16:56:05 <RRSAgent> RRSAgent has joined #privacy
16:56:05 <RRSAgent> logging to http://www.w3.org/2015/12/03-privacy-irc
16:56:07 <trackbot> RRSAgent, make logs 263
16:56:07 <Zakim> Zakim has joined #privacy
16:56:09 <trackbot> Zakim, this will be
16:56:09 <Zakim> I don't understand 'this will be', trackbot
16:56:10 <trackbot> Meeting: Privacy Interest Group Teleconference
16:56:10 <trackbot> Date: 03 December 2015
16:56:36 <tidoust> tidoust has joined #privacy
16:56:44 <npdoty> rrsagent, make logs public
16:56:49 <npdoty> Zakim, clear agenda
16:56:49 <Zakim> agenda cleared
16:57:36 <npdoty> agenda+ Welcome and introductions
16:57:36 <npdoty> agenda+ Presentation API - privacy considerations - further discussion
16:57:38 <npdoty> agenda+ High Resolution Time Level 2
16:57:39 <npdoty> agenda+ Moving forward with the Fingerprinting Guidance
16:57:41 <npdoty> agenda+ Moving forward with the Privacy Questionnaire
16:57:42 <npdoty> agenda+ Follow-up re Geofencing API, Media Capture Streams
16:57:43 <npdoty> agenda+ Ultrasound tracking beacons, Device Orientation privacy and security issues
16:57:44 <npdoty> agenda+ AOB
16:58:51 <chaals> chaals has joined #privacy
17:01:21 <npdoty> present+ npdoty, christine, gnorcie
17:02:47 <christine> Hi all. We'll just wait a couple of minutes before starting.
17:03:59 <wseltzer> zakim, code?
17:03:59 <Zakim> no conference has been identified yet, wseltzer
17:04:46 <wseltzer> zakim, this is 642 381 506
17:04:46 <Zakim> got it, wseltzer
17:04:48 <tidoust> present+ tidoust
17:04:48 <wseltzer> zakim, code?
17:04:48 <Zakim> I have been told this is 642 381 506
17:04:52 <mfoltzgoogle> mfoltzgoogle has joined #privacy
17:04:59 <npdoty> present+ tidoust
17:05:08 <npdoty> present+ mfoltzgoogle
17:05:43 <wseltzer> present+
17:06:28 <npdoty> scribenick: npdoty
17:06:45 <npdoty> Zakim, take up agendum 1
17:06:45 <Zakim> agendum 1. "Welcome and introductions" taken up [from npdoty]
17:07:20 <npdoty> christine: small group this week, might be getting into holiday schedule
17:07:24 <npdoty> welcome!
17:07:33 <npdoty> Zakim, take up agendum 2
17:07:33 <Zakim> agendum 2. "Presentation API - privacy considerations - further discussion" taken up [from npdoty]
17:07:45 <christine> http://www.w3.org/TR/presentation-api/
17:08:16 <npdoty> http://www.w3.org/TR/presentation-api/#security-and-privacy-considerations
17:09:21 <npdoty> christine: helpful when you joined our call last time. but it sounds like you had group conversations on privacy/security while at TPAC
17:10:44 <npdoty> mfoltzgoogle: will give estimate of current status of several privacy issues
17:11:11 <npdoty> ... how do we ensure that the context that renders the presentation, which is rendered onto a shared device potentially, what is the browsing context?
17:11:27 <npdoty> ... don't want to leak information to other browsing contexts or other presentations
17:11:46 <npdoty> ... feedback from the TAG was that there isn't any well-defined context for this already
17:12:06 <npdoty> ... we want an empty local storage, cookie jar, permissions set, etc. (like a private browsing mode)
17:12:20 <npdoty> ... should this interact with the Permissions API?
17:12:44 <npdoty> ... currently investigating the ability to see whether a presentation screen is available already or not
17:13:02 <npdoty> ... how should the spec interact with mixed content?
17:13:43 <npdoty> ... how should the API interact with nested browsing contexts? does the top-level browsing context control how iframes have the ability to request presentations?
