14:38:41 RRSAgent has joined #dap 14:38:41 logging to http://www.w3.org/2010/03/10-dap-irc 14:38:43 RRSAgent, make logs world 14:38:43 Zakim has joined #dap 14:38:45 Zakim, this will be DAP 14:38:45 ok, trackbot; I see UW_DAP()10:00AM scheduled to start in 22 minutes 14:38:46 Meeting: Device APIs and Policy Working Group Teleconference 14:38:46 Date: 10 March 2010 14:38:58 Chair: Robin_Berjon, Frederick_Hirsch 14:39:05 Present+ Robin_Berjon, Frederick_Hirsch 14:39:31 Agenda: http://lists.w3.org/Archives/Public/public-device-apis/2010Mar/0082.html 14:40:27 Regrets: Marco_Marengo 14:47:24 Regrets+ Marcin_Hanclik 14:50:08 Regrets+ ThomasRoessler 14:55:10 darobin has joined #dap 14:58:06 rvazquez has joined #dap 14:58:55 UW_DAP()10:00AM has now started 14:58:59 Claes has joined #dap 14:59:02 +[IPcaller] 14:59:10 zakim, [IPcaller] is fjh 14:59:10 +fjh; got it 14:59:33 Present+ Claes_Nilsson 14:59:50 Suresh has joined #dap 15:00:00 Present+ Suresh_Chitturi 15:00:05 + +1.202.436.aaaa 15:00:09 +ilkka 15:00:21 Present+ Ilkka_Oksanen 15:00:34 + +1.972.373.aabb - is perhaps suresh? 15:00:41 alissa has joined #dap 15:00:53 +Dom 15:00:57 AnssiK has joined #dap 15:00:58 zakim, aabb is suresh 15:00:58 sorry, fjh, I do not recognize a party named 'aabb' 15:01:06 Presen Dominique_Hazael-Massieux 15:01:10 zakim, who is here? 15:01:10 On the phone I see fjh, +1.202.436.aaaa, ilkka, suresh?, Dom 15:01:12 On IRC I see AnssiK, alissa, Suresh, Claes, rvazquez, darobin, Zakim, RRSAgent, tlr, Marcos, maxf, fjh, ilkka, arve, blassey, shepazu, trackbot, dom 15:01:18 I'm having trouble with the local phone system — if I can't get it to work I'll fall back in a minute or two 15:01:23 zakim, suresh? is suresh 15:01:23 +suresh; got it 15:01:26 zakim, mute me 15:01:26 Dom should now be muted 15:01:28 zakim, who is here? 15:01:28 On the phone I see fjh, +1.202.436.aaaa, ilkka, suresh, Dom (muted) 15:01:29 On IRC I see AnssiK, alissa, Suresh, Claes, rvazquez, darobin, Zakim, RRSAgent, tlr, Marcos, maxf, fjh, ilkka, arve, blassey, shepazu, trackbot, dom 15:01:35 +AnssiK 15:01:53 +richt 15:01:56 +maxf 15:01:58 zakim, aaaa is alissa 15:01:58 +alissa; got it 15:02:04 zakim, mute me 15:02:04 maxf should now be muted 15:02:06 +Claes 15:02:21 Present+ Anssi_Kostiainen 15:02:47 Present+ Max_Froumentin 15:03:05 nwidell has joined #dap 15:03:08 Present+ Alissa_Cooper 15:03:16 +jmarting_TEF 15:03:18 Present+ Niklas_Widell 15:03:46 +??P24 15:03:56 Zakim, ??P24 is me 15:03:56 +darobin; got it 15:03:57 jmorris has joined #dap 15:04:12 -alissa 15:04:14 Present+ John_Morris 15:04:19 Dzung_Tran has joined #dap 15:04:23 Present+ Dzung_Tran 15:04:34 richt has joined #dap 15:04:34 +Niklas 15:04:37 zakim, who is here? 15:04:37 On the phone I see fjh, ilkka, suresh, Dom (muted), AnssiK, richt, maxf (muted), Claes, jmarting_TEF, darobin (muted), Niklas 15:04:39 On IRC I see richt, Dzung_Tran, jmorris, nwidell, AnssiK, alissa, Suresh, Claes, rvazquez, darobin, Zakim, RRSAgent, tlr, Marcos, maxf, fjh, ilkka, arve, blassey, shepazu, 15:04:41 ... trackbot, dom 15:05:08 +richt.a 15:05:10 +alissa 15:05:35 +jmorris 15:05:41 ScribeNick: alissa 15:05:50 paddy has joined #dap 15:05:52 Topic: Administrative 15:05:58 +??P27 15:06:21 present+ Paddy_Byers 15:06:29 Present+ Richard_Tibbett 15:07:22 drogersuk has joined #dap 15:07:56 F2F 16-18 March 15:08:10 RuthVazquez has joined #dap 15:08:15 logistics, http://www.w3.org/2009/dap/wiki/PragueF2F 15:08:26 attending: http://www.w3.org/2002/09/wbs/43696/prague-2010/ 15:08:35 * Note on Daylight savings time difference between US and EU, 15:08:43 see http://lists.w3.org/Archives/Member/member-device-apis/2010Mar/0000.html 