13:32:28 RRSAgent has joined #dap 13:32:28 logging to http://www.w3.org/2010/04/07-dap-irc 13:32:30 RRSAgent, make logs world 13:32:30 Zakim has joined #dap 13:32:32 Zakim, this will be DAP 13:32:33 Meeting: Device APIs and Policy Working Group Teleconference 13:32:33 Date: 07 April 2010 13:32:33 ok, trackbot; I see UW_DAP()10:00AM scheduled to start in 28 minutes 13:32:44 Chair: Robin_Berjon, Frederick_Hirsch 13:32:53 Present: Robin_Berjon, Frederick_Hirsch 13:33:15 Agenda: http://lists.w3.org/Archives/Public/public-device-apis/2010Apr/0007.html 13:33:57 Regrets: Dominique_Hazaël-Massieux, Ilkka_Oksanen, Thomas_Roessler 13:44:20 arve has joined #dap 13:49:08 Kangchan has joined #dap 13:53:31 darobin has joined #dap 13:53:34 UW_DAP()10:00AM has now started 13:53:42 + +39.011.228.aaaa 13:53:49 marengo has joined #dap 13:59:14 +[IPcaller] 13:59:24 zakim, [IPcaller] is me 13:59:24 +fjh; got it 14:00:01 + +1.202.637.aabb 14:00:03 alissa has joined #dap 14:00:20 Present+ Marco_Marengo 14:00:22 zakim, aabb is alissa 14:00:22 +alissa; got it 14:00:33 Present+ Alissa_Cooper 14:00:36 Claes has joined #dap 14:00:41 Present+ Kangchan_Lee(IRC only) 14:00:55 zakim, who is here? 14:00:55 On the phone I see +39.011.228.aaaa, fjh, alissa 14:00:59 On IRC I see Claes, alissa, marengo, darobin, Kangchan, arve, Zakim, RRSAgent, fjh, Marcos, tlr, maxf, ingmar, ilkka, shepazu, trackbot, dom 14:01:09 Zaki, aaaa is me 14:01:16 Zakim, aaaa is me 14:01:16 +marengo; got it 14:01:20 + +1.425.214.aacc 14:01:24 drogersuk has joined #dap 14:01:26 paddy has joined #dap 14:01:27 Dzung_Tran has joined #dap 14:01:31 Present+ Dzung_Tran 14:01:33 +??P25 14:01:40 Zakim, ??P25 is me 14:01:41 +darobin; got it 14:01:45 +Claes 14:01:46 Present+ Robin_Berjon 14:01:53 Zakim, mute me 14:01:55 marengo should now be muted 14:02:09 zakim, who is here? 14:02:09 On the phone I see marengo (muted), fjh, alissa, +1.425.214.aacc, darobin, Claes 14:02:13 On IRC I see Dzung_Tran, paddy, drogersuk, Claes, alissa, marengo, darobin, Kangchan, arve, Zakim, RRSAgent, fjh, Marcos, tlr, maxf, ingmar, ilkka, shepazu, trackbot, dom 14:02:24 + +0207868aadd 14:02:30 Present+ David_Rogers 14:02:35 +??P29 14:02:38 LauraA has joined #dap 14:02:40 Present+ Claes_Nilsson 14:02:41 zakim, aacc is bryan 14:02:42 +bryan; got it 14:02:46 Present+ LauraA 14:02:47 present+ Paddy_Byers 14:02:49 zakim, who is here? 14:02:49 On the phone I see marengo (muted), fjh, alissa, bryan, darobin, Claes, +0207868aadd, ??P29 14:02:53 Zakim, 0207868aadd is me 14:02:54 On IRC I see LauraA, Dzung_Tran, paddy, drogersuk, Claes, alissa, marengo, darobin, Kangchan, arve, Zakim, RRSAgent, fjh, Marcos, tlr, maxf, ingmar, ilkka, shepazu, trackbot, dom 14:02:57 sorry, drogersuk, I do not recognize a party named '0207868aadd' 14:03:10 zakim, aadd is drogersuk 14:03:10 +drogersuk; got it 14:03:14 zakim, who is here? 14:03:14 On the phone I see marengo (muted), fjh, alissa, bryan, darobin (muted), Claes, drogersuk, ??P29 14:03:17 On IRC I see LauraA, Dzung_Tran, paddy, drogersuk, Claes, alissa, marengo, darobin, Kangchan, arve, Zakim, RRSAgent, fjh, Marcos, tlr, maxf, ingmar, ilkka, shepazu, trackbot, dom 14:03:28 Present+ John_Morris 14:03:33 jmorris has joined #dap 14:03:35 Zakim, alissa holds john_morris 14:03:35 +john_morris; got it 14:03:43 I'll scribe 14:03:51 thanks paddy! 