IRC log of tvapi on 2015-09-01

Timestamps are in UTC.

13:05:10 [RRSAgent]
RRSAgent has joined #tvapi
13:05:10 [RRSAgent]
logging to http://www.w3.org/2015/09/01-tvapi-irc
13:05:19 [Zakim]
Zakim has joined #tvapi
13:06:50 [kaz]
scribenick: cpn
13:06:55 [cpn]
Meeting: TV Control API
13:06:56 [kaz]
scribe: Chris
13:07:14 [kaz]
Agenda: https://lists.w3.org/Archives/Public/public-tvapi/2015Aug/0017.html
13:07:23 [cpn]
Present: Bin Hu, Chris, Kaz, Paul Higgs, Sean Lin, Sung Hei Kim
13:07:34 [cpn]
Topic: Summary of action items
13:07:47 [kaz]
-> http://www.w3.org/community/tvapi/track/actions/open actions
13:08:03 [kaz]
action-36?
13:08:03 [trackbot]
action-36 -- Chris Needham to Look at the requirements from the media pipeline tf -- due 2015-09-01 -- OPEN
13:08:03 [trackbot]
http://www.w3.org/community/tvapi/track/actions/36
13:08:15 [nigel]
nigel has joined #tvapi
13:09:24 [kaz]
cpn: security and privacy portion
13:09:47 [kaz]
... W3C published some guideline or recommendation
13:10:06 [kaz]
... fingerprinting, etc., for browser usage
13:10:17 [kaz]
... TV and interaction services
13:10:40 [kaz]
... visibility of entire channel list, etc., would be related to privacy issues
13:10:55 [kaz]
... also regarding recording APIs
13:11:21 [kaz]
... scheduled recordings would be related security and privacy restriction
13:11:46 [kaz]
... those kind of issue should be considered
13:11:58 [kaz]
bin: right
13:12:05 [kaz]
cpn: any comments so far?
13:12:21 [kaz]
bin: great and really appreciate your hard work
13:12:45 [kaz]
... good to see the MPTF requirements
13:13:16 [kaz]
... but not necessarily connected to our gap analysis
13:13:45 [kaz]
... their target was indicating gaps for HTML5
13:14:17 [kaz]
... which might be addressed by the future version of HTML5
13:14:45 [kaz]
... security&privacy might be handled by the applications themselves
13:15:26 [kaz]
... we need to look into the MPTF requirements based on that kind of big picture
13:15:59 [kaz]
... might want to have more fundamental method to solve the issues
13:16:22 [kaz]
... before TPAC there will be not much time
13:16:37 [kaz]
... that is my view
13:17:48 [kaz]
cpn: understand what you're saying
13:18:02 [kaz]
... higher level of functionality we'd like to expose is the priority
13:18:27 [kaz]
s/cpn:/paul:/
13:18:57 [kaz]
... (paul explains some usability issue)
13:19:40 [kaz]
... recording schedule from one domain to another domain would be difficult just using cookie mechanism
13:20:18 [kaz]
bin: don't think that would be an API issue
13:20:35 [kaz]
paul: we should make a note
13:20:47 [kaz]
scribenick: cpn
13:21:09 [kaz]
i/security and privacy portion/scribenick: kaz/
13:21:15 [cpn]
... we'd need to think about our security model, e.g., the OIPF has one
13:22:36 [cpn]
Bin: Is it appropriate for us to address these issues, or are they a much bigger thing for the web platform as a whole?
13:22:53 [cpn]
... Also regulatory issues
13:23:50 [jcverdie]
jcverdie has joined #tvapi
13:24:04 [cpn]
Paul: But not everyone will write 'nice' web-apps, and given the openness of the web, if there's no sandboxing then we run the risk of devices being vulnerable to bad activity
13:24:13 [cpn]
... This isn't a good user experience
13:24:36 [cpn]
... We could say it's not in scope of our work, but then which group should look at this?
13:24:48 [cpn]
Bin: it could be the HTML5 group, possibly
13:25:32 [cpn]
... Could Kaz or Daniel suggest where this should be considered in terms of overall security?