15:08:57 + +0207868aacc 15:09:18 proposed RESOLUTION: Cancel teleconference 24 March 15:09:18 [note that some calendar programs (such as iCal) allow you to anchor meetings in a TZ, in this case use US Eastern] 15:09:22 as mentioned in the above email, http://www.timeanddate.com/time/dst2010a.html is a good resource 15:09:36 RESOLUTION: Cancel teleconference 24 March 15:09:52 2c) possible F2F at TPAC, Thur/Fri 4-5 November, http://lists.w3.org/Archives/Public/public-device-apis/2010Mar/0070.html 15:10:11 q+ 15:10:15 ack me 15:10:17 ack dom 15:11:01 dom: not sure if thurs-fri is best for TPAC meeting 15:11:05 aguillou has joined #dap 15:11:15 ... depends on joint meetings with other groups 15:11:25 fjh: works better for me thurs-fri 15:11:45 ... can we indicate tentative preference for thurs-fri? 15:11:50 David has joined #dap 15:12:05 Present+ aurelien_guillou 15:12:20 dom: can we say we're flexible but have a conflict with XML Security? 15:12:33 ... and that we want to meet with Geoloc and Web Apps? 15:12:35 q+ 15:12:41 ack jmorris 15:13:57 darobin: will indicate thurs-fri preference 15:14:02 Topic: Minutes approval 15:14:05 3 March 2010 15:14:13 http://lists.w3.org/Archives/Public/public-device-apis/2010Mar/att-0059/minutes-2010-03-03.html 15:14:16 aguillou has joined #dap 15:14:20 proposed RESOLUTION: Minutes from 3 March approved. 15:14:25 RESOLUTION: Cancel teleconference 24 March 15:14:33 Topic: F2F Agenda 15:14:45 Present+ aurelien_guillou 15:14:49 fjh: moved some privacy stuff to the first day to accommodate alissa 15:14:49 see http://lists.w3.org/Archives/Public/public-device-apis/2010Mar/0079.html 15:15:15 ... nobody from Google will be attending 15:15:34 zakim, mute me 15:15:34 Dom should now be muted 15:15:37 Day 1, Tuesday, 16 March (10:00 - 17:00) 15:15:37 Day 2, Wednesday 17 March (9:00 - 17:30) 15:15:50 Day 3, Thursday 18 March (9-15:30) 15:16:42 no concerns raised about times 15:17:06 +arve 15:17:49 fjh: concerned that we're sitting on submissions, try to use F2F to get something going with policy 15:17:52 q+ 15:18:59 fjh: more time for contacts as it's an important API 15:19:26 Though nothing has been proposed (yet) on the mailing list I have an action to write up the OpenProvider proposal before the F2F. It would be nice if we have time to discuss this. 15:19:26 ack suresh 15:19:53 action-48? 15:19:53 ACTION-48 -- Suresh Chitturi to propose a definition for API access control, and a possible model for policy enforcement -- due 2010-02-24 -- CLOSED 15:19:53 http://www.w3.org/2009/dap/track/actions/48 15:20:14 Suresh: ACTION-48 has not been incorporated 15:20:21 LauraA has joined #dap 15:20:33 ... access control definition has not been discussed 15:20:41 ... could be done at F2F 15:20:41 drogersuk has joined #DAP 15:20:59 Present+ LauraA 15:21:02 ack me 15:21:11 present+ David_Rogers 15:21:20 q- 15:21:20 zakim, mute me 15:21:21 Dom should now be muted 15:21:36 action: add definition from ACTION-48 to policy requirements 15:21:36 Sorry, couldn't find user - add 15:21:48 action: fjh to add definition from ACTION-48 to policy requirements 15:21:48 Created ACTION-102 - Add definition from ACTION-48 to policy requirements [on Frederick Hirsch - due 2010-03-17]. 15:22:01 s/action: add.