14:03:59 +LauraA 14:04:05 Present+ John_Morris 14:04:11 zakim, who is here? 14:04:11 On the phone I see marengo (muted), fjh, alissa, bryan, darobin, Claes, drogersuk, ??P29, LauraA 14:04:13 alissa has john_morris 14:04:14 On IRC I see jmorris, LauraA, Dzung_Tran, paddy, drogersuk, Claes, alissa, marengo, darobin, Kangchan, arve, Zakim, RRSAgent, fjh, Marcos, tlr, maxf, ingmar, ilkka, shepazu, 14:04:17 ... trackbot, dom 14:04:41 + +0472369aaee 14:04:45 +Ingmar_Kliche 14:04:52 zakim, aaee is me 14:04:52 +maxf; got it 14:04:56 zakim, mute me 14:04:56 maxf should now be muted 14:05:02 +richt 14:05:03 zakim, ??P29 is paddy 14:05:03 +paddy; got it 14:05:29 scribenick: paddy 14:05:33 aguillou has joined #dap 14:05:37 Topic: Administrative 14:05:56 Updated Capture API draft published, 1 April 2010 14:06:04 http://www.w3.org/News/2010#entry-8759 14:06:06 Present+ Aurelien_Guillou 14:06:11 FPWD of File API: Writer published, 6 April 2010 14:06:13 +richt.a 14:06:19 http://www.w3.org/News/2010#entry-8762 14:06:21 richt has joined #dap 14:06:24 Topic: Minutes 14:06:26 fjh: minutes are out: any changes wanted? 14:06:31 Present+ Richard_Tibbett 14:06:36 http://lists.w3.org/Archives/Public/public-device-apis/2010Mar/att-0242/minutes-2010-03-31.html 14:06:43 + +1.408.216.aaff 14:06:45 RESOLUTION: minutes of 31 March approved 14:06:55 Topic: Policy 14:07:03 Suresh has joined #dap 14:07:05 Present+ Ingmar_Kliche 14:07:08 ACTION-153 14:07:15 ACTION-153? 14:07:15 ACTION-153 -- Alissa Cooper to refine privacy requirements (with John) -- due 2010-04-07 -- OPEN 14:07:15 http://www.w3.org/2009/dap/track/actions/153 14:07:15 fjh: Had actions to review requirements - Alissa, do you have anything to say? 14:07:24 Suresh has joined #dap 14:07:29 alissa: I tried to pare down to just talking about the requirements on APIs 14:07:34 wonsuk has joined #dap 14:07:36 Present+ Suresh_Chitturi 14:07:36 comments from Frederick at http://lists.w3.org/Archives/Public/public-device-apis/2010Apr/0011.html 14:07:49 .. we decided to separate from policy stuff and best practices for app developers 14:07:52 Present+ Wonsuk_Lee 14:07:54 updated editors draft with this revision, see http://dev.w3.org/2009/dap/privacy-reqs/ 14:07:58 .. decided just to adjust text without changing too much 14:08:14 Previous versions are visible in the CVS history 14:08:20 .. did some other editorial changes: tried to fill in big table with other elements of privacy 14:08:22 http://dev.w3.org/cvsweb/2009/dap/privacy-reqs/Overview.html 14:08:45 .. I just don't think that the complete picture of what gets addressed where is obvious 14:09:16 jmorris: I thinkit would be helpful to have a couple of diagrams on architecture as discussed in Prague 14:09:35 fjh: alissa,, were you proposing additional text to address that? 14:09:44 +wonsuk 14:09:50 .. just to make sure new readers understand what we are trying to do 14:09:57 -> some unfinished noodling http://dev.w3.org/2009/dap/docs/privacy-license.html 14:10:00 .. we do need to have a bit more to set out scope, context 14:10:16 jmorris: do we do it in this document? My personal vote is yes 14:10:27 fjh: yes, don't want to proliferate documents unnecessarily 14:10:50 darobin: I have an action to look at separate solutions, have drafted some text in a separate document 14:11:07 Robin suggests using material from background section 14:11:11 ... are you looking for something like what's in the background section of that document? 14:11:21 http://dev.w3.org/2009/dap/docs/privacy-license.html#background 14:11:32 alissa: yes, I think if something like this doc exists, then the API requirements doc can refer to it 14:12:03 jmorris: I don't think we need explanation in every doc; but should be somewhere publically visible when we first publish 14:12:13 .. alissa and I can look at it, but it's a good start 14:12:35 I suggest we copy background section from Robin's draft into requirements document 14:12:36 darobin: doc was just a brain dump, so steal the text and put in the requirements doc 14:13:00 fjh: alissa, jmorris: do you wish to take on editorial control? 