IRC log of privacy on 2014-04-24

Timestamps are in UTC.

15:54:05 [RRSAgent]
RRSAgent has joined #privacy
15:54:05 [RRSAgent]
logging to
15:54:07 [trackbot]
RRSAgent, make logs 263
15:54:09 [trackbot]
Zakim, this will be
15:54:09 [Zakim]
I don't understand 'this will be', trackbot
15:54:10 [trackbot]
Meeting: Privacy Interest Group Teleconference
15:54:10 [trackbot]
Date: 24 April 2014
15:54:12 [npdoty]
rrsagent, make logs public
15:54:17 [npdoty]
Zakim, this will be PING
15:54:17 [Zakim]
ok, npdoty; I see Team_(privacy)16:00Z scheduled to start in 6 minutes
15:54:30 [tara]
tara has joined #privacy
15:56:15 [rigo]
rigo has joined #privacy
15:56:28 [rigo]
zakim, code?
15:56:28 [Zakim]
the conference code is 7464 (tel:+1.617.761.6200, rigo
15:57:40 [Zakim]
Team_(privacy)16:00Z has now started
15:57:47 [Zakim]
15:57:58 [Zakim]
15:58:17 [tara]
Zakim, [Apple} is me
15:58:17 [Zakim]
sorry, tara, I do not recognize a party named '[Apple}'
15:58:25 [plh]
plh has joined #privacy
15:58:26 [tara]
Zakim, Apple is me
15:58:26 [Zakim]
+tara; got it
15:59:21 [Zakim]
15:59:27 [wseltzer]
zakim, who is here?
15:59:27 [Zakim]
On the phone I see [Microsoft], tara, Wendy
15:59:29 [Zakim]
On IRC I see plh, rigo, tara, RRSAgent, tobint, Zakim, npdoty, TallTed, trackbot, wseltzer
15:59:38 [Zakim]
16:00:05 [wseltzer]
zakim, Microsoft has tobint
16:00:05 [Zakim]
+tobint; got it
16:00:07 [christine]
christine has joined #privacy
16:00:45 [Zakim]
16:01:04 [christine]
Zakim, IPcaller is me
16:01:04 [Zakim]
+christine; got it
16:02:08 [erin_kenneally]
erin_kenneally has joined #privacy
16:02:53 [Zakim]
+ +1.408.203.aaaa
16:02:58 [christine]
1. Welcome and introductions 2. Navigation Error Logging [1] 3. Web NFC API [2] (see ND's email at [3]) 4. Re-chartered Geolocation WG and privacy considerations 5. TPAC session? 6. Privacy guidance and process documents 7. AOB
16:03:06 [npdoty]
npdoty has changed the topic to:
16:03:33 [Zakim]
16:03:42 [rigo]
zakim, mute me
16:03:42 [Zakim]
Rigo should now be muted
16:03:46 [Zakim]
16:03:54 [plh]
zakim, aaaa is Arvind
16:03:54 [Zakim]
+Arvind; got it
16:04:01 [Zakim]
16:04:07 [christine]
We will be starting shortly.
16:04:30 [rigo]
16:04:38 [plh]
From Web Performance, we have plh, Tobin Titus, Alois Reitbauer, Arvind Jain
16:05:31 [plh]
Editor's draft for Navigation Error Logging:
16:05:49 [Zakim]
16:06:00 [npdoty]
chair: tara
16:06:15 [npdoty]
Zakim, who is on the phone?
16:06:15 [Zakim]
On the phone I see [Microsoft], tara, Wendy, Plh, christine, Arvind, [IPcaller], npdoty
16:06:17 [Zakim]
[Microsoft] has tobint
16:06:21 [christine]
christine has joined #privacy
16:06:37 [npdoty]
scribenick: npdoty
16:07:00 [erin_kenneally_]
erin_kenneally_ has joined #privacy
16:07:10 [npdoty]
tara: welcome all new folks
16:07:28 [christine]
16:07:30 [npdoty]
Topic: Navigation Error Logging
16:07:31 [Zakim]
16:08:34 [christine]
16:08:39 [npdoty]
Arvind: chair of the task force on this WG
16:08:45 [terri]
terri has joined #privacy
16:09:04 [plh]
ack ch
16:09:36 [Zakim]
16:09:47 [npdoty]
christine: a fairly general introduction is useful, as many of the PING folks aren't subject matter experts
16:10:01 [npdoty]
... and talk about any privacy questions that have already come up (existing text on privacy and security)
16:10:09 [npdoty]
... and people can jump in with questions
16:10:35 [npdoty]
Arvind: what the specification is trying to do
16:11:02 [npdoty]
... providing a way for a Web developer to track any navigation errors their users have experienced in the past going to these pages
16:11:42 [npdoty]
... user visits, but for some reason can't reach the page, will store the error
16:12:10 [npdoty]
... later, the developer can query on the client-side for those past errors (and if she wants, send those back to the server)
16:12:28 [npdoty]
... making past errors available to a web page on the same origin
16:12:47 [npdoty]
... currently a high-level type of error: network connection, dns resolution, http error
16:13:00 [npdoty]
... no details within those categories yet, but may want to
16:13:56 [npdoty]
@@@: no concern with the behavior as you've described it, but what happens with what origin means in the mashup environment?
