IRC log of tagmem on 2010-12-16

Timestamps are in UTC.

18:00:06 [RRSAgent]

RRSAgent has joined #tagmem

18:00:06 [RRSAgent]

logging to http://www.w3.org/2010/12/16-tagmem-irc

18:00:37 [Larry]

Larry has joined #tagmem

18:01:24 [noah]

zakim, who is here?

18:01:24 [Zakim]

sorry, noah, I don't know what conference this is

18:01:26 [Zakim]

On IRC I see Larry, RRSAgent, Zakim, jrees, Ashok, noah, Norm, plinss_, plinss, trackbot, Yves

18:01:59 [Larry]

scribe: larry

18:02:06 [Yves]

trackbot, start telcon

18:02:08 [Larry]

scribenick: larry

18:02:08 [trackbot]

RRSAgent, make logs public

18:02:10 [trackbot]

Zakim, this will be TAG

18:02:10 [Zakim]

ok, trackbot, I see TAG_Weekly()1:00PM already started

18:02:11 [trackbot]

Meeting: Technical Architecture Group Teleconference

18:02:11 [trackbot]

Date: 16 December 2010

18:03:01 [Zakim]

+Jonathan_Rees

18:03:09 [Zakim]

+Yves

18:03:20 [noah]

zakim, who is here?

18:03:20 [Zakim]

On the phone I see Masinter, Noah_Mendelsohn, plinss_, Jonathan_Rees, Yves

18:03:22 [Zakim]

On IRC I see Larry, RRSAgent, Zakim, jrees, Ashok, noah, Norm, plinss_, plinss, trackbot, Yves

18:03:23 [Zakim]

+Ashok_Malhotra

18:04:05 [Larry]

agenda: http://www.w3.org/2001/tag/tag-weekly.html

18:04:24 [jar]

jar has joined #tagmem

18:04:29 [noah]

zakim, who is here?

18:04:29 [Zakim]

On the phone I see Masinter, Noah_Mendelsohn, plinss_, Jonathan_Rees, Yves, Ashok_Malhotra

18:04:31 [Zakim]

On IRC I see jar, Larry, RRSAgent, Zakim, jrees, Ashok, noah, Norm, plinss_, plinss, trackbot, Yves

18:04:52 [Larry]

regrets: dana

18:05:07 [Larry]

regrets: johnk

18:05:16 [Larry]

topic: approval of minutes?

18:05:32 [Larry]

resolved: minutes of 2 Dec approved

18:05:49 [Larry]

topic: call on 23 December?

18:06:55 [Larry]

noah: inclination to cancel, go through agenda today & see

18:07:01 [Larry]

topic: privacy workshop

18:07:09 [Larry]

action-506?

18:07:09 [trackbot]

ACTION-506 -- Noah Mendelsohn to noah to bring proposed W3C Actions on Privacy before the TAG - TLR to report back to IETF -- due 2010-12-16 -- OPEN

18:07:09 [trackbot]

http://www.w3.org/2001/tag/group/track/actions/506

18:07:41 [ht]

ht has joined #tagmem

18:08:28 [Larry]

noah: 2-day workshop, primarily IETF workshop, with help from W3C. Estimate 35 attendees, wide variety.

18:10:14 [noah]

* Fingerprinting implications relating to W3C technologies <==== Want user agent to run in non-fingerprintable mode -- TOR guys want this TOR guy would like to collaborate

18:10:15 [Larry]

noah: toward end, create set of actions for IETF and W3C; TAG reps will carry back set of actions. List of actions will be published in full.

18:10:34 [Larry]

noah: (posting in IRC)

18:11:48 [Larry]

Is this a W3C issue?

18:12:41 [Zakim]

+??P5

18:12:48 [ht]

zakim, ? is me

18:12:48 [Zakim]

+ht; got it

18:14:02 [Yves]

fingerprinting is also part of browser behaviour, not only http, but font installed, plugins etc...

