01:37:49 RRSAgent has joined #privthreatmodel 01:37:49 logging to https://www.w3.org/2019/09/18-privthreatmodel-irc 01:40:07 pranjal has joined #privthreatmodel 01:40:34 dom has joined #privthreatmodel 01:43:04 mitja has joined #privthreatmodel 01:49:26 wseltzer has joined #privthreatmodel 01:53:38 masonfreed has joined #privthreatmodel 01:56:37 tomayac has joined #privthreatmodel 01:57:19 pranjal_ has joined #privthreatmodel 01:57:22 dom has joined #privthreatmodel 01:58:41 Mek has joined #privthreatmodel 01:58:45 shimazu has joined #privthreatmodel 01:59:52 pranjal__ has joined #privthreatmodel 02:00:28 christine has joined #privthreatmodel 02:00:33 npdoty has joined #privthreatmodel 02:00:50 present+ npdoty (remote) 02:00:59 could someone paste the CryptPad link here please 02:01:26 jib_ has joined #privthreatmodel 02:01:35 found it - https://cryptpad.w3ctag.org/code/#/2/code/edit/NLylvy0EoY8ILUwfjq8wBOSQ/ 02:02:01 horo has joined #privthreatmodel 02:02:14 Oops - that may not be the riight link 02:02:35 iclelland has joined #privthreatmodel 02:02:44 Looking again, it seems to be the right link 02:02:49 wonsuk_ has joined #privthreatmodel 02:02:52 Gooroomee has joined #privthreatmodel 02:03:11 https://cryptpad.w3ctag.org/code/#/2/code/edit/NLylvy0EoY8ILUwfjq8wBOSQ/ 02:03:28 Ralph has joined #privthreatmodel 02:03:31 We'll take minutes in the cryptpad. 02:03:32 hiroki has joined #privthreatmodel 02:03:36 horiuchi has joined #privthreatmodel 02:03:40 Mek has changed the topic to: https://cryptpad.w3ctag.org/code/#/2/code/edit/NLylvy0EoY8ILUwfjq8wBOSQ/ 02:03:57 taraw has joined #privthreatmodel 02:04:08 sura has joined #privthreatmodel 02:04:10 dezell has joined #privthreatmodel 02:04:11 rowan_m has joined #privthreatmodel 02:04:15 present+ 02:04:23 yoav has joined #privthreatmodel 02:04:24 rrsagent, please make record public 02:04:34 jmann has joined #privthreatmodel 02:04:42 anssik has joined #privthreatmodel 02:04:42 blassey has joined #privthreatmodel 02:04:43 cryptpad link? 02:04:44 Ian has joined #privthreatmodel 02:04:45 manu has joined #privthreatmodel 02:04:45 mkwst has joined #privthreatmodel 02:04:47 present+ 02:04:49 Present+ Anssi_Kostiainen 02:04:50 btidor has joined #privthreatmodel 02:04:52 presetn+ 02:04:52 present+ 02:04:55 ota has joined #privthreatmodel 02:04:55 present+ 02:04:56 present+ 02:04:57 present+ 02:04:57 present+ 02:04:59 present+ 02:05:06 present+ 02:05:09 Dave_Harbage has joined #privthreatmodel 02:05:12 https://cryptpad.w3ctag.org/code/#/2/code/edit/NLylvy0EoY8ILUwfjq8wBOSQ/ 02:05:13 present+ 02:05:14 toml has joined #privthreatmodel 02:05:14 rmondello has joined #privthreatmodel 02:05:16 present+ 02:05:18 present+ 02:05:18 jfishback has joined #privthreatmodel 02:05:20 kleber has joined #privthreatmodel 02:05:20 tdresser has joined #privthreatmodel 02:05:23 present+ 02:05:26 krit has joined #privthreatmodel 02:05:26 scheib has joined #privthreatmodel 02:05:27 ArturJanc has joined #privthreatmodel 02:05:31 present+ 02:05:34 present+ 02:05:37 agektmr has joined #privthreatmodel 02:05:42 ota has joined #privthreatmodel 02:05:43 present+ 02:05:44 mitja has joined #privthreatmodel 02:05:46 -> https://cryptpad.w3ctag.org/code/#/2/code/edit/NLylvy0EoY8ILUwfjq8wBOSQ/ realtime notes 02:05:51 Fuji has joined #privthreatmodel 02:06:35 present+ 02:06:45 present+ 02:07:04 present+ 02:07:05 minobu has joined #privthreatmodel 02:07:06 draft from jyasskin: https://jyasskin.github.io/privacy-threat-model/ 02:07:24 +q 02:07:33 jeff has joined #privthreatmodel 02:07:54 pranjal has joined #privthreatmodel 02:08:06 yohabe has joined #privthreatmodel 02:08:48 kinuko has joined #privthreatmodel 