17:14:04 <npdoty> ... okay to allow this by default, because risks are just annoying the user
17:14:36 <npdoty> ... but top-level contexts will have the ability to blacklist or prevent its frames from using presentation
17:15:00 <npdoty> ... if the controlling context is on a different device than the presentation, how do we secure the channel for messages?
17:15:34 <npdoty> ... defining that protocol is out of scope, but a Community Group will define a network-level protocol for presentations, including one way to secure presentations
17:16:38 <npdoty> christine: very busy as a group
17:16:40 <npdoty> ... any questions?
17:16:43 <npdoty> q+
17:16:49 <tidoust> q+
17:16:55 <wseltzer> q+
17:22:20 <npdoty> q-
17:22:41 <npdoty> npdoty: questions about the cleared local state context
17:22:56 <npdoty> mfoltzgoogle: can send authentication tokens across messaging
17:23:19 <npdoty> ... want to avoid leakage, but also want to ensure that this will work in the cross-device situation
17:23:40 <mfoltzgoogle> FYI: Our pull request that defines the empty browsing context: https://github.com/w3c/presentation-api/pull/219
17:24:00 <npdoty> tidoust: not just audio/video streaming, particularly in the cross-device case
17:25:32 <npdoty> gnorcie: more concerned about the privacy risks to the user, and streaming audio/video from the user is potentially very sensitive
17:25:50 <npdoty> tidoust: use case is video rendered from the page, not the user's microphone/camera
17:26:18 <npdoty> gnorcie: but seeing what is on my screen is also very sensitive (like documents open on the screen)
17:26:43 <npdoty> tidoust: that matches how we thought about the issue
17:26:52 <npdoty> ack tidoust
17:27:06 <npdoty> tidoust: if there are issues we haven't addressed yet, please let us know
17:27:10 <npdoty> ... don't want to miss any strong concerns
17:27:32 <npdoty> christine: so happy that your group is taking privacy/security so seriously
17:27:37 <npdoty> ack wseltzer
17:28:45 <npdoty> wseltzer: Presentation API gives a good use case for standardizing some private browsing mode, what is the minimal and safe context that can be established
17:29:08 <npdoty> ... can get a standard description of that sandboxed context that works across browsers
17:29:25 <tidoust> [I note that the TAG discussed Private Browsing Mode in relation with the Presentation API yesterday, see draft minutes at: https://pad.w3ctag.org/p/02-12-2015-minutes.md ]
17:30:33 <npdoty> christine: is the goal that when we have another spec with this kind of scenario, then we can suggest using this text?
17:31:35 <npdoty> wseltzer: start collecting these use cases and the approach, possibly into a Note, or could possibly charter a group if there's some more complicated set of use cases about that private mode
17:31:54 <npdoty> christine: could help coordinate discussion with webappsec as well
17:32:11 <npdoty> wseltzer: PING could be helpful, particularly in setting requirements that can be used by security engineers
17:32:14 <npdoty> q+
17:32:45 <wseltzer> npdoty: a few different specs raise security considerations around fullscreen
17:32:56 <wseltzer> ... because user might not know origin of content
17:33:06 <wseltzer> ... could be spoofing risk
17:33:17 <gnorcie> gnorcie has joined #privacy
17:33:20 <wseltzer> ... does presentation API consider this?
17:33:42 <gnorcie> can someone put me in the queue to discuss privacy questionaire?