18:14:12 [Larry]

"fingerprinting" would apply to non-W3C specs, Java, HTML, PDF

18:14:56 [Larry]

noah: W3C should be proactive in addressing these issues, whether or not they are only W3C specs

18:15:31 [Larry]

peters: there are several examples of this in CSS, list of installed fonts, etc.

18:16:02 [Larry]

noah: referer in HTTP spec

18:16:02 [Yves]

fingerprinting is part of the "eternal cookie" discussion

18:16:24 [Larry]

noah: last thing was non-browser user agents

18:16:45 [Larry]

Just to be clear, i'm not arguing W3C shouldn't work on this stuff, more that W3C might have to increase scope to work on it

18:17:27 [timbl]

timbl has joined #tagmem

18:17:46 [noah]

Privacy workshop papers: http://www.iab.org/about/workshops/privacy/Privacy_Workshop_Papers.zip

18:18:52 [Larry]

(discussion of how W3C could address some of these issues)

18:19:44 [ht]

q+ to ask how much, if at all, Hal Abelson's perspective was represented

18:19:49 [ht]

ack ht

18:19:51 [Zakim]

ht, you wanted to ask how much, if at all, Hal Abelson's perspective was represented

18:19:52 [noah]

ack next

18:22:06 [Larry]

ht: summarizing, "Thinking of privacy as a subbranch of security was the wrong way to think about it -- what you want is accountability"

18:22:26 [Larry]

(discussion of borderline between security or privacy)

18:22:31 [Yves]

well, you may want both

18:22:41 [Larry]

noah: this was a major axis of the discussion

18:22:50 [Yves]

send not-exact data to protect privacy, and accountabiity on the other side

18:23:27 [jar]

TAMI = transparent accountable datamining initiative http://dig.csail.mit.edu/TAMI/

18:23:51 [Larry]

ht: compare "here are some things that are private" vs. "here are parts of my public persona that are usable for what"

18:24:17 [Larry]

ht: the higher level question of "what do we mean by privacy?" -- doesn't seem to have been on the agenda.

18:24:47 [jar]

Weitzner, Abelson, Berners-Lee, Feigenbaum, Hendler, Sussman, Information Accountability

18:25:04 [Larry]

noah: "I need to warn you that when you do certain things that others will be able to do certain things"

18:25:23 [Larry]

warning user vs. preventing misuse

18:26:18 [Larry]

noah: when we get the official list... pick up this discusison next time... decide how to proceed?

18:26:50 [ht]

I believe this is now public: http://www.w3.org/2010/policy-ws/slides/09-Abelson-MIT.pdf

18:27:15 [Larry]

i asking Noah's gut feeling: is this just a TAG action item?

18:28:21 [Larry]

noah: perhaps we should treat it as we treat security

18:28:40 [Larry]

q+ to talk about defining "privacy"

18:28:58 [noah]

ack next

18:28:59 [Zakim]

Larry, you wanted to talk about defining "privacy"

18:30:20 [Ashok]

q+

18:30:41 [Larry]

noah: surprised there was not implicit consensus about definition of privacy... compared to security, where people have a clear idea of what the problem framework is

18:31:09 [Larry]

s/clear idea/at least some common ideas/

18:32:14 [Larry]

noah: example: let's say the browsers give a list of fonts; some intuition that using order of font names on disk might improve fingerprinting chances, vs. alphabetizing fonts

18:32:25 [noah]

q?

18:32:37 [noah]

ack next

18:33:41 [Larry]

ashok: what actions might have been taken?

18:34:06 [Larry]

noah: TLR is outside contact for W3C

18:34:54 [noah]

ACTION: Dan with Noah to suggest next steps for TAG on privacy

18:34:54 [trackbot]

Created ACTION-507 - With Noah to suggest next steps for TAG on privacy [on Daniel Appelquist - due 2010-12-23].

18:35:19 [noah]

ACTION-507 Due 2011-01-03

18:35:19 [trackbot]

ACTION-507 With Noah to suggest next steps for TAG on privacy due date now 2011-01-03

18:36:31 [Ashok]

Topic: HashInURI

18:36:39 [noah]

http://www.w3.org/2001/tag/2010/11/HashInURI

18:36:59 [noah]

zakim, who is here?

