WebID Community Group Teleconference -- 25 Jan 2013

<trackbot> Date: 25 January 2013

<ebremer> I'm on phone

<bblfish_> hi

<bblfish> Today's Agenda: http://lists.w3.org/Archives/Public/public-webid/2013Jan/0046.html

<ebremer> i am +1.631.444.aaaa

<scribe> scribenick: deiu

votes

<TallTed> https://www.w3.org/2002/09/wbs/51933/webid-hash/

bblfish: you can't be part of the same company and have a different vote
... the poll is per affiliation, not per individual

https://www.w3.org/2002/09/wbs/51933/webid-hash/results

<bblfish> https://www.w3.org/2002/09/wbs/51933/webid-hash/results

scribe: might have missed some people who are not affiliated

bblfish is reading the votes results

TallTed: maybe we should nudge the non-responders (12 or so)

bblfish: so far it looks like we're converging on Nr.3
... it would be nice to have Timbl cast his vote

TallTed: you may be giving Timbl's vote too much weight in the poll

Privacy

<bblfish> http://www.w3.org/2013/01/24-privacy-minutes.html

bblfish: do we have an issue for privacy?
... it would be very good to have a section on privacy

issue-24?

<trackbot> ISSUE-24 -- Privacy issues from WebID URI dereferencing -- raised

<trackbot> http://www.w3.org/2005/Incubator/webid/track/issues/24

TallTed: the removal of user interaction is not a hight benefit here, but the user choice is important
... when you authn to a place, you should know that the service will try to identify you, so you need to be able to choose your persona

bblfish: is this something we need to put into a spec? which?

TallTed: issue-24 should remain open, since it bears discussion

<bblfish> reopen issue-24

<trackbot> Re-opened ISSUE-24 Privacy issues from WebID URI dereferencing.

bblfish: we need to discuss what to do with it

<bblfish> Issue-68?

<trackbot> ISSUE-68 -- privacy considerations section -- raised

<trackbot> http://www.w3.org/2005/Incubator/webid/track/issues/68

<bblfish> Proposal: open issue-68?

<bblfish> +1

<bobP> +1

bblfish: we can open issue-68 and see how we can combine it with issue-24

<bergi> +1

<TallTed> trackbot, associate issue-68 with issue-24

<trackbot> TallTed, please associate just one ACTION with one ISSUE.

<bblfish> reopen issue-68

<trackbot> Re-opened ISSUE-68 privacy considerations section.

<bobP> can't hear

<ebremer> a bit better

<bblfish> better

<bblfish> Andrei's arguing there should be a small section in the spec

deiu: we should have a pointer in the spec, linking to a more in-depth analysis of the privacy issues

https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html

<bblfish> https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html#privacy

bblfish: we need to show that users can protect their profile documents
... we need a security section
... maybe a "Security Considerations" sections

<bblfish> Andrei: it should not be exhaustive

<bblfish> TallTim: it does not need to be exhaustive

<bblfish> ... it is a high level overview. There are privacy considerations, security ones, specific protocols are going to have more information... So the specifics are not going to come in unless you use TLS

<bobP> choppy

quick brb

<ebremer> a "truth in lending"

<bblfish> proposal: add a small security section to the spec

<bblfish> proposal: add a small security section to the WebID Identity and Discovery

<bblfish> +1

<bblfish> ack

<bblfish> ACTION: deiu to create do open issue in database, and create page on security [recorded in http://www.w3.org/2013/01/25-webid-minutes.html#action01]

<trackbot> Created ACTION-53 - Create do open issue in database, and create page on security [on Andrei Sambra - due 2013-02-01].

Web Access Control

<scor> scor: I haven't heard back from Jeff Sayre re his contributions on User Stories

<bblfish> deiu: WebACL is using WebID as the default identity mechanism

<bblfish> ... not sure if we should discuss this as part of the WebID group.

<bblfish> ... it could be a group, that could produce a spec and ontology

<scor> +1 one to open a WebACL CG, and keep the WebID group focused on WebID only

<bblfish> scor: people may be interested in WebID but not WebACL, and it may be too much noise.

scor: we can use the WebID teleconf slots for WAC, having a WebID confcall every two weeks

<bobP> Is it the case that the objections from that fellow from Google a few months ago primarily came from an ACL perspective?

<scor> scor: for example, WebID call the first Friday of the month, ACL call (using the WebID phone bridge) the third Friday of the month

bblfish: we need to have people using WAC to come and suggest improvements to the ontology

<TallTed> identity (WebID or otherwise) is necessary for access control (WebACL or otherwise); access control is not necessary for identity

<TallTed> it might be useful to create a WebID Task Force (WebID interop?) to look at the interaction between these (and others?), but I think Access Control needs its own space ... and I think this piece of interop is more about WebID-over-TLS than Conceptual-WebID

<scor> deiu: ACL will be easier to sell without the dependency on WebID

<scor> bblfish: I agree... or RDF

http://www.w3.org/wiki/WebAccessControl

<bblfish> thanks scor

<bblfish> I have WAC, data.fm, deiu

<bblfish> readwriteweb on github

deiu: bergi has WAC too

<bblfish> action deiu, to turn WAC into a real process

<trackbot> Error finding 'deiu,'. You can review and register nicknames at <http://www.w3.org/2005/Incubator/webid/track/users>.

<TallTed> action deiu to turn WAC into a real process

<trackbot> Created ACTION-54 - Turn WAC into a real process [on Andrei Sambra - due 2013-02-01].

next meeting?

Proposal: next week

<bblfish> next week because of the results of vote will be in

<bblfish> +1

<bergi> +1

Resolved: next week

<bblfish> bye

<ebremer> waves

- DRAFT -

WebID Community Group Teleconference

25 Jan 2013

Attendees

Contents

votes

Privacy

Web Access Control

next meeting?

Summary of Action Items

Scribe.perl diagnostic output