Privacy Interest Group Teleconference

05 Dec 2013

See also: IRC log


+1.469.242.aaaa, FabGandon, tara, christine, npdoty, yrlesru, Wendy, +1.781.362.aabb, fjh, Frederick_Hirsch


<trackbot> Date: 05 December 2013

<christine> Agenda:

<christine> 1. Welcome and introductions 2. Fingerprinting Guidance for Web Specification Authors 3. Privacy reviews 4. Privacy Considerations and SPA 5. Web standards and surveillance (what can PING do?) 6. AOB

<christine> 2. Fingerprinting Guidance for Web Specification Authors

<npdoty> http://w3c.github.io/fingerprinting-guidance/

<christine> Nick: outling changes to fingerprinting guidance

<christine> Nick: hearing some skeptism whether it is actually feasible to address active fingerprinting

<tara> in transition...

<christine> Nick: guidance is less prescriptive for the active case but also new text that talks about detectability

<npdoty> christine: curious about text on Do Not Track, if sites are complying with DNT preference, what does it mean for fingerprinting?

<christine> Nick: hard to give a complete answer before specfications are finished

<christine> Nick: might still do fingerprinting if needed for security purpose or during the request (but would not keep data and correlate the requests)

<christine> Nick: mitigitation mainly on the implications - won't prevent Javascript from running but might prevent the activities that the users is worried about

<christine> Frank: what is your intention? would this be a living working group note? or a specification? duplicate into Internet Draft in IETF?

<christine> Nick: if we could get support, pblish as an interest group note

<christine> Nick: it might need to be updated from time to time as technology changes, so we would want to publish updates and errata

<christine> Nick: Useful to do the same at the IETF but considerations are probably different becuase they are lowere down the stakc

<christine> Karima, could you take over scribing?

I can take over scribing now. (Made it to keyboard and stable network.)

<christine> Frank: Interest Group note sounds good - like the idea of a living document

<christine> Thanks tara!

Frank Dawson: likes idea of living document because of moving technology.

Christine: internal approval process for internal group notes is simpler than for specification. Seems that if we want to update document, can do so easily once first version is published.

Nick: yes, is up to us, I think. But also would like to get some feedback from external group before we assume the note is relevant.

Christine: we want to get doc moving forward. Is now mature enough to move it perhaps to draft group note? Then we can get broader W3C input as well as IETF and other relevant groups.

Nick: sounds good, will check to see if there are formatting standards. Frederick?

Frederick: use "working draft." Possibly "working draft-note"?

<fjh> appropriate respec configuration option pretty clear, not sure of current list

<scribe> ACTION: item to Nick wil figure out how to present the document and add link to home page. [recorded in http://www.w3.org/2013/12/05-privacy-minutes.html#action01]

<trackbot> Error finding 'item'. You can review and register nicknames at <http://www.w3.org/Privacy/track/users>.

Christine will work out how to promote/disseminate document.

Frederick: send to TAG. Can also send to chairs-list.

<npdoty> I like the TAG and the Web Security IG suggestions, and early enough that not sending to the full chairs list would be fine by me :)

<fjh> ReSpec documentation is here: http://www.w3.org/respec/

Thanks, Nick, for great document!

<christine> 3. Privacy reviews

<npdoty> ACTION: doty to update formatting of fingerprinting document, link from Privacy group home page [recorded in http://www.w3.org/2013/12/05-privacy-minutes.html#action02]

<trackbot> Created ACTION-5 - Update formatting of fingerprinting document, link from privacy group home page [on Nick Doty - due 2013-12-12].

Note on mailing list - Joe Hall sent out comments on EME.

<fjh> ReSpec status list: http://www.w3.org/respec/ref.html#specstatus

Would be helpful to have more reviewers on this document so we can clue up this item (hopefully) by end of year.

<fjh> FPWD-NOTE and WD seem appropriate

<fjh> unless publishing a final NOTE which can always be changed

Please help Wendy out with reviews! Especially as they have been asked for security review as well.

Comments from anyone on call on EME? No comments raised.

Nick: what was the security review issue?

Wendy: because there is a history of doing security considerations in the privacy reviews [tw: if I have that right?] - would be great to apply this expertise to EME.