02:08:51 minobu has joined #privthreatmodel 02:09:33 ack toml 02:10:05 Riju has joined #Privthreatmodel 02:10:37 englehardt_ has joined #privthreatmodel 02:10:50 NavidZ_ has joined #privthreatmodel 02:10:58 florent has joined #privthreatmodel 02:11:27 q+ on “target”, and security threat modeling 02:11:41 tung_ has joined #privthreatmodel 02:11:55 ack npdoty 02:11:55 npdoty, you wanted to comment on “target”, and security threat modeling 02:12:49 mchampion has joined #privthreatmodel 02:12:51 melanierichards has joined #privthreatmodel 02:13:20 q+ to ask how this document is expected to be used by WGs such at Verifiable Credentials and Decentralized Identifiers. 02:13:39 ack 02:14:21 +q 02:14:25 I think the questionnaire is the WG-directed tool 02:14:41 +q to reply about sec/priv considerations 02:14:44 but having a common threat model will help, and be cited regularly in doing analysis or in those guidance documents 02:14:55 ack manu 02:14:55 manu, you wanted to ask how this document is expected to be used by WGs such at Verifiable Credentials and Decentralized Identifiers. 02:14:59 wonsuk has joined #privthreatmodel 02:15:24 mnot has joined #privthreatmodel 02:16:02 shaoboyan has joined #privthreatmodel 02:16:08 cwilso has joined #privthreatmodel 02:16:23 kiyoto has joined #privthreatmodel 02:16:35 SteveBecker has joined #privthreatmodel 02:18:05 q? 02:18:11 ack toml 02:18:12 toml, you wanted to reply about sec/priv considerations 02:18:18 yo has joined #privthreatmodel 02:18:22 q+ to note how this could be used as a hammer 02:18:24 jkrafcik has joined #privthreatmodel 02:18:32 topic #privthreadmodel real-time scribing in https://cryptpad.w3ctag.org/code/#/2/code/edit/NLylvy0EoY8ILUwfjq8wBOSQ/ 02:19:06 ack manu 02:19:06 manu, you wanted to note how this could be used as a hammer 02:19:25 +q to suggest exactly that 02:19:33 mitja has joined #privthreatmodel 02:19:37 johnwilander has joined #privthreatmodel 02:19:37 q+ dbaron to talk about discussing things at different levels of detail 02:19:40 q+ 02:20:51 cortiz has joined #privthreatmodel 02:20:55 jcj_moz has joined #privthreatmodel 02:20:59 I don’t think a threat model consists of statements like “you are not allowed to do X”, but it can tell you why it could be a really serious threat to a lot of people if you do X, and yes, many people might object because of that 02:21:19 q+ on hammers and lack thereof 02:21:30 +1 npdoty 02:21:50 q+ 02:21:55 Dave has joined #privthreatmodel 02:22:29 ack 02:22:31 q? 02:22:33 ack toml 02:22:34 toml, you wanted to suggest exactly that 02:22:54 +q 02:23:53 q- 02:25:18 ack dbaron 02:25:18 dbaron, you wanted to talk about discussing things at different levels of detail 02:25:32 @npdoty Maybe more? 02:26:27 About 80, by my count. 02:26:44 You don't have a camera, huh. 02:26:54 dontcallmeDOM has joined #privthreatmodel 02:28:03 dbaron, I think this doc does aim at that level of detail in its example table 02:28:04 I think that’s the goal for the questionnaire: https://w3ctag.github.io/security-questionnaire/ 02:28:20 but a detailed threat model could certainly supplement that 02:28:20 q? 02:28:32 reillyg has joined #privthreatmodel 02:28:41 ack jkrafcik 02:28:58 (One idea is to say in the spec that one target audience is spec writers.) 