*// 15:22:06 +LauraA 15:22:20 q+ To ask if we could allocate some time for OpenProvider in the F2F agenda 15:22:36 ack richt 15:22:36 richt, you wanted to ask if we could allocate some time for OpenProvider in the F2F agenda 15:22:52 richt: can we get some time to discuss OpenProvider at the F2F? 15:23:08 ... proposal went to the list 15:23:25 ... proposal WILL GO to the list this friday 15:23:45 fjh: can discuss in conjunction with powerbox 15:24:06 s/proposal went to the list// 15:24:40 reminder - to discuss OpenProvider during F2F, presumably in conjunction with Powerbox discussion 15:25:15 teleconf bridge info - http://lists.w3.org/Archives/Public/public-device-apis/2010Mar/0060.html 15:25:37 ack me 15:25:54 zakim, mute me 15:25:54 Dom should now be muted 15:26:18 fjh: no speakerphone for F2F, so remote participants will need patience 15:26:30 During the Powerbox discussion it would be good to have Google on the bridge 15:26:36 ... remote participants should go onto IRC and say when they are planning to call in 15:27:36 darobin: we have an address and a room, it's all on the wiki 15:27:57 Topic: Editorial 15:28:01 zakim, unmute me 15:28:01 maxf should no longer be muted 15:28:18 fjh: maxf proposed separating use cases from APIs 15:28:29 http://lists.w3.org/Archives/Public/public-device-apis/2010Mar/0064.html (Max) 15:28:46 David has joined #DAP 15:29:00 zakim, who is making noise? 15:29:12 fjh, listening for 10 seconds I heard sound from the following: maxf (17%), darobin (61%) 15:29:13 maxf: implemented the split in systems info 15:29:30 ... to do use cases and requirements properly it takes a lot of space 15:29:47 ... drawback is that if you want to publish it, you must publish separate document 15:30:00 ... but still thing split is better. each editor could decide. 15:30:20 fjh: no preference really 15:30:26 +1 to splitting use cases out, don't feel strongly that we need to publish them as TR 15:30:36 +1 to what dom said 15:30:43 zakim, mute me 15:30:43 maxf should now be muted 15:30:52 fjh: will decide on case-by-case basis 15:31:06 Topic: Policy 15:31:28 drogersuk has joined #DAP 15:31:33 it's fine 15:31:59 fjh: editorial change to policy section to make requirements types explicit 15:32:12 action: fjh to update policy requirements revising T* 15:32:12 Created ACTION-103 - Update policy requirements revising T* [on Frederick Hirsch - due 2010-03-17]. 15:32:18 fjh: prefer use cases in published documents 15:32:58 http://lists.w3.org/Archives/Public/public-device-apis/2010Mar.0066.html 15:33:36 +1 for use cases in published documents 15:33:40 alissa: discussing apps informing users of what their policies are 15:33:53 http://lists.w3.org/Archives/Public/public-device-apis/2010Mar/0066.html 15:34:19 general agreement about talking about substance of policy, not ui (for now) 15:34:57 David has joined #DAP 15:35:02 ISSUE-73 15:35:06 ISSUE-73? 15:35:06 ISSUE-73 -- Security and Privacy Implications for PIM APIs -- OPEN 15:35:06 http://www.w3.org/2009/dap/track/issues/73 15:35:25 Topic: ISSUE-73 15:35:49 David: had been looking at use cases 15:35:50 ACTION-45? 15:35:50 ACTION-45 -- David Rogers to provide use case with threat model scenarios -- due 2010-03-10 -- OPEN 15:35:50 http://www.w3.org/2009/dap/track/actions/45 15:36:17 ... matching policy parts to abuse case 15:36:30 ... e.g., voicemail number changed to premium rate number 15:36:40 ACTION-45 due 2010-03-12 15:36:40 ACTION-45 Provide use case with threat model scenarios due date now 2010-03-12 15:36:48 ...hope to circulate tomorrow or friday 15:37:09 q+ 15:37:18 ... trying to show how to resolve abuses with BONDi policy 15:37:19 ISSUE-73: see ACTION-45 15:37:19 ISSUE-73 Security and Privacy Implications for PIM APIs notes added 15:37:27 ack richt 15:37:28 ISSUE-73 discussion: 'Contacts API typical use cases and privacy considerations' http://lists.w3.org/Archives/Public/public-device-apis/2010Feb/0109.html 15:37:51 richt: had a good discussion with dom, should inform abuse cases 15:37:53 ISSUE-73: see also