16:14:12 [Zakim]
16:14:26 [plh]
s/@@@/Forbes Higman?/
16:14:35 [npdoty]
... how strict is the origin? what flexibility is there in retrieving errors?
16:14:52 [JoeHallCDT]
JoeHallCDT has joined #privacy
16:14:57 [npdoty]
Arvind: as a web developer, you have access to navigations made to your origin (hostname-level) in the past
16:15:14 [wseltzer]
16:15:16 [npdoty]
16:16:45 [christine]
16:17:10 [npdoty]
q+ about "top-level", different users within an origin, reporting url
16:17:30 [npdoty]
Arvind: server would have already had access to it when you tried to access the server before
16:17:36 [Zakim]
16:17:40 [npdoty]
forbes: might still have a spoofing-type scenario
16:17:48 [tara]
16:18:14 [tara]
ack wseltzer
16:18:16 [Zakim]
16:18:44 [npdoty]
Arvind: performance information, don't need to know user configuration
16:19:18 [npdoty]
wseltzer: if the user wants to do some client-side transformation of the page (which might cause errors), the user might not want them sent back to the server, like proxy information
16:19:40 [wseltzer]
[What would this reveal about a Tor browser user?]
16:19:51 [npdoty]
Arvind: for transformation, the navigation would have succeeded anyway, right?
16:20:13 [Zakim]
+ +44.793.550.aabb
16:21:04 [npdoty]
wseltzer: I might not be able to connect, because I explicitly tried to prevent connections for privacy purposes, like not loading scripts as a Tor browser bundle user -- it would be unfortunate if that were undone after I turned off that mode
16:21:31 [npdoty]
Arvind: interesting. are there other use cases like that?
16:21:49 [npdoty]
wseltzer: thanks for the introduction. how will this interact with Content Security Policy?
16:22:56 [npdoty]
Arvind: we haven't talked about CSP as much; others should feel free to jump in
16:23:09 [npdoty]
... CSP takes effect after the page is successfully navigated to
16:23:11 [tobint]
q+ Forbes has a question about the nature of the data returned.
16:23:19 [tobint]
16:23:39 [npdoty]
wseltzer: will invite for some follow-up discussion. does this expand attack surfaces?
16:24:07 [tara]
ack npdoty
16:24:51 [tara]
Q: does full URL get logged, or just domain?
16:24:55 [christine]
Nick: Does the specification reveal the URL that failed to load?
16:25:00 [wseltzer]
npdoty: three things; we talked about top-level navigation, you'd know the URL that failed to load?
16:25:15 [christine]
(Thanks Wendy)
16:25:31 [christine]
Arvind: yes
16:26:46 [christine]
Nick: Cases where origin does not match up - possible attack
16:27:02 [christine]
Arvind: Our assumption is to follow the standard origin concept
16:27:27 [christine]
Nick: I don't have an answer yet, just raising the problem
16:27:44 [christine]
Nick: Actively "phone-home" when an error occurs?
16:28:12 [Zakim]
16:28:23 [christine]
Arvind: Yes. Real-time is possible via the reporting mechanism. Follows the model of the CSP/same mechanism.
16:29:56 [christine]
Nick: If someone visits my webpage on the uni domain, use some javascript, I could have repots backs from anyone who visits a university webpage?
16:30:40 [christine]
Nick: I could watch someone browsing pages
16:31:23 [christine]
Nick: Is there a use case for a cofigurable URL?
16:32:07 [christine]
Nick: /wellknown?