02:30:14 sounds like a Living document to me 02:30:26 +q to say that people generally expect not to be tracked on the web 02:30:53 ack kleber 02:31:00 q+ 02:31:10 q+ to ask about user experience considerations 02:31:14 wjmaclean has joined #privthreatmodel 02:31:45 ack wseltzer 02:31:45 wseltzer, you wanted to comment on hammers and lack thereof 02:31:57 Dezell__ has joined #privthreatmodel 02:31:57 I think there are lots of security threat model documents that don’t require a detailed description of trade-offs, where people might want to build a feature even if it has security risks 02:32:19 dezell_ has joined #privthreatmodel 02:32:48 I mean, the hammer(s) are mostly those that members hold up while pointing at, say, this document 02:33:01 Riju has joined #Privthreatmodel 02:33:14 q? 02:33:19 jcj_moz, +1 02:33:19 ack mnot 02:35:09 q+ to support the "user expectations" and "tracking by default is an anti-pattern" approach. 02:35:17 ack toml 02:35:17 toml, you wanted to say that people generally expect not to be tracked on the web 02:35:47 q+ living document 02:35:55 q+ jyasskin 02:35:55 q- living document 02:35:56 q- living 02:36:05 q+ jyasskin living document 02:36:10 q? 02:36:18 ack Ian 02:36:18 Ian, you wanted to ask about user experience considerations 02:37:08 q? 02:37:30 I suspect there is not a consensus on this ideal model 02:37:53 ack manu 02:37:53 manu, you wanted to support the "user expectations" and "tracking by default is an anti-pattern" approach. 02:38:18 Ian: There is probably not a consensus on the ideal model, but it's ok to write something down and say "This is why we consider this as the threat model" 02:38:33 slightlyoff has joined #privthreatmodel 02:38:49 q? 02:39:17 [how should on-the-record comments here be inserted into the cryptpad?] 02:39:31 q+ 02:39:36 q+ 02:39:47 ack jyasskin 02:39:50 q+ jandrieu 02:39:53 ack jy 02:40:09 q+ about what tracking means 02:40:11 tdresser has joined #privthreatmodel 02:40:14 +q to kick email while it's down 02:40:36 q+ to talk about what tracking means 02:40:48 I don't like email, and I don't like it for login 🤷🏻‍♀️ 02:41:00 Sudeep has joined #privthreatmodel 02:41:28 deiu has joined #privthreatmodel 02:41:44 q+ 02:41:55 ack slightlyoff 02:42:34 jsha has joined #privthreatmodel 02:42:52 mitja has joined #privthreatmodel 02:43:39 ack dbaron 02:44:14 I’m concerned that some people may be expecting a single number of bits of entropy on the Web today; we can summarize the set of existing research on fingerprinting, but it will not be a single number 02:44:37 q? 02:44:56 Sudeep__ has joined #privthreatmodel 02:45:02 npdoty: I agree it won't be a single number; there's a lot of variability in each feature, however we can understand the ranges 02:45:31 ack jandrieu 02:45:37 npdoty: an reasonable model will need to deal with the statistical distribution 02:46:09 q+ to talk about cutting the queue 02:46:16 zakim, close the queue 02:46:16 ok, Ian, the speaker queue is closed 02:46:24 ack jyasskin 02:46:24 jyasskin, you wanted to talk about cutting the queue 02:46:42 ack toml 02:46:42 toml, you wanted to kick email while it's down 02:47:30 I wasn't talking about big warning boxes -- I was talking more about browsers setting expectations through things like the sort of things they ask for permissions for (since asking for permission for X somewhat implies that X doesn't happen if the browser doesn't ask for permission). 02:47:37 dezell has joined #privthreatmodel 02:47:49 ack kleber 02:47:49 kleber, you wanted to talk about what tracking means 02:47:51 npdoty: against a more emperical model, we can at least *chachterize* the quality of browser defaults 02:47:54 (IJ agrees that "email as identifier" is not something built into the protocols but a social norm that gets better with web auth) 02:48:22 dbaron: I don't want browsers to be more honest about dystopia, I want there to be less dystopia. 