MeetingL PEWG
<scribe> Scribe: patrick_h_lauke
Navid: had a task to define pointer capture scope
<NavidZ_> https://github.com/w3c/pointerevents/pull/300
<NavidZ_> https://github.com/w3c/pointerevents/issues/16
limits only work on a document. there was an old issue about security risk if not restricted in iframes
maybe we should always limit to sandboxed iframes
recently we decided to just live with this and see if use cases come up, and that's what latest PR does
matches chrome behavior, and olli was ok with it as well
if inner iframe sends pointerID, can outer frame/parent capture it
<NavidZ_> https://github.com/w3c/pointerevents/issues/291
will send request on mailing list to see if we agree on resolution of latest pull request
<NavidZ_> Next topic:
<NavidZ_> https://github.com/w3c/pointerevents/issues/204
Daniel: this came out of research in platform stuff on windows. OS actually can do better job of rendering pointer trail etc, so provide metadata on what app has drawn and leave it up to OS to do rest
no concrete proposal, but wanted to get sense from cross-platform perspective
Navid: question also how much we can support this feature across platforms
also comes down to amount of metadata - e.g. do we pass on what pressure is, or what the line thickness/radius should be
Daniel: should be some kind of transform/radius of the size of the tip. OS can also match end of trail to more seamless ink stroke...
Navid: wonder if we can enough exposure so last piece of trail is not so far away from the coords that were globbed by the app itself (?)
Daniel: being able to determine support, apps can opt in/out
more like a graceful degradation approach. what would support look like on other platforms? does it match how other platforms support inking at OS level? early stages/ideas
you can see this with Windows native OneNote app, depending on which brushes are used
Navid: looking forward to something more concrete, but if you see reduced latency we may have interest
Daniel: will do more prototyping, hopefully something to share at TPAC
Navid: one update regarding an issue...
<NavidZ_> Next topic:
<NavidZ_> https://github.com/w3c/pointerevents/issues/100
prototyped something that can be tested behind flag
not fully compatible because coords are promoted from integer to float
landed a change behind a flag, going to discuss this with UIEvents/web apps WG at TPAC
Navid: regarding merging extension document merging: touch-action move done, still work to be done to more the coalesced/raw stuff
will work on those and send PR addressing most of those
one aspect to consider is privacy. raw/coalesced only to secure origins
security person in Google pointed out this exposes specific device capabilities/properties
can fingerprint device of the user (e.g. 1000 Hz mouse)
maybe not quite a permission model, but only to secure origin
are there any other APIs that follow this?
Daniel: think it makes sense
not sure if i've seen secure origin for privacy reasons
Navid: permission model may be too hard to specify, but at least secure origin mitigates man in the middle attacks etc
Daniel: i have seen it with paint worklet and animation worklet
Navid: will check if there's some wording or similar that we can use
Patrick: we already have some language in spec about user agents also allowing user to stop certain info from being exposed at the user's request. worth using same for this here too
I will check on our side what we have, and it's worth expanding to cover coalesced/raw even more strongly. And secure origin only is a mitigation, but won't help if you as user don't actually want a site to track you (secure origin or not)
[mention of calls, AOB, TPAC]
Patrick: we don't have an actual meeting planned for TPAC (as I also won't be able to make it this time), but if people who are already there and want to have a semi-formal skype call or something, let me/the list know
(as an aside, just checked PE spec, and we have wording around user agents MAY consider allowing users to turn things off in https://w3c.github.io/pointerevents/#security-and-privacy-considerations)
This is scribe.perl Revision: 1.154 of Date: 2018/09/25 16:35:56 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Present: patrick_h_lauke NavidZ WARNING: Fewer than 3 people found for Present list! Found Scribe: patrick_h_lauke Inferring ScribeNick: patrick_h_lauke WARNING: No "Topic:" lines found. WARNING: No meeting title found! You should specify the meeting title like this: <dbooth> Meeting: Weekly Baking Club Meeting WARNING: No date found! Assuming today. (Hint: Specify the W3C IRC log URL, and the date will be determined from that.) Or specify the date like this: <dbooth> Date: 12 Sep 2002 People with action items: WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option. WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]