16:32:19 [npdoty]
this could be mitigated if there were a single well-known reporting URL at the domain level, rather than configurable by JavaScript
16:32:21 [JoeHallCDT]
JoeHallCDT has joined #privacy
16:32:22 [christine]
Arvind: can restrict the report URI to the specific report pattern
16:32:28 [npdoty]
like under /.well-known
16:32:39 [christine]
Arvind: Are there other examples where this has been done?
16:33:14 [npdoty]
rfc 5785
16:33:36 [christine]
Arvind we send out an informal chairs summary - we'll include a link
16:33:41 [npdoty] is the RFC for well-known
16:34:11 [tara]
ack christine
16:35:07 [npdoty]
christine: in case of error, do you just learn the page that the error was on or other header information?
16:35:17 [npdoty]
arvind: just the page and type of error, not the Referer, for example
16:35:52 [tara]
ack tobint
16:35:59 [JoeHallCDT]
JoeHallCDT has joined #privacy
16:36:07 [npdoty]
[setting a reportUrl also allows you to include a unique number in order to re-identify a user on a future visit]
16:36:25 [npdoty]
forbes: is anything revealed about the network configuration of the user agent?
16:36:50 [plh]
16:37:15 [npdoty]
arvind: currently just an enum of high-level types (ssl error, dns error) -- could we additionally include more detail about why the DNS failed, the error code, say
16:38:00 [npdoty]
forbes: just wanted to confirm that that wasn't currently included. would be an interesting set of additional discussions
16:38:04 [tara]
ack plh
16:38:30 [tobint]
16:38:40 [npdoty]
plh: anne reported specifically not giving more detailed error information on exit for privacy/security reasons, but not sure of the detailed reasoning
16:38:50 [Zakim]
16:39:21 [npdoty]
forbes: the conclusion we came to was that's an involved discussion for each error type, in case there was sensitive information in a particular error type
16:39:43 [npdoty]
... certainly something we would want to help with
16:40:22 [npdoty]
tobint: errors just on the initial document, or also on subresources? like a CORS error in loading/not loading a javascript file
16:40:43 [Zakim]
+ +1.650.253.aacc
16:40:53 [christine]
16:41:13 [npdoty]
ack tobint
16:41:40 [npdoty]
arvind: only the root page
16:41:46 [rigo]
16:42:04 [rigo]
ack christine
16:42:05 [npdoty]
[also didn't understand that from the spec, so thanks for clarifying. I'm curious how "root page" is defined]
16:42:07 [plh]
from this discussion, I raised two issues so far:
16:42:30 [npdoty]
christine: thanks Web Performance folks for coming and talking
16:43:03 [npdoty]
... just raising some questions here, but I think a lot of us would like to think more about it. what would be the best way to communicate going forward?
16:43:32 [npdoty]
plh: raised a couple issues in webperf tracker already, we can discuss in WG and come back
16:43:51 [npdoty]
... didn't raise one on CSP yet, but maybe after Wendy has more details
16:44:28 [npdoty]
christine: Web Perf can discuss internally and come back, and we can think more in parallel and compare notes
16:44:30 [Zakim]
- +1.650.253.aacc
16:44:31 [wseltzer]
thanks Arvind and web-perf team
16:44:49 [tara]
Yes, thanks very much!
16:45:18 [npdoty]
rigo: numerous cases where error reports have been included and the application phones home -- have been privacy/security incidents
16:45:30 [npdoty]
... phoning home without user knowledge often causes pushback
16:45:47 [npdoty]
... description or best practice on getting permission from the user to phone home with the error
16:46:12 [plh]
isn't that issue 15 now: ?
16:46:14 [npdoty]
... an API that doesn't have a way to ask for permission could create problems in legal areas
16:46:56 [npdoty]
plh: similar to wseltzer earlier on giving a user a way to block error reporting; have an issue on that now
16:47:34 [npdoty]
rigo: not just a user capability of blocking, but in EU would have to make people aware that it's active;
16:47:41 [npdoty]
... might be up to the UA implementer
16:47:49 [npdoty]
... should at least give developers a hint that this is an issue
16:48:30 [npdoty]
plh: will talk within Web Perf. already have the case where a UA loads a page and then subresources from around the Web
16:49:11 [npdoty]
Topic: NFC
16:49:14 [Zakim]
16:49:20 [Zakim]
16:49:35 [npdoty]
16:49:37 [christine]
16:49:51 [wseltzer]
ack rigo
16:50:00 [Zakim]
16:51:43 [tara]
ack christine
16:52:11 [npdoty]
npdoty: just noting that this API exists and might have interesting privacy questions
16:52:21 [npdoty]
christine: Hannes, have you been looking at NFC tech?