18:36:59 [Zakim]

On the phone I see Masinter, Noah_Mendelsohn, plinss_, Jonathan_Rees, Yves, Ashok_Malhotra, ht (muted)

18:37:01 [Zakim]

On IRC I see timbl, ht, jar, Larry, RRSAgent, Zakim, jrees, Ashok, noah, Norm, plinss_, plinss, trackbot, Yves

18:37:40 [noah]

http://lists.w3.org/Archives/Public/www-tag/2010Dec/0016.html

18:37:41 [Ashok]

Comments from Yves and Tim ... I can handle them.

18:38:30 [noah]

q+ to respond to Yves on zoom level being identification information

18:38:58 [Ashok]

Yves: The Google maps params have several parts with map, zoom, etc.

18:39:10 [Ashok]

... URI is server-side identification

18:39:11 [noah]

ack next

18:39:12 [Zakim]

noah, you wanted to respond to Yves on zoom level being identification information

18:40:15 [Ashok]

noah: In a map store, didfferent types of maps are different documents

18:40:49 [Ashok]

... google maps is a documenty app ... the URIs identify different maps

18:41:26 [Larry]

q+ to talk about documents, parc map browser, URIs as constructed vs. discovered

18:41:27 [Yves]

there are also lots of overlays options, is each display option a new map? I agree that it is the case for scale and type (sat/terrain)

18:42:43 [jar]

q?

18:43:59 [Larry]

http://www2.parc.com/istl/projects/www94/mapviewer.html

18:44:14 [Ashok]

Noah: Some AJAX apps identify a document

18:44:50 [Ashok]

... the Google maps URI identify a document

18:45:16 [noah]

ack next

18:45:17 [Zakim]

Larry, you wanted to talk about documents, parc map browser, URIs as constructed vs. discovered

18:45:38 [noah]

That's Xerox PARC, I presume?

18:46:17 [jar]

q+ to consider that URIs have corresponding interfaces/contracts

18:46:45 [Ashok]

Larry: Every URI in this app did identify a distinct document

18:47:11 [noah]

Noah: so what I think is interesting, is this is an AJAX app that feels like a REST app; I can email you the URI for any map document (zoom level, etc.), you deref the link and you barely know it's AJAX, you get what looks the the representation. I think that's very nice.

18:48:10 [noah]

LM: There are other design patterns, in which AJAX apps can keep their state in all sorts of non-URI based ways. But, we want the apps to "imitate the old behavior"

18:48:33 [Ashok]

Laary: We want apps to imitate the older archaic behaviour ... creating URI that poin to documents

18:48:47 [Ashok]

s/Laary/Larry/

18:49:07 [jar]

q- jar

18:49:49 [Larry]

"Most World-Wide Web information servers provide simple browsing access to collections of static text or hypertext files. This paper describes some interactive World-Wide Web servers that produce information displays and documents dynamically rather than just providing access to static files."

18:50:53 [Larry]

noah: doesn't break nearly as much as video...

18:51:13 [Larry]

noah: people send down javascript with URIs, if you ran it in a non-JS environment, it would just do the wrong thing

18:52:02 [noah]

q?

18:52:04 [Larry]

noah: there are examples of javascript sites where the fragment identifiers which have no meaning outside of that particular app

18:52:07 [noah]

ack next

18:52:59 [Larry]

Yves: video example, the player is a 'heavy thing', because it is using the fragment identifier to identify video stream & location, maybe there are multiple versions of player

18:53:25 [Ashok]

Yves: In CNN case you can cache the player and change the string after the #

18:56:41 [Yves]

http://lists.w3.org/Archives/Public/www-tag/2010Nov/0105.html

18:58:00 [Larry]

ashok going over other items in email

18:58:18 [noah]

Ashok: Yves raises the case where the HTML contains the same fragment as the client

18:59:21 [Larry]

noah: we need the specs to match recommended practice; we need to say "dont' do that" or get specs changed

18:59:33 [jar]

same as rdfa issue, noah.