14:13:01 +1 to either or both alissa and jmorris to have editorial access 14:13:12 jmorris: I think it should be alissa 14:13:43 action: fjh to add background section into requirements with some edits 14:13:43 Created ACTION-157 - Add background section into requirements with some edits [on Frederick Hirsch - due 2010-04-14]. 14:13:50 hendry has joined #dap 14:13:59 darobin: review the text before copying it :) 14:14:09 .. dom will set up access for editing 14:14:30 fjh: took out abuse cases; some of this might be in the requirements doc 14:14:41 .. do you want to review how it relates to your part? 14:14:53 q+ 14:14:54 alissa: I can review but also welcome suggestions from the list 14:15:17 fjh: is there more to be said about this? 14:15:36 q+ to talk about latest addition to Contacts API: http://dev.w3.org/2009/dap/contacts/Overview.html#design-considerations 14:15:38 ... next step is to decide what we do in the various API docs 14:15:40 + +03497421aagg 14:15:49 .. do we subsume these requirements into the individual API docs? 14:15:59 .. should it be up to the document owners? 14:16:01 danielcoloma has joined #dap 14:16:11 Zakim, aagg is danielcoloma 14:16:11 +danielcoloma; got it 14:16:17 alissa: do we want the privacy issues to be explicit requirements on the APIs? 14:16:19 Present+ DanielColoma 14:16:39 I believe api docs should each list the privacy items and how they are addressed 14:16:44 ... I think there should be, but others may disagree 14:16:47 +1 14:16:54 fjh: agree it should be explicit as requirements 14:17:09 .. then we can determine the degree to which each API satisfies those requirements 14:17:24 .. also we need a caveat about privacy requirements changing 14:17:38 bryan: I agree should indicate the scope of the requirements in the API docs 14:17:55 .. but there should be a central place where the concepts, requirements are discussed in general terms 14:18:00 q? 14:18:04 each api should indicate how it supports or does not support, items in API table 14:18:06 ack richt 14:18:06 richt, you wanted to talk about latest addition to Contacts API: http://dev.w3.org/2009/dap/contacts/Overview.html#design-considerations 14:18:10 richt: I added a section to contacts API to try out this idea 14:18:27 .. to discuss issues relating to privacy and also other design considerations relating to the API 14:18:36 .. added section "privacy by design" 14:18:36 http://dev.w3.org/2009/dap/contacts/Overview.html#privacy-by-design 14:19:00 .. but done in parallel to what has been happening in the privacy requirements document 14:19:22 richt: .. it would be great to get feedback, this is just embryonic at this stage 14:19:36 maybe we should focus on contacts first, then revise other docs with similar agreed model 14:19:51 ... quite useful to have as design considerations explicitly tailored to the requirements/issues of each API 14:20:03 .. every API has different issues 14:20:17 ok, so start is to get the facts for each API, then worry about formatting 14:20:27 +1 14:20:42 fjh: get the facts down in each doc first, then worry about formatting 14:21:00 ... if each API doc owner can create a privacy section, this will be a good starting point 14:21:09 .. thanks to richt for this input 14:21:35 .. next step for privacy will be to go through each API 14:21:39 .. add background section 14:21:44 ... review the big table 14:21:51 ... decide what needs to be added in 14:22:22 .. alissa, jmorris, did you have concerns about the text? were you going to do something about that? 14:23:00 .. what is the size of the concern, and when will we have an update? 