17:34:25 <gnorcie> I need to leave at 1 so i want to make sure we discuss
17:34:56 <npdoty> mfoltzgoogle: UX focused on making the user know which origin is being displayed, and origin being accessible after the fact
17:36:24 <npdoty> ... phishing more awkward in this scenario because the user has to grant permission for displaying on that presenter display each time
17:36:32 <npdoty> tidoust: could open a issue for notes to add there
17:36:42 <npdoty> ... is there any screen that the second screen could be used by another user
17:37:54 <npdoty> ... could a user be tricked into thinking that they're just doing regular browsing on the separate device
17:38:15 <npdoty> npdoty: yeah, seems like there are multiple users by definition
17:38:36 <npdoty> mfoltzgoogle: maybe have an issue about multi-user, like a second user controlling the presentation without the user's knowledge
17:39:54 <npdoty> christine: will send out email summary, to note for people who want to raise issues that now is a good time
17:40:05 <npdoty> zakim, take up agendum 3
17:40:05 <Zakim> agendum 3. "High Resolution Time Level 2" taken up [from npdoty]
17:40:18 <mfoltzgoogle> mfoltzgoogle has left #privacy
17:40:19 <npdoty> the academic paper, http://arxiv.org/pdf/1502.07373v2.pdf
17:40:44 <npdoty> http://www.w3.org/TR/hr-time-2/
17:41:36 <npdoty> christine: request in from phillippe, note some privacy/security concerns
17:41:57 <npdoty> ... the spec recommends a minimum resolution to protect against cache attacks which could identify the user
17:43:39 <npdoty> npdoty: would have to read the paper in more detail, not sure which attacks are protected by the 5 microsecond resolution change
17:44:17 <npdoty> christine: can ask phillippe if they want to come and talk to us, might explain how useful the mitigation is
17:44:51 <npdoty> npdoty: can also ask whether the academic community has provided specific review
17:45:12 <npdoty> take up agendum 4
17:45:23 <npdoty> yay, that Interest Group Draft Note published
17:46:17 <wseltzer> npdoty: now we have a reasonably stable doc we can ask people to review
17:46:31 <wseltzer> ... and we can invite people to add to github issues list, provide proposed resolution
17:46:41 <wseltzer> christine: should I solicit input from chairs?
17:46:45 <wseltzer> npdoty: yes
17:47:28 <npdoty> Zakim, take up agendum 5
17:47:28 <Zakim> agendum 5. "Moving forward with the Privacy Questionnaire" taken up [from npdoty]
17:48:08 <npdoty> gnorcie: sent out email in things we can send as specific pull requests to the TAG for the security questionnaire
17:48:22 <npdoty> ... privacy things would just be the very simple things (did you think about privacy?)
17:48:45 <npdoty> ... and if you want to dive deep, including edge cases that won't be applicable for every standard
17:51:49 <npdoty> npdoty: +1, matches the TAG discussion at TPAC, where they wanted a very simple version for most, and then a drill-down
17:52:02 <npdoty> gnorcie: want to make this collaborative, rather than just my own thoughts
17:52:22 <npdoty> npdoty: I know what you mean :) yes, take that as a reminder
17:52:51 <npdoty> christine: maybe we can split up, focus on one small question at a time, looking at different documents
17:53:11 <npdoty> ... even when we have best intentions, many collaborators are going to be doing this in the spare time during their day jobs
17:53:17 <tara> tara has joined #privacy
17:53:22 <npdoty> ... mailing list does best with snippet discussions on particular topic
17:53:36 <tara> Hullo all! Sorry to join late.
17:53:41 <npdoty> present+ tara
17:55:18 <keiji> keiji has joined #privacy
17:56:25 <npdoty> christine: will schedule a time to talk with greg
17:57:13 <npdoty> npdoty: some things will need a full document review, but when we have a specific attack or a specific news item, should have that small discussion and ask whether we have general guidance about it
17:57:46 <npdoty> January 28
17:58:08 <npdoty> [adjourned]
17:58:13 <npdoty> chair: christine
17:58:22 <npdoty> rrsagent, please draft the minutes
17:58:22 <RRSAgent> I have made the request to generate http://www.w3.org/2015/12/03-privacy-minutes.html npdoty
17:59:11 <npdoty> present+ wseltzer
17:59:45 <npdoty> rrsagent, please draft the minutes
17:59:45 <RRSAgent> I have made the request to generate http://www.w3.org/2015/12/03-privacy-minutes.html npdoty
18:01:06 <npdoty> npdoty has changed the topic to: Privacy Interest Group, 3 December: http://www.w3.org/2015/12/03-privacy-minutes.html
18:01:50 <keiji> keiji has left #privacy