<npdoty> wseltzer, is Web Security IG trying to set up security reviews?

Deadline? By the end of the year.

<npdoty> wseltzer: since a large set of security/privacy considerations have been raised, it would be important to actually do a security review.

Other open review: getUserMedia.

Frank did work on this, Hannes led review.

Frank: Hannes is changing jobs, Frank unclear about his new role but hopes he can contribute in future.

Christine: Frank, what is the best way to wrap this item up and deliver to the group?

Frank: used it as an opportunity to update SPA; sent around on mailing list some time ago...but other than feedback from chairs, did not get any comments on usefulness of the approach.
... others have used guiding principles (e.g., data minimization). But I needed more product-unit-focused approach.

<npdoty> yrlesru, apologies that I realize I didn't follow up on that (I'm seeing this from June now that I search)

<npdoty> http://lists.w3.org/Archives/Public/public-privacy/2013AprJun/0051.html

Christine: thanks very much, Frank, for all your work.

(Also thanks from Tara!)

Christine: we need more people to look at getUserMedia and Frank's analysis - who might be the right volunteers?

Please reach out to potential reviewers, if possible.

Nick: we could take an expert (e.g., on API) and see if the analysis makes sense from that person's perspective.

We sent Robin Wilton's analysis to WebCrypto WG.

<christine> 4. Privacy Considerations and SPA

Hannes not on the call, but has done a lot of work on this document.

Christine: how can we encourage feedback from within PING and eventually, from other groups?

Frank: for SPA, I received comments from Art Barstow. More formatting than content. But no further feedback since then.

<npdoty> I have some comments on content written down on paper, but haven't crossed into electronic

Frank: using Nick's approach, will turn PrivConsiderations and SPA into working group note. (Hosted on GitHub).

Christine: could send a "last call for comments" to the mailing list.

Nick: sounds reasonable, can get bit more feedback before declaring these done (just like the fingerprinting doc). But can make draft and link from main page.

Christine: Nick and I need to check on forting reqs, etc for these items.

Frederick: you can send a "call for consensus" on the mailing list, with deadline. If no objections, can go ahead.

<fjh> the text of CfC can say what you plan and that lack of response implies agreement, but explicit agreement is preferred

Frank: for timing--I don't what January date is for PING call...but for last call, want to use period between now and next call to get revision out. Then if people on next call agree, we can publish after that.
... holidays and such will slow things down between now and January, in all likelihood.

Christine: Nick will provide you with his comments, Frank updates, sends out, we send call for consensus after next call.

<fjh> CfC example : http://lists.w3.org/Archives/Public/public-device-apis/2013Aug/0054.html

Can use same basic process for now across these drafts/working group notes.

Nick would still like more feedback before going for consensus...but the basic process sounds good.

<fjh> process -> http://www.w3.org/2005/10/Process-20051014/tr.html#q78

Christine: Nick, would you like to get expert review in next phase?

Next Jan: we assume drafts are ready for discussion in Jan call.

Privacy Considerations -- our "homework": read drafts and provide feedback!

<npdoty> I have notes on paper on that one as well, which I'll send around to Hannes and public-privacy.

Chairs strongly encourage you to comment.

fjh: discussion of Network Service Discovery draft on January call?
... would like editor to come to that call to give overview.

<christine> 5. Web standards and surveillance (what can PING do?)

Christine: yes, sounds good, will be on agenda.

Let's talk about surveillance!

W3C recently announced workshop w/IAB: STRINT.

<wseltzer> https://www.w3.org/2014/strint/

Nick, any comments from IETF meeting on this topic?

Nick: there was major plenary on surveillance at IETF, plus meetings during the week on this.
... IETF has taken seriously the notion that pervasive monitoring is a threat to be addressed formally.

So many working groups have taken this on as a task.

Also - how to handle this in reviews. Especially after the NIST issue, there was discussion about how much review is necessary to try to avoid subversion in standards process.

Might need to increase the reviews. And might now be able to assume that these types of attacks are present - not a hypothetical anymore.

