant permission for displaying on that presenter display each time

17:36:32 [npdoty]

tidoust: could open a issue for notes to add there

17:36:42 [npdoty]

... is there any screen that the second screen could be used by another user

17:37:54 [npdoty]

... could a user be tricked into thinking that they're just doing regular browsing on the separate device

17:38:15 [npdoty]

npdoty: yeah, seems like there are multiple users by definition

17:38:36 [npdoty]

mfoltzgoogle: maybe have an issue about multi-user, like a second user controlling the presentation without the user's knowledge

17:39:54 [npdoty]

christine: will send out email summary, to note for people who want to raise issues that now is a good time

17:40:05 [npdoty]

zakim, take up agendum 3

17:40:05 [Zakim]

agendum 3. "High Resolution Time Level 2" taken up [from npdoty]

17:40:18 [mfoltzgoogle]

mfoltzgoogle has left #privacy

17:40:19 [npdoty]

the academic paper, http://arxiv.org/pdf/1502.07373v2.pdf

17:40:44 [npdoty]

http://www.w3.org/TR/hr-time-2/

17:41:36 [npdoty]

christine: request in from phillippe, note some privacy/security concerns

17:41:57 [npdoty]

... the spec recommends a minimum resolution to protect against cache attacks which could identify the user

17:43:39 [npdoty]

npdoty: would have to read the paper in more detail, not sure which attacks are protected by the 5 microsecond resolution change

17:44:17 [npdoty]

christine: can ask phillippe if they want to come and talk to us, might explain how useful the mitigation is

17:44:51 [npdoty]

npdoty: can also ask whether the academic community has provided specific review

17:45:12 [npdoty]

take up agendum 4

17:45:23 [npdoty]

yay, that Interest Group Draft Note published

17:46:17 [wseltzer]

npdoty: now we have a reasonably stable doc we can ask people to review

17:46:31 [wseltzer]

... and we can invite people to add to github issues list, provide proposed resolution

17:46:41 [wseltzer]

christine: should I solicit input from chairs?

17:46:45 [wseltzer]

npdoty: yes

17:47:28 [npdoty]

Zakim, take up agendum 5

17:47:28 [Zakim]

agendum 5. "Moving forward with the Privacy Questionnaire" taken up [from npdoty]

17:48:08 [npdoty]

gnorcie: sent out email in things we can send as specific pull requests to the TAG for the security questionnaire

17:48:22 [npdoty]

... privacy things would just be the very simple things (did you think about privacy?)

17:48:45 [npdoty]

... and if you want to dive deep, including edge cases that won't be applicable for every standard

17:51:49 [npdoty]

npdoty: +1, matches the TAG discussion at TPAC, where they wanted a very simple version for most, and then a drill-down

17:52:02 [npdoty]

gnorcie: want to make this collaborative, rather than just my own thoughts

17:52:22 [npdoty]

npdoty: I know what you mean :) yes, take that as a reminder

17:52:51 [npdoty]

christine: maybe we can split up, focus on one small question at a time, looking at different documents

17:53:11 [npdoty]

... even when we have best intentions, many collaborators are going to be doing this in the spare time during their day jobs

17:53:17 [tara]

tara has joined #privacy

17:53:22 [npdoty]

... mailing list does best with snippet discussions on particular topic

17:53:36 [tara]

Hullo all! Sorry to join late.

17:53:41 [npdoty]

present+ tara

17:55:18 [keiji]

keiji has joined #privacy

17:56:25 [npdoty]

christine: will schedule a time to talk with greg

17:57:13 [npdoty]

npdoty: some things will need a full document review, but when we have a specific attack or a specific news item, should have that small discussion and ask whether we have general guidance about it

17:57:46 [npdoty]

January 28

17:58:08 [npdoty]

[adjourned]

17:58:13 [npdoty]

chair: christine

17:58:22 [npdoty]

rrsagent, please draft the minutes

17:58:22 [RRSAgent]

I have made the request to generate http://www.w3.org/2015/12/03-privacy-minutes.html npdoty

17:59:11 [npdoty]

present+ wseltzer

17:59:45 [npdoty]

rrsagent, please draft the minutes

17:59:45 [RRSAgent]

I have made the request to generate http://www.w3.org/2015/12/03-privacy-minutes.html npdoty

18:01:06 [npdoty]

npdoty has changed the topic to: Privacy Interest Group, 3 December: http://www.w3.org/2015/12/03-privacy-minutes.html

18:01:50 [keiji]

keiji has left #privacy