19:00:06 [Larry]

noah: situation: I do HTTP request, what comes back is text/html. text/html MIME type defines fragment identifier. But these URIs don't work like the spec says they should.

19:00:45 [Yves]

I would note that there is a onhashchange event...

19:00:46 [Larry]

Sounds like this is a bug in the HTML spec.

19:01:10 [noah]

noah: so, we either need to discourage this sort of behavior, or change the specs. Not sure which is better course.

19:01:17 [Larry]

HTML spec defines text/html MIME type and should define authoritative behavior of handling of fragment identifiers

19:01:44 [noah]

noah: tend to feel that what the AJAX apps are doing should be discouraged if it conflicts with the normative specs as they now exist

19:02:09 [jar]

http://www.w3.org/TR/html5/iana.html#text-html

19:02:29 [noah]

q?

19:02:56 [Larry]

larry: either browsers need to change behavior to match spec, or spec needs to change behavior to match browsers. The latter seems to be the sentiment of community.

19:03:04 [jar]

HTML5 draft text/html registration says nothing about fragment ids at all

19:03:28 [jar]

oops... not so...

19:03:39 [Yves]

jar, see http://dev.w3.org/html5/spec/Overview.html#scroll-to-fragid (but not in the text/html reg)

19:03:42 [jar]

"Fragment identifiers used with text/html resources refer to the indicated part of the document."

19:05:13 [Larry]

noah: this could be handled with new media type, text/html-with-javascript, that wouldn't break webarch

19:05:50 [noah]

noah: but of course it would break all of our deployed code that expects text/html

19:05:54 [Larry]

q+ to suggest action

19:07:02 [Larry]

jar: we have a lot of problems with fragment identifiers ... pointing out similar issue with RDFa specs, and also with content negotiation

19:07:29 [Larry]

jar: WebArch wants consistency

19:08:16 [noah]

ack next

19:08:17 [Zakim]

Larry, you wanted to suggest action

19:08:49 [noah]

Larry: I think problems with fragids are separable. I'm not as uncomfortable with conneg, which I think was resolved.

19:09:26 [noah]

Larry: I think this is an issue with a single document, labeled text/html, for which URIs resolve differently according to whether javascript is turned on.

19:09:45 [noah]

Larry: we can resolve separately for each media type, and should push back to the owners of the respective specs.

19:09:52 [noah]

q+ to respond to Larry

19:09:55 [noah]

ack next

19:09:56 [Zakim]

noah, you wanted to respond to Larry

19:10:48 [Larry]

JAR pointed to the place in the spec which doesn't match behavior of software that claims to implement the spec

19:11:36 [noah]

LM: Document doesn't match behavior. Fix one or the other.

19:13:00 [noah]

Noah: There is in either RFC 3986 or RFC 2616 the statement that the Content-type identified media type registration determines the interpretation. I think it's a TAG question whether that still holds.

19:13:07 [noah]

ack next

19:13:40 [noah]

YL: It's the same for all media types the allow embedding of program logic that manipulates URIs.

19:13:43 [Larry]

PDF embeds scripting but this isn't a problem for application/pdf

19:14:27 [Larry]

I proposed an action

19:14:34 [Larry]

q+ to note i proposed an action

19:15:53 [Larry]

RFC 3887 defines fragment identifiers for application/pdf, there is scripting in PDF but PDF doesn't pass fragIDs to scripts so this isn't an issue with it. I think this is an HTML issue. Maybe it's also an SVG issue, but it's the individual media type definitions and implementations that are the problem.

19:16:34 [jar]

q?

19:17:20 [jar]

q+ to suggest that # has to do with resolution relative to content, not server/client

19:17:32 [Larry]

noah: discussing Ashok's draft, that ?xxxx is identified as server-side identification and #xxxx as client side identification. That what goes on the forward & back queue

19:17:52 [Yves]

jar, yes, and it also has implication on caching

19:18:03 [Larry]

noah: (argument that ? is also used client-side)

19:18:23 [Yves]

and agree with Noah that ? is not only used server-side

19:18:28 [noah]

ack next

19:18:29 [Zakim]

Larry, you wanted to note i proposed an action

19:18:32 [Larry]

noah: want to tell that story, can't if Ashok's document identifies ...