02:48:32 slightlyoff, sure, we can summarize various statistics, that apply differently to different platforms, depend on different features, work for different threat models, have different outcomes for different population groups. I was referring more to csswg this week talking about a single number we needed to provide to prove that fingerprinting isn’t a lost cause 02:48:55 hiroki has joined #privthreatmodel 02:48:58 npdoty: e.g., when we evaluated the Tor Browser threat model years back on the TAG, it still had big holes in it. What we ended up with were principles that helped folks make more state user-controllable. 02:49:13 mnot has joined #privthreatmodel 02:49:32 npdoty: not a lost-cause per sae, but we can't have a discussion about how lost (or not) it is until it's bounded 02:49:38 pranjal has joined #privthreatmodel 02:49:47 slightlyoff, yeah, I think the Tor Browser threat model documentation could be another good source for this document and our guidance in general 02:49:54 npdoty: ducking empericism gets us nowhere 02:49:59 (except more arguing) 02:50:09 q? 02:50:12 ack jkrafcik 02:50:39 slightlyoff, I’m very happy to cite the latest research in all our work! +1 for empiricism 02:50:58 zakim, open the queue 02:50:58 ok, Ian, the speaker queue is open 02:51:52 q+ for PING 02:52:07 [I wonder again how on-the-record comments here ought to be inserted into the cryptpad?] 02:52:25 pranjal_ has joined #privthreatmodel 02:52:39 q? 02:52:43 ack manu 02:52:43 manu, you wanted to discuss PING 02:52:44 ack manu 02:52:57 I have made the request to generate https://www.w3.org/2019/09/18-privthreatmodel-minutes.html Ian 02:53:25 q? 02:53:35 many thanks to jeffrey for working on this! 02:53:43 +1 02:53:47 +1 02:53:55 tdresser has joined #privthreatmodel 02:55:16 iclelland has joined #privthreatmodel 02:56:29 zakim, bye 02:56:29 leaving. As of this point the attendees have been npdoty, (remote), dezell, taraw, Anssi_Kostiainen, Ian, blassey, yoav, jmann, dbaron, manu, Ralph, iclelland, Mek, wseltzer, 02:56:29 Zakim has left #privthreatmodel 02:56:32 ... toml, kleber, rowan_m, scheib, jfishback, christine, mitja 02:57:55 horiuchi_ has joined #privthreatmodel 02:58:06 [Cryptpad transcript at https://github.com/w3c/ping/blob/master/summaries/breakout-privacythreat-20190917.md ] 02:58:36 rrsagent, draft minutes 02:58:36 I have made the request to generate https://www.w3.org/2019/09/18-privthreatmodel-minutes.html wseltzer 02:58:41 horiuchi has joined #privthreatmodel 02:59:17 pranjal has joined #privthreatmodel 03:00:18 horiuchi_ has joined #privthreatmodel 03:01:57 shimazu has joined #privthreatmodel 03:08:08 mitja has joined #privthreatmodel 03:08:44 dave has joined #privthreatmodel 03:09:08 tung_ has left #privthreatmodel 03:27:30 pranjal has joined #privthreatmodel 03:28:42 horiuchi has joined #privthreatmodel 03:43:24 mitja has joined #privthreatmodel 03:44:23 mchampion has left #privthreatmodel 03:49:49 pranjal_ has joined #privthreatmodel 04:02:04 scheib has left #privthreatmodel 04:09:28 mitja has joined #privthreatmodel 04:22:18 tdresser has joined #privthreatmodel 04:29:39 dontcallmeDOM has joined #privthreatmodel 04:31:55 jib has joined #privthreatmodel 04:32:11 horiuchi has joined #privthreatmodel 04:33:37 pranjal has joined #privthreatmodel 04:34:24 Ian has left #privthreatmodel 04:34:42 shimazu has joined #privthreatmodel 04:36:51 krit has left #privthreatmodel 04:37:15 dezell has joined #privthreatmodel 04:37:23 tdresser has joined #privthreatmodel 04:38:10 iclelland has joined #privthreatmodel 04:44:08 dom has left #privthreatmodel 04:52:53 dezell has joined #privthreatmodel 04:53:03 mitja has joined #privthreatmodel 04:56:53 rmondello has joined #privthreatmodel 05:05:40 dezell has joined #privthreatmodel 05:11:16 tdresser has joined #privthreatmodel 05:16:43 shimazu has joined #privthreatmodel 05:17:05 Thanks wseltzer! 