14:23:12 jmorris: concerns were mostly minor 14:23:48 ... there were multiple contributors, and existing text is raising questions/issues rather than being presented logically 14:24:01 alissa: jmorris should forward proposed changes to list 14:24:23 fjh: trying to figure out what needs to happen before we can make a public draft 14:24:38 jmorris: can send input to list in next few days 14:24:48 fjh: licensing stuff as well? 14:24:56 action: jmorris to send proposed changes to list re privacy requirements 14:24:57 Created ACTION-158 - Send proposed changes to list re privacy requirements [on John Morris - due 2010-04-14]. 14:24:58 alissa: need more time for that part 14:25:06 fjh: achievable this month? 14:25:06 -LauraA 14:25:16 alissa: probably, but need another week 14:25:28 +LauraA 14:25:33 fjh: more comments on that requirements doc? 14:25:51 Topic: Policy Framework 14:25:56 fjh: Laura, you did some edits on the policy framework - do you want to talk to what you did? 14:26:01 ACTION-152? 14:26:01 ACTION-152 -- Laura Arribas to edit policy framework, reviewing BONDI material and editorial update -- due 2010-04-07 -- OPEN 14:26:01 http://www.w3.org/2009/dap/track/actions/152 14:26:03 laura: yes 14:26:12 maoteo has joined #dap 14:26:23 .. I continued what drogers started, based on input from BONDI 14:26:38 -wonsuk 14:26:40 .. finished passing BONDI appendices document 14:26:42 http://dev.w3.org/2009/dap/policy/ 14:26:51 ... focussing now on architecture based on BONDi A&S 14:27:01 .. then will look at how to merge the Nokia submission 14:27:15 +wonsuk 14:27:17 ... the current draft now has a formal model 14:27:35 .. but not yet ready for review, so people should wait until it is ready 14:27:37 Present+ Maria_Oteo 14:27:43 ... will email the list when ready for review 14:28:03 ISSUE-79? 14:28:03 ISSUE-79 -- Fingerprinting privacy issue related to sysinfo, need for feedback on privacy risk -- OPEN 14:28:03 http://www.w3.org/2009/dap/track/issues/79 14:28:11 fjh: can we make progress on other policy issues? 14:28:29 ... do we have a solution to this issue? I'm not sure what we want to do 14:28:39 ... is anyone thinking about this? 14:28:54 ... I'm going to suggest that we focus on the functionality of sysinfo 14:29:01 ... maxf - are you the editor? 14:29:06 zakim, unmute me 14:29:06 maxf should no longer be muted 14:29:24 perhaps this is a minimization issue 14:29:27 jmorris: I think it is right to address via minimisation 14:29:46 fjh: then we do have a way to address it, so we have to talk about minimisation 14:30:00 action: maxf note minimization in sysinfo to address ISSUE-79 14:30:00 Created ACTION-159 - Note minimization in sysinfo to address ISSUE-79 [on Max Froumentin - due 2010-04-14]. 14:30:06 I'll try again 14:30:12 and hang up 14:30:22 -maxf 14:30:22 zakim, who is here? 14:30:23 On the phone I see marengo (muted), fjh, alissa, bryan, darobin, Claes, drogersuk, paddy, Ingmar_Kliche, richt, richt.a, +1.408.216.aaff, danielcoloma (muted), LauraA, wonsuk 14:30:28 alissa has john_morris 14:30:30 On IRC I see maoteo, danielcoloma, hendry, wonsuk, Suresh, richt, aguillou, jmorris, LauraA, Dzung_Tran, paddy, drogersuk, Claes, alissa, marengo, darobin, Kangchan, arve, Zakim, 14:30:33 ... RRSAgent, fjh, Marcos, tlr, maxf, ingmar, ilkka, shepazu, trackbot, dom 14:30:44 darobin: one thing that worries me is that the document is mature and nearly ready for LC 14:30:46 to answer the question, I am the editor and I've not thought about policy much 14:30:52 .. so we need to address this issue before LC 14:31:02 .. so we don't carry the issue into LC 14:31:21 .. perhaps the resolution is simple, but it still