http://lists.w3.org/Archives/Public/public-device-apis/2010Feb/0109.html 15:37:53 ISSUE-73 Security and Privacy Implications for PIM APIs notes added 15:38:13 ... auto-filling the form 15:38:39 fjh: still not sure if we've dealt with policy concerns for that case 15:39:25 David: have not considered auto-form filling use case yet 15:39:38 fjh: will want to talk about that at the F2F 15:39:55 David: if we can maintain a list of abuse cases and threat model going forward, we should do that 15:40:16 ... don't want to be repeating core threats all the time 15:41:14 ... if user makes stupid decision, that's out of the control of the API 15:41:28 ... might need a section on user's responsibility to themselves 15:41:47 issue-37? 15:41:48 ISSUE-37 -- Domain spoofing and trust in the network layer -- OPEN 15:41:48 http://www.w3.org/2009/dap/track/issues/37 15:42:06 Topic: ISSUE-37 domain spoofing and trust in the network layer 15:42:16 action-38? 15:42:16 ACTION-38 -- Claes Nilsson to should issue recommendation on the granularity of the security system -- due 2009-12-16 -- CLOSED 15:42:16 http://www.w3.org/2009/dap/track/actions/38 15:42:26 ack darobin 15:43:00 -> http://lists.w3.org/Archives/Public/public-device-apis/2009Nov/att-0017/minutes-2009-11-02.html#action01 Record of the discussions where ISSUE-37 was raised 15:43:14 David: we need to consider connecting to wifi in a cafe or airport and resulting security threats 15:43:30 ... persistent connection to mobile provider is more secure at the moment 15:43:45 ... tlr disagrees 15:44:11 ... there are a couple of demos 15:44:14 q+ 15:44:21 what is the next action, and by whom? 15:44:21 [can we rephrase this issue in form of a question that can get an answer?] 15:44:23 ack paddy 15:44:27 ... of domain spoofing 15:44:33 drogersuk has joined #DAP 15:44:42 paddy: this boils down to abuse cases again 15:45:01 s/abuse/use 15:45:57 David: can add this aspect 15:46:19 action: drogersuk to add use case related to ISSUE-37 15:46:19 Sorry, couldn't find user - drogersuk 15:46:31 action: roger to add use case related to ISSUE-37 15:46:31 Sorry, couldn't find user - roger 15:46:37 action: rogers to add use case related to ISSUE-37 15:46:37 Created ACTION-104 - Add use case related to ISSUE-37 [on David Rogers - due 2010-03-17]. 15:46:39 David has joined #dap 15:47:06 Topic: update to FileWriter 15:47:08 -> http://dev.w3.org/2009/dap/file-system/file-writer.html 15:48:00 +1 to send a CfC on FileWriter 15:48:03 darobin: ready for FPWD at F2F? 15:48:07 q+ 15:48:12 ack richt 15:48:33 richt: it's not using namespacing -- do we need it? 15:48:57 darobin: first decision was to do it case-by-case 15:49:11 ... more impt to have consistency with file API in this case 15:49:45 richt: not concerned, just wondering if it affects other APIs 15:49:46 [I don't think that question should block FPWD in any cas€] 15:49:54 darobin: depends on the case 15:50:26 ... have not been able to get any agreement otherwise 15:50:32 ... agree that it shouldn't block FPWD 15:50:41 richt: agreed 15:50:58 q+ 15:51:05 darobin: style of writing API descriptions -- normative statements can be clunky but we might want them 15:51:11 ack David 15:51:31 David: Martin submitted design patterns document that might be helpful 15:51:39 s/Martin/Marcin/ 15:51:48 sorry about the names 15:51:55 (last update to design patterns was in October) 15:52:11 darobin: hasn't been updated since BONDI? 