<npdoty> IETF consensus hums: http://www.ietf.org/mail-archive/web/ietf/current/msg83857.html

Christine: agrees with overview of the tone at the IETF meeting.
... wanted to ensure that the protocols were getting sufficient expert review. The web also a juicy target full of data. So is opportunity for PING & W3C to take active steps to improve robustness of standards against surveillance threat.

Underscores importance of privacy reviews in standards bodies such as ours.

Lot of experts putting thought into how to improve protocol and give protection against monitoring/interception.

Wendy: the scale of surveillance is now known, so this changes assessment of threat and countermeasures.

Things that would have been seen as overkill on a small-scale attack are now perhaps more relevant to stop large-scale threat.

Making monitoring more evident, or making hidden monitoring less possible, are also necessary steps.

<npdoty> +1 for detectability

Christine: NIck's fingerprinting work definitely relevant here.
... as a group, we need to be thinking (in general) about how to address these issues.

Will be an ongoing conversation.

<christine> Questions for the workshop

<christine> What are the pervasive monitoring threat models, and what is their effect on web and Internet protocol security and privacy? What is needed so that web developers can better consider the pervasive monitoring context? How are WebRTC and IoT impacted, and how can they be better protected? Are other key Internet and web technologies potentially impacted? What gaps exist in current tool sets and operational best practices that could addr[CUT]

<christine> ....

Wendy: workshop is part of EU project, so some of goals are to build some case studies on security (internet and web).
... there's a technical mandate. One PING-relevant question would be "how do security and privacy relate?"
... looking at a couple of different scales necessary...across specs, and also details in specific specs (eg. tweaks) to strengthen against attacks.
... look it over. You are encouraged to submit a paper.

Christine: privacy considerations work could feed into this process, of looking at design principles for pro-privacy web standards.

<npdoty> http://www.w3.org/Security/wiki/IG

Wendy: if PING people are also interested in security and are not in Web Security Interest Group, there is a news chair - Virginie Galindo.

<wseltzer> WebSec Interest Group

This group does security reviews, so PING members might be able to help out there as well, given their expertise.

Christine: we might be able to find a way to dovetail the review process for privacy and security reviews?

Will be an item for 2014 -- coordinating our work.

<wseltzer> fjh, https://www.w3.org/2014/strint/participate.html has participation info for the STRINT workshop

<npdoty> +1 on coordinating or combining security and privacy reviews, given the lack of resources

<christine> AOB?

<npdoty> January 23rd?

Sounds like Jan 30th works best, at usual time.

<npdoty> January 30th, at the usual time

Thanks, all!

<Karima> Thanks Christine buy !

Summary of Action Items

[NEW] ACTION: doty to update formatting of fingerprinting document, link from Privacy group home page [recorded in http://www.w3.org/2013/12/05-privacy-minutes.html#action02]
[NEW] ACTION: item to Nick wil figure out how to present the document and add link to home page. [recorded in http://www.w3.org/2013/12/05-privacy-minutes.html#action01]
[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.138 (CVS log)
$Date: 2013-12-05 17:58:05 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.138  of Date: 2013-04-25 13:59:11  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

Succeeded: s/example/CfC example/
Succeeded: s/fjh:/fjh,/
No ScribeNick specified.  Guessing ScribeNick: tara_
Inferring Scribes: tara_

WARNING: No "Topic:" lines found.

Default Present: +1.469.242.aaaa, FabGandon, tara, christine, npdoty, yrlesru, Wendy, +1.781.362.aabb, fjh
Present: +1.469.242.aaaa FabGandon tara christine npdoty yrlesru Wendy +1.781.362.aabb fjh Frederick_Hirsch

WARNING: No meeting chair found!
You should specify the meeting chair like this:
<dbooth> Chair: dbooth

Found Date: 05 Dec 2013
Guessing minutes URL: http://www.w3.org/2013/12/05-privacy-minutes.html
People with action items: doty item

WARNING: Input appears to use implicit continuation lines.
You may need the "-implicitContinuations" option.

WARNING: No "Topic: ..." lines found!  
Resulting HTML may have an empty (invalid) <ol>...</ol>.

Explanation: "Topic: ..." lines are used to indicate the start of 
new discussion topics or agenda items, such as:
<dbooth> Topic: Review of Amy's report

[End of scribe.perl diagnostic output]