needs to be written up 14:31:46 fjh: we need to say how it is addressed, eg the API design permits incomplete responses 14:32:09 darobin: currently in the API, it is an implementation decision as to what information is returned 14:32:12 need note to warn implementations about need for minimization 14:32:20 zakim, who is here? 14:32:20 On the phone I see marengo (muted), fjh, alissa, bryan, darobin, Claes, drogersuk, paddy, Ingmar_Kliche, richt, richt.a, +1.408.216.aaff, danielcoloma (muted), LauraA, wonsuk 14:32:23 alissa has john_morris 14:32:24 On IRC I see maoteo, danielcoloma, hendry, wonsuk, Suresh, richt, aguillou, jmorris, LauraA, Dzung_Tran, paddy, drogersuk, Claes, alissa, marengo, darobin, Kangchan, arve, Zakim, 14:32:24 fjh: so we have an implementation guideline 14:32:26 ... RRSAgent, fjh, Marcos, tlr, maxf, ingmar, ilkka, shepazu, trackbot, dom 14:32:27 +maxf 14:33:16 [I think that adding concerns of fingerprinting and minimisation to http://dev.w3.org/2009/dap/system-info/#privacy-considerations-for-implementors might be enough] 14:33:24 fjh: need a paragraph in the doc saying the minimisation is important, and implementations may make minimised responses 14:33:34 .. not necessarily controlled via policy 14:33:52 ... darobin says address it before LC 14:33:55 maxf: ok 14:34:00 ISSUE-38? 14:34:00 ISSUE-38 -- Use cases and threat model for security requirements -- OPEN 14:34:00 http://www.w3.org/2009/dap/track/issues/38 14:34:02 zakim, mute me 14:34:02 maxf should now be muted 14:34:15 fjh: other issue is about use cases and threat model 14:34:29 ... drogers did something, is there more we need to do? 14:34:49 drogers: had to take a week off so unable to progress as intended 14:35:11 david notes that we need linkages from threats to requirements 14:35:12 ... but have agreed to put a placeholder in the policy document so policy requirements are traceable back to threats 14:35:24 fjh: will you do a proposal for that? 14:35:34 drogers: yes, I will be able to progress soon 14:35:50 ... already captured in existing action 14:35:56 issue-37? 14:35:56 ISSUE-37 -- Domain spoofing and trust in the network layer -- OPEN 14:35:56 http://www.w3.org/2009/dap/track/issues/37 14:36:02 fjh: another issue - out of scope? 14:36:13 ... network layer, different layers of protocol stack 14:36:27 ... and threats arising from network-layer attacks 14:36:31 ... is this in scope? 14:36:44 drigers: yes, eg 3G vs Wifi 14:36:53 s/drigers/drogers/ 14:37:05 david notes he will capture in threats, then we can discuss 14:37:09 ... need to capture in threats, and important consideration 14:37:20 .. but decision will be later as to whether or not in scope 14:37:26 ISSUE-17? 14:37:26 ISSUE-17 -- Summarize security issues and related requirements for file API -- OPEN 14:37:26 http://www.w3.org/2009/dap/track/issues/17 14:37:51 fjh: issue 17 - should deal with file API - probably need to work on this 14:38:00 ... but can't remember the status 14:38:07 ... any comment? 14:38:34 Topic: APIs 14:38:48 darobin: hasn't been a whole lot of progress in last week 14:39:04 ... one issue: rename "capture" to "media capture" 14:39:18 RESOLUTION: change "capture" to "media capture" 14:39:29 but no change to shortname 14:39:33 darobin: we published capture and file writer 14:39:53 ... hopefully getting some feedback 14:40:08 ... richt, anything new on contacts you want to bring up? 14:40:27 richt: only really did the privacy section 14:40:35 ... not many other changes 14:40:46 ... similarly calendar is progressing, but slowly 14:41:00 darobin: will update the docs based on what we agreed today? 