15:52:26 ... can talk to him about picking it up 15:52:33 s/BONDI/October/ 15:52:33 s/October/November/ 15:52:52 -> http://dev.w3.org/2009/dap/design-patterns/ Marcin's draft on API Design Patterns 15:53:08 Topic: update to Messaging 15:53:10 -> http://dev.w3.org/2009/dap/messaging/ 15:53:24 zakim, unmute me 15:53:24 maxf should no longer be muted 15:53:54 maxf: looks perfect to me 15:53:59 [I read through it, I think it's in good shape generally speaking] 15:55:14 nwidell: will not be at F2F 15:55:20 darobin: no isue with publishing it 15:55:30 s/isue/issue/ 15:55:48 nwidell: would appreciate comments 15:56:00 darobin: asking for publication will accomplish that - CfC 15:56:29 nwidell: will make editorial changes by monday 15:56:59 ... go ahead to CfC now 15:57:25 darobin will send CfC after call 15:57:30 q+ 15:57:37 Topic: System Info next steps 15:57:38 ack Suresh 15:58:10 -> http://dev.w3.org/2009/dap/calendar/ 15:58:16 Suresh: Calendar API has been sitting around for a month now 15:58:46 ... action out on harmonizing with IETF, that work is complementary 15:58:46 I agree with Suresh 15:58:56 ... want to go to FPWD 15:59:27 ... will add a note about the compatability issue 15:59:35 q+ 15:59:37 ack me 15:59:48 darobin will send CfC for calendars as well 16:00:13 dom: mapping may not be complementary 16:00:47 ... may not have consistent view of scope of Calendar API 16:01:32 Suresh: we don't cover entire set of cases, it's true 16:01:37 drogersuk has joined #dap 16:01:46 ... but have placeholders for most items 16:02:09 dom: agreed 16:02:15 there's some...interesting...stuff in the Calendar API...will need a thorough review and welcome further comments before or during the F2F 16:02:20 ... withdraw my comment 16:02:25 zakim, mute me 16:02:26 Dom should now be muted 16:02:47 [I don't think all my comments have been integrated in the calendar API; hence why I haven't further commented on it, FWIW] 16:02:51 Topic: System Info 16:03:05 maxf: mapping to DCO, thresholds are outstanding issues 16:03:27 ... prepped a list of items to discuss at F2F 16:03:52 q+ to ask about ACTION-100 16:04:09 ACTION-100? 16:04:09 ACTION-100 -- John Morris to share information on key important privacy policy aspects relevant to DAP -- due 2010-03-10 -- OPEN 16:04:09 http://www.w3.org/2009/dap/track/actions/100 16:04:23 action-100? 16:04:23 ACTION-100 -- John Morris to share information on key important privacy policy aspects relevant to DAP -- due 2010-03-10 -- OPEN 16:04:23 http://www.w3.org/2009/dap/track/actions/100 16:04:50 fjh: is action-100 still open? 16:05:02 jmorris: will have something but perhaps not until monday 16:05:55 ... walking through different APIs to suggest which privacy issues are most importance 16:06:15 ... can get something higher level out earlier and more granular later on 16:06:59 no problem 16:07:06 -darobin 16:07:07 -Dom 16:07:09 -alissa 16:07:09 -richt.a 16:07:10 -??P27 16:07:10 -arve 16:07:11 rrsagent, generate minutes 16:07:11 I have made the request to generate http://www.w3.org/2010/03/10-dap-minutes.html fjh 16:07:12 -ilkka 16:07:13 -LauraA 16:07:14 -richt 16:07:15 - +0207868aacc 16:07:17 -maxf 16:07:19 -jmarting_TEF 16:07:21 -Claes 16:07:23 -AnssiK 16:07:25 -fjh 16:07:27 -suresh 16:07:44 -jmorris 16:07:53 AnssiK has left #dap 16:07:59 -Niklas 16:08:00 UW_DAP()10:00AM has ended 16:08:02 Attendees were fjh, +1.202.436.aaaa, ilkka, +1.972.373.aabb, Dom, suresh, AnssiK, richt, maxf, alissa, Claes, jmarting_TEF, darobin, Niklas, jmorris, +0207868aacc, arve, LauraA 16:13:32 Present+ Dominique_Hazaël-Massieux 16:14:02 rrsagent, generate minutes 16:14:02 I have made the request to generate http://www.w3.org/2010/03/10-dap-minutes.html fjh 17:03:11 darobin has joined #dap 18:23:42 Zakim has left #dap 18:34:33 fjh2 has joined #dap 18:51:44 Marcos has joined #dap 19:00:38 arve has joined #dap