05:18:41 thanks for leading the session, jyasskin 05:18:52 :-D 05:24:16 tdresser has joined #privthreatmodel 05:27:41 mitja has joined #privthreatmodel 05:28:22 iclelland has joined #privthreatmodel 05:30:55 horiuchi has joined #privthreatmodel 05:31:53 horiuchi has joined #privthreatmodel 05:33:32 pranjal has joined #privthreatmodel 05:34:35 iclellan1 has joined #privthreatmodel 05:35:04 deiu has left #privthreatmodel 05:36:42 shimazu has joined #privthreatmodel 05:51:20 tdresser has joined #privthreatmodel 06:22:13 pranjal has joined #privthreatmodel 06:28:20 iclelland has joined #privthreatmodel 06:29:57 pranjal_ has joined #privthreatmodel 06:32:02 shimazu has joined #privthreatmodel 06:32:50 reillyg has left #privthreatmodel 06:35:42 horiuchi has joined #privthreatmodel 07:13:29 horiuchi has joined #privthreatmodel 07:16:13 tdresser has joined #privthreatmodel 07:20:10 horiuchi has joined #privthreatmodel 07:20:52 pranjal has joined #privthreatmodel 07:26:44 horiuchi_ has joined #privthreatmodel 07:30:42 pranjal has joined #privthreatmodel 07:31:19 horiuchi has joined #privthreatmodel 07:32:10 Ralph_ has joined #privthreatmodel 07:34:50 shimazu has joined #privthreatmodel 07:37:51 mitja has joined #privthreatmodel 07:50:46 mitja has joined #privthreatmodel 07:55:05 mitja has joined #privthreatmodel 08:00:08 Ralph has joined #privthreatmodel 08:00:08 iclelland has joined #privthreatmodel 08:02:27 mitja has joined #privthreatmodel 08:21:05 iclelland has joined #privthreatmodel 08:23:31 horiuchi has joined #privthreatmodel 08:23:51 mitja has joined #privthreatmodel 08:27:31 shimazu has joined #privthreatmodel 08:33:12 iclelland has joined #privthreatmodel 08:33:22 jib has joined #privthreatmodel 08:35:05 k_ has joined #privthreatmodel 08:35:05 pranjal has joined #privthreatmodel 08:40:32 pranjal_ has joined #privthreatmodel 08:49:34 shimazu has joined #privthreatmodel 08:58:03 shimazu has joined #privthreatmodel 09:00:31 pranjal has joined #privthreatmodel 09:31:27 iclelland has joined #privthreatmodel 09:34:16 horiuchi has joined #privthreatmodel 09:50:04 dbaron has left #privthreatmodel 11:28:48 tdresser has joined #privthreatmodel 12:11:15 pranjal has joined #privthreatmodel 13:17:25 tdresser has joined #privthreatmodel 13:28:28 tdresser has joined #privthreatmodel 13:37:28 tdresser has joined #privthreatmodel 14:02:03 tdresser has joined #privthreatmodel 15:16:23 shimazu has joined #privthreatmodel 15:54:51 shimazu has joined #privthreatmodel 16:28:47 shimazu has joined #privthreatmodel 16:48:47 iclelland has joined #privthreatmodel 17:05:38 iclelland has joined #privthreatmodel 17:09:34 iclellan1 has joined #privthreatmodel 17:37:03 shimazu has joined #privthreatmodel 21:07:07 horiuchi has joined #privthreatmodel 21:48:58 iclelland has joined #privthreatmodel 22:20:48 shimazu has joined #privthreatmodel 22:22:09 iclelland has joined #privthreatmodel 22:44:02 iclelland has joined #privthreatmodel 23:24:28 iclelland has joined #privthreatmodel 23:27:19 tdresser has joined #privthreatmodel 23:32:34 horiuchi has joined #privthreatmodel 23:33:14 horiuchi_ has joined #privthreatmodel 23:36:40 iclelland has joined #privthreatmodel 23:39:24 iclelland has joined #privthreatmodel 23:40:09 jib has joined #privthreatmodel 23:45:15 iclelland has joined #privthreatmodel 23:51:03 pranjal has joined #privthreatmodel 23:53:53 pranjal_ has joined #privthreatmodel 23:54:56 tdresser has joined #privthreatmodel 23:54:56 mitja has joined #privthreatmodel 23:55:29 pranjal__ has joined #privthreatmodel 23:55:49 mitja_ has joined #privthreatmodel