14:41:02 richt: sure 14:41:09 zakim, unmute me 14:41:09 maxf should no longer be muted 14:41:20 darobin: maxf indicated that changes agreed at f2f in messaging are addressed 14:41:28 ... is that true? 14:41:48 maxf: yes, did first part of changes but not much time in last couple of weeks 14:41:56 ... committed some changes this morning 14:42:10 ... so should now be synchronised with what was agreed at f2f 14:42:29 darobin: doc seems to be broken, some styling isn't working 14:42:42 FYI, messaging URL: http://dev.w3.org/2009/dap/messaging/ 14:42:52 David has joined #dap 14:42:56 ... also we agreed removing section 7 as it relates more to application launcher 14:43:16 maxf: I should have checked, that wasn't implemented in draft 14:43:28 darobin: would this then be ready for publication next week? 14:43:31 maxf: yes 14:43:54 darobin: as soon as checks are completed, send an email and we will issue CfC 14:44:19 ... lets look at sysinfo 14:44:28 maxf: did changes discussed at f2f 14:44:56 ... there are 2 or 3 things still to do, but should be really quick to complete it 14:45:01 drogersuk has joined #dap 14:45:23 ... then will publish a new draft for the group 14:45:36 .. since at the f2f we didn't create a definitive list of issues 14:45:52 darobin: if can focus on getting to LC it would be great 14:46:01 zakim, mute me 14:46:01 maxf should now be muted 14:46:08 ... looking at other drafts - anything else we haven't covered? 14:46:21 David has joined #dap 14:46:27 q+ 14:46:31 .. if there's nothing else in terms of progress on APIs, suggest move to AOB 14:46:40 Topic: AOB 14:46:53 fjh: edits to ReSpec - will this break our docs? 14:47:07 q- 14:47:14 darobin: this should not break anything, but report any problems you see 14:47:38 ... there are at least 4 or 5 other groups using ReSpec but these have added nice new features 14:47:46 q+ check on ACTION-120 status - http://www.w3.org/2009/dap/track/actions/120 14:47:49 ... anything else? 14:47:55 ACTION-120? 14:47:55 ACTION-120 -- Robin Berjon to check with Geolocation WG re choice of object literals vs positional parameters in geo API -- due 2010-03-24 -- OPEN 14:47:55 http://www.w3.org/2009/dap/track/actions/120 14:47:59 richt: wanted to focus on action 120 14:48:15 ... related to style of these APIs - does this have significant impact on publication? 14:48:36 darobin: will do it now 14:49:10 .. hope we don't get bogged down in long discussion on API styles 14:49:21 -bryan 14:49:21 ... nothing more to discuss 14:49:22 -drogersuk 14:49:26 -Claes 14:49:28 -wonsuk 14:49:28 -richt.a 14:49:30 -richt 14:49:30 -alissa 14:49:32 -darobin 14:49:32 -LauraA 14:49:33 -marengo 14:49:34 wonsuk has left #dap 14:49:34 - +1.408.216.aaff 14:49:35 -fjh 14:49:41 -paddy 14:49:42 -maxf 14:49:44 -Ingmar_Kliche 14:49:44 rrsagent, generate minutes 14:49:44 I have made the request to generate http://www.w3.org/2010/04/07-dap-minutes.html fjh 14:49:45 UW_DAP()10:00AM has ended 14:49:47 Attendees were +39.011.228.aaaa, fjh, +1.202.637.aabb, marengo, +1.425.214.aacc, darobin, Claes, +0207868aadd, bryan, drogersuk, john_morris, LauraA, +0472369aaee, Ingmar_Kliche, 14:49:50 ... maxf, richt, paddy, +1.408.216.aaff, wonsuk, +03497421aagg, danielcoloma 14:51:13 jmorris has joined #dap 14:52:24 s/.. I continued/lauraA: I continued/ 14:52:31 rrsagent, generate minutes 14:52:31 I have made the request to generate http://www.w3.org/2010/04/07-dap-minutes.html fjh 14:53:44 s/... focussing/LauraA: focussing/ 14:53:59 rrsagent, generate minutes 14:53:59 I have made the request to generate http://www.w3.org/2010/04/07-dap-minutes.html fjh 14:56:31 arve has left #dap 17:03:34 administrador__ has joined #dap 17:05:14 Zakim has left #dap 17:22:09 Marcos has joined #dap