13:25:35 [kaz]
q+
13:25:51 [cpn]
... Another group may have more expertise and more resourse to help solve this
13:28:09 [cpn]
... This is separate to us achieving a spec in our timescale, and we're only a CG at this stage
13:29:02 [cpn]
Paul: Each W3C spec has security considerations in place, but it's not in our current requirements, but we risk creating a spec that's not usable
13:29:47 [cpn]
Bin: I think we shuold look at this from the point of view of overall web security
13:30:06 [cpn]
Kaz: There is a separate WG - the Web Apps Security WG - discussing security
13:30:42 [cpn]
... There's also an automotive WG and an automotive business group, also looking at security and privacy issues, there's give a good example
13:31:03 [cpn]
s/there's/they/
13:31:33 [cpn]
... We could work with these groups, e.g., at TPAC Sapporo, get their advice
13:32:03 [cpn]
Bin: I don't know how we can achieve our goal by the end of this year
13:32:26 [cpn]
Kaz: The automotive groups have a joint TF looking at security+privacy
13:33:00 [cpn]
... From a timescale point of view, we can just record that we have identified these issues, but not change the API at this stage
13:33:29 [cpn]
... In the automotive case, they've just started discussing security, having become a WG
13:34:11 [cpn]
Bin: I see a time to market issue here for us
13:35:35 [cpn]
... I suggest having two work-streams: one to complete the API spec based on the gap analysis, another to discuss with these other groups and to prioritise what's needed for a second version of the spec
13:37:11 [cpn]
... If we don't have solutions for the current gaps, which are driven by the industry participants, we'll finish the first version with those remaining, and defer those also to a second version
13:37:33 [cpn]
... Does this sound reasonable?
13:38:05 [cpn]
Kaz: I think so, we could create a task force for the next generation spec
13:38:43 [cpn]
Bin: ... And the scope of that TF would be broader than just security/privacy
13:39:13 [ddavis]
scribenick: ddavis
13:39:42 [ddavis]
cpn: Forgive me if this is too soon but we've spent a long time on this issue on this call. What I'd like to hear is feedback form other implementers.
13:40:00 [ddavis]
cpn: That's where the future of the spec lies - implementations. Maybe TPAC is a good opportunity to get feedback.
13:40:36 [ddavis]
cpn: At this stage, I'm uncertain but I hope in the next generation we get a broader amount of participation in the group. Maybe that's the time to start addressing these other issues.
13:40:54 [ddavis]
scribenick: cpn
13:41:52 [cpn]
Bin: Maybe Chris or Paul could lead this work in the future?
13:41:59 [kaz]
close action-36
13:41:59 [trackbot]
Closed action-36.
13:42:19 [cpn]
Bin: Next topic is conditional access (CAS)
13:42:23 [kaz]
action-38?
13:42:23 [trackbot]
action-38 -- Sung Hei Kim to Propose an api spec for conditional access systems -- due 2015-09-01 -- OPEN
13:42:23 [trackbot]
http://www.w3.org/community/tvapi/track/actions/38
13:43:12 [kaz]
-> https://lists.w3.org/Archives/Public/public-tvapi/2015Sep/0000.html SungHei's writeup
13:43:13 [cpn]
Sung Hei: I sent an email while ago. I've looked at the ATSC and MPEG-2 specs, which define a conditional access descriptor
13:43:29 [cpn]
... The CA card meta information is provided by the CA descriptor
13:44:06 [cpn]
... The ATSC CAS spec has a CA system ID, which normally identifies the vendor of the CAS system
13:44:52 [cpn]
... There isn't other meta information in the ATSC spec
13:46:08 [cpn]
... The ISO spec is similar to ATSC, but it has a CA PID, with ECM or EMM information
13:46:47 [cpn]
... Also, the PES also has a flag to indicate of the content is scrambled
13:47:55 [cpn]
... I think we can define meta information for CA cards, and I defined a TVCICardInformation dictionary, with CAS system ID and PID
13:48:34 [cpn]
... The TVChannel has an isFree attribute, which should correspond to the isScrambled
13:49:25 [cpn]
... I wasn't sure where to put this information, maybe in TVChannel or TVSource - or maybe a new interface?
