See also: IRC log
<scribe> Scribenick: tobie
<fjh> New WDs published for Accelerometer, Gyroscope, Magnetometer , https://lists.w3.org/Archives/Public/public-device-apis/2017Apr/0017.html
<fjh> TPAC F2F planning, please respond before 1 May, https://lists.w3.org/Archives/Public/public-device-apis/2017Apr/0014.html
anssik: there might be overlaps,
but that's the best effort.
... if we find funding could fjh travel?
fjh: that would really help, however still need to understand if I can go
<fjh> github weekly summary 1 : https://lists.w3.org/Archives/Public/public-device-apis/2017Apr/0019.html
<fjh> github weekly summary 2: https://lists.w3.org/Archives/Public/public-device-apis/2017Apr/0020.html
<fjh> https://lists.w3.org/Archives/Public/public-device-apis/2017Apr/0021.html
<fjh> tobie: suggests F2F in Europe outside of TPAC
<fjh> ACTION: fjh discuss F2F alternatives/approach with dom [recorded in http://www.w3.org/2017/04/20-dap-minutes.html#action01]
<trackbot> Created ACTION-793 - Discuss f2f alternatives/approach with dom [on Frederick Hirsch - due 2017-04-27].
<fjh> Approve minutes from 6 April 2017
<fjh> https://lists.w3.org/Archives/Public/public-device-apis/2017Apr/att-0013/minutes-2017-04-06.html
<fjh> proposed RESOLUTION: Minutes from 6 April 2017 are approved
RESOLUTION: Minutes from 6 April 2017 are approved
<fjh> CfC completed successfully https://lists.w3.org/Archives/Public/public-device-apis/2017Apr/0022.html
<fjh> ACTION: fjh to send transition request for Orientation Sensor specification and FPWD of Motion Explainer Note [recorded in http://www.w3.org/2017/04/20-dap-minutes.html#action02]
<trackbot> Created ACTION-794 - Send transition request for orientation sensor specification and fpwd of motion explainer note [on Frederick Hirsch - due 2017-04-27].
<fjh> CR transition request sent and approved, sent publication request.
fjh: transition request sent and approved; I also sent publication request
shalamov: was busy with other things. Will do next week
fjh: suggests fwd the message to the group
dom: request was for GH issue
fjh: suggests responding on the list first so the group is aware, noting that issues will be entered into GH
shalamov: what mailing list?
dom: public-webapps@
fjh: github summary is super
useful. Thanks dom et al.
... permissions are hard
<fjh> tobie: great that implementers are getting involved with permissions and security work
<fjh> … have some stuff available in different places
<fjh> … new threats keep emerging
<fjh> … want to first write a paper and discuss and use as basis for moving forward
<fjh> … do not have shared understanding of goals, use cases and risks
<fjh> … material is in various issues, which is why need to pull together; lost original draft
<fjh> … discussions on new threats, issues, mechanisms, implementer notes
<fjh> … re high level versus low level and security - put tighter permissions on low level APIs
<fjh> … thus provide incentive for higher level APIs, e.g. fewer user prompts etc
<fjh> … fingerprinting , eavesdropping using sensors etc - so many threats and many unexpected. Hard to explain to non-experts
<fjh> s/permissions are hard/two questions - concern about security risks with low level APIs , though you make good argument in email; and permsissions approach/
<fjh> … some sensor use cases need low level access, others might not (e.g. ambient light).
<fjh> … different sensors have different use cases, threats and issues
<fjh> … just starting, need to create shared goals
<fjh> anssik: tobie will have F2F time with Lucaz next week
<fjh> tobie: yes, good
<fjh> s./Lucasz/Lucasz/
<dom> +1 on "permission prompt" being a bad approach
<anssik> +1
<fjh> tobie: prompting for permissions is bad
<dom> (but that's distinct from binding sensors to a permission system à la Permission API)
<fjh> right, just train users to say yes to prompts
<fjh> tobie: would like more conversations with Google implementers working on security
<fjh> … on this topic
<fjh> do we need a workshop?
<fjh> @dom does this sound like a W3C workshop?
<fjh> tobie: mistake to assume magic number for security, like sensor frequency of 60Hz, need to understand use cases
<fjh> fjh: propose workshop of security and permissions on sensors - focus might be good, ratther than generic F2F
<fjh> dom: had a F2F similar to this in Paris
<fjh> dom: in 2015?
<fjh> fjh: might be worth doing again, first look at what the result of the earlier workshop was
<anssik> https://www.w3.org/2014/07/permissions/
<fjh> dom: new workshop on new threats, new lessons, new work
<fjh> +1
<fjh> https://www.w3.org/2014/privacyws/
<dom> https://www.w3.org/2014/07/permissions/minutes.html
<fjh> tobie: lacking work now on permissions API, not a priority
<fjh> … concern
<fjh> fjh: can make permissions a priority if we get interest and agreement on goals at workshop
<fjh> tobie: issues arise, e.g. revocation of permissions, policy; there is a whole ecosystem of work to consider
<fjh> ACTION: fjh to review outcome of W3C Workshop on trust and permissions for web applications [recorded in http://www.w3.org/2017/04/20-dap-minutes.html#action03]
<trackbot> Created ACTION-795 - Review outcome of w3c workshop on trust and permissions for web applications [on Frederick Hirsch - due 2017-04-27].
<fjh> dom: rough agreement on this?
dom: I'll start conversation internally
<fjh> fjh: think useful to consider this as part of the conversation of whether to have a F2F
<fjh> dom: need to answer the question as to why another workshop and what is new
<dom> ACTION: Dom to look at potential for a permissions-oriented w3c meeting/workshop [recorded in http://www.w3.org/2017/04/20-dap-minutes.html#action04]
<trackbot> Created ACTION-796 - Look at potential for a permissions-oriented w3c meeting/workshop [on Dominique Hazaël-Massieux - due 2017-04-27].
<fjh> ACTION: tobie to provide a list of important questions and concerns that need answers - for which a workshop might help [recorded in http://www.w3.org/2017/04/20-dap-minutes.html#action05]
<trackbot> Created ACTION-797 - Provide a list of important questions and concerns that need answers - for which a workshop might help [on Tobie Langel - due 2017-04-27].
<anssik> https://w3c.github.io/permissions/
<anssik> https://github.com/w3c/permissions
fjh: wakelock API had an issue with secure context
dom: spec was re-written based on
TAG feedback
... TAG was happy with proposed changes
... I saw old issue with secure context which needed to be
revisited
fjh: seems like an issue we could
easily fix
... should we ping Andrej?
... we'll just leave it in the minutes
Ajourn
<fjh> none
<fjh> Thanks everyone
<fjh> good call
<fjh> Note we discussed F2F issues with Dom on call so no need for follow up action
<fjh> ACTION-793: discussed during teleconference
<trackbot> Notes added to ACTION-793 Discuss f2f alternatives/approach with dom.
<fjh> close ACTION-793
<trackbot> Closed ACTION-793.
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Succeeded: s/help./help, however still need to understand if I can go/ FAILED: s/permissions are hard/two questions - concern about security risks with low level APIs , though you make good argument in email; and permsissions approach/ Succeeded: s/Lucaz/Lucasz/ Succeeded: s