19:18:33 [noah]

ack next

19:18:35 [Zakim]

jar, you wanted to suggest that # has to do with resolution relative to content, not server/client

19:19:04 [noah]

Exactly, but with one exception. It is true, as I said in my email, that fragids aren't sent to the server.

19:19:08 [noah]

Otherwise, they're as you say.

19:19:15 [noah]

Clients and servers can mess with ?.

19:21:09 [Larry]

noah: these are a lot more symmetric with respect to client/server... in only one case with a fragid... ....

19:21:48 [Larry]

(missed details of Noah's remarks, hope details will be forthcoming)

19:22:03 [jar]

A#B means B as interpreted relative to what document A says. nothing to do with client vs. server

19:22:05 [Larry]

Ashok: I will think about this and will work on revised draft

19:22:17 [Larry]

+1 to jar

19:22:27 [jar]

in some future protocol succeeding HTTP, one might have the #B transmitted to some "server"

19:22:48 [Yves]

jar, this was my comment about sub-resource/view as well

19:23:12 [noah]

LM: There are other media types with active content that don't have this problem, so this is a problem with certain scriptable media types. Should be resolved per-type.

19:25:10 [noah]

. ACTION: Larry to draft proposed bug report regarding interpretation of fragid in HTML-based AJAX apps Due: 2011-01-03

19:25:32 [noah]

JAR: Ashok, do you want to talk about the RDFa situation?

19:25:42 [noah]

Ashok: Tell me more, but yes.

19:25:53 [noah]

JAR: In my pending review action, we'll get to it.

19:26:04 [noah]

ACTION: Larry to draft proposed bug report regarding interpretation of fragid in HTML-based AJAX apps Due: 2011-01-03

19:26:04 [trackbot]

Created ACTION-508 - Draft proposed bug report regarding interpretation of fragid in HTML-based AJAX apps Due: 2011-01-03 [on Larry Masinter - due 2010-12-23].

19:26:19 [noah]

ACTION-500 Due 2011-01-03

19:26:19 [trackbot]

ACTION-500 Coordinate with Alexey about a possible presentation introducing IETF to TAG work on Web Apps & report to TAG due date now 2011-01-03

19:27:25 [noah]

ACTION-508 Due 2011-01-03

19:27:25 [trackbot]

ACTION-508 Draft proposed bug report regarding interpretation of fragid in HTML-based AJAX apps Due: 2011-01-03 due date now 2011-01-03

19:28:57 [Ashok]

zakim, pointer?

19:28:57 [Zakim]

I don't understand your question, Ashok.

19:28:57 [noah]

Calls on the 23rd and the 30th are hereby cancelled

19:29:03 [noah]

We are adjourned

19:29:19 [Ashok]

zakim pointer

19:29:22 [Zakim]

-Masinter

19:29:23 [Zakim]

-Yves

19:29:24 [Zakim]

-Jonathan_Rees

19:29:26 [Zakim]

-plinss_

19:29:26 [Zakim]

-Noah_Mendelsohn

19:29:27 [jar]

zakim, pointer

19:29:27 [Zakim]

I don't understand 'pointer', jar

19:29:34 [jar]

rrsagent, pointer

19:29:34 [RRSAgent]

See http://www.w3.org/2010/12/16-tagmem-irc#T19-29-34

19:29:41 [Zakim]

-Ashok_Malhotra

19:30:07 [Ashok]

Thanks, Jonathan :-)

19:30:14 [Zakim]

-ht

19:30:15 [Zakim]

TAG_Weekly()1:00PM has ended

19:30:16 [Zakim]

Attendees were Masinter, Noah_Mendelsohn, plinss_, Jonathan_Rees, Yves, Ashok_Malhotra, ht

19:30:36 [ht]

ht has left #tagmem

21:49:11 [Zakim]

Zakim has left #tagmem