13:49:49 [cpn]
Paul: I don't think it should go into TVChannel, as the same card can be used to decrypt multiple channels
13:50:36 [cpn]
... I think there two things: the per-channel CA system ID, but is different to the cards that are installed in the system
13:50:58 [cpn]
Sung Hei: So, we can have information in the TVChannel, and also under TVManager?
13:51:38 [cpn]
Paul: If the entitlement to a channel changes, e.g., going from free to paid, these would go under TVManager
13:52:41 [cpn]
... I'm not sure why the content would need to know where the ECM and EMM are
13:53:43 [cpn]
Sung Hei: We could remove the CAS PID if we don't need it
13:54:01 [cpn]
Bin: I suggest we pick this up on the mailing list
13:55:20 [cpn]
Sung Hei: Another question: the content already knows what kind of CA card is needed to decode, so I don't think the application needs to choose, so maybe we should remove this requirement?
13:55:41 [cpn]
... It's difficult for the webapp to choose which CA card to apply to which content
13:56:02 [cpn]
Bin: Next is parental control, Paul has summarised this on the mailing list
13:56:54 [cpn]
Paul: There are things still to address, e.g., how subtitle information is transferred from the video source to the video element
13:57:20 [cpn]
Bin: Is how to do this an implementation issue?
13:57:54 [cpn]
Paul: I would thing we'd use the various video/audio/text track elements to do this
13:58:49 [cpn]
s/thing/think/
13:59:00 [cpn]
Chris: I agree with this approach
13:59:36 [cpn]
Paul: The existing spec, based on the WebRTC MediaStrea, we have doesn't allow text or data channels
13:59:46 [cpn]
s/MediaStrea/MediaStream/
14:00:52 [jcverdie]
jcverdie has joined #tvapi
14:01:57 [cpn]
Bin: I suggest Sean work with Paul on the interface
14:02:38 [cpn]
Bin: Regarding TPAC, I don't have an update from the Web & TV chairs
14:03:03 [cpn]
Kaz: We need to ask them again, also Glen, GGIE moderator
14:03:30 [cpn]
... Let's discuss on the chairs/moderators mailing list
14:03:56 [cpn]
... Maybe have a session in the morning, leave the afternoon for GGIE
14:04:28 [cpn]
Chris: should we organise a break-out session?
14:04:53 [cpn]
Daniel: It would be good to bring to the IG as a whole, so it should be fine to include during the day
14:05:51 [cpn]
Kaz: After the meeting on Oct 26, if there are things to discuss we could have a break-out on the Wednesday to continue
14:06:31 [cpn]
Bin: Thank you everybody
14:07:45 [kaz]
[ adjourned ]
14:07:47 [skim13]
skim13 has left #tvapi
14:07:49 [kaz]
rrsagent, make log public
14:07:49 [seanlin]
seanlin has left #tvapi
14:07:53 [kaz]
rrsagent, draft minutes
14:07:53 [RRSAgent]
I have made the request to generate http://www.w3.org/2015/09/01-tvapi-minutes.html kaz
14:09:20 [cpn]
Chair: Bin Hu
14:09:40 [cpn]
rrsagent, draft minues
14:09:40 [RRSAgent]
I'm logging. I don't understand 'draft minues', cpn. Try /msg RRSAgent help
14:09:44 [cpn]
rrsagent, draft minutes
14:09:44 [RRSAgent]
I have made the request to generate http://www.w3.org/2015/09/01-tvapi-minutes.html cpn
14:10:00 [jcverdie]
jcverdie has joined #tvapi
14:14:59 [jcverdie]
jcverdie has joined #tvapi
15:11:29 [jcverdie]
jcverdie has joined #tvapi
15:26:08 [jcverdie]
jcverdie has joined #tvapi
15:40:57 [Zakim]
Zakim has left #tvapi
16:12:20 [nigel]
nigel has joined #tvapi