16:53:13 [npdoty]
hannes: more interested in Bluetooth LE as it seems to have more uptake than NFC tags have had -- might be a place to focus our attention
16:53:49 [npdoty]
christine: trying to find someone to be a champion
16:54:57 [npdoty]
npdoty: could talk to sysapps group about what specifications are being worked on in that area
16:55:38 [npdoty]
Topic: Geolocation
16:56:00 [npdoty]
christine: didn't invite anyone yet, just asking what's the best next step
16:56:11 [npdoty]
wseltzer: have just rechartered the geolocation WG
16:56:25 [npdoty]
... chair reached out to ask about working with PING on privacy considerations early on
16:56:43 [npdoty]
... inviting the chair and others to a call would be a good way to start
16:57:01 [wseltzer]
-> Geolocation WG Charter
16:57:08 [npdoty]
christine: try to set it up for next call
16:57:14 [npdoty]
tara: great to have the discussions early on!
16:57:43 [npdoty]
Topic: Next meetings
16:57:49 [wseltzer]
-> TPAC 2014
16:57:54 [npdoty]
tara: we could meet at TPAC in Santa Clara in October
16:58:04 [wseltzer]
16:58:16 [tara]
ack wseltzer
16:58:17 [npdoty]
christine: either have a PING-sponsored session
16:58:58 [npdoty]
wseltzer: TPAC is the last week of October. plenary day will have a Symposium (about anniversary) and open plenary discussions on Wednesday
16:59:22 [JoeHallCDT]
I'm going to be looking at the guidance document in the next few weeks
16:59:27 [npdoty]
tara: any urgent comments on documents?
16:59:32 [christine]
16:59:50 [JoeHallCDT]
I have to leave this call immediately though, so maybe Hannes and I can talk with others?
16:59:53 [npdoty]
JoeHallCDT, Hannes -- I'm overdue in sending my comments on guidance as well
16:59:59 [JoeHallCDT]
sry, g2g
17:00:04 [Zakim]
17:00:06 [tara]
Thanks, Joe!
17:00:29 [npdoty]
christine: [relaying IRC comments]
17:00:47 [npdoty]
... add my hope to send some time in near future to review these documents. not forgotten!
17:01:13 [npdoty]
... small group to work on it?
17:01:27 [npdoty]
tara: any conflicts for Thursdays at the end of May?
17:01:32 [christine]
22 or 29 okay, 29 better
17:01:47 [npdoty]
May 29th tentatively our next meeting, let us know of any conflicts
17:02:03 [Zakim]
17:02:04 [Zakim]
17:02:08 [Zakim]
17:02:09 [Zakim]
17:02:12 [Zakim]
17:02:14 [Zakim]
- +44.793.550.aabb
17:02:15 [Zakim]
17:02:20 [npdoty]
Zakim, list attendees
17:02:20 [Zakim]
As of this point the attendees have been tara, Wendy, Plh, tobint, christine, +1.408.203.aaaa, Rigo, [IPcaller], Arvind, npdoty, [Microsoft], terri, [CDT], +44.793.550.aabb,
17:02:23 [Zakim]
... +1.650.253.aacc
17:02:25 [Zakim]
17:02:26 [Zakim]
Team_(privacy)16:00Z has ended
17:02:26 [Zakim]
Attendees were tara, Wendy, Plh, tobint, christine, +1.408.203.aaaa, Rigo, [IPcaller], Arvind, npdoty, [Microsoft], terri, [CDT], +44.793.550.aabb, +1.650.253.aacc
17:02:29 [plh]
plh has left #privacy
17:02:31 [npdoty]
Present+ Hannes
17:02:34 [npdoty]
Present+ Forbes
17:02:41 [npdoty]
Zakim, list attendees
17:02:42 [Zakim]
sorry, npdoty, I don't know what conference this is
17:02:47 [npdoty]
rrsagent, please draft the minutes
17:02:47 [RRSAgent]
I have made the request to generate npdoty
17:03:18 [npdoty]
Zakim, bye
17:03:18 [Zakim]
Zakim has left #privacy
17:03:21 [npdoty]
rrsagent, bye
17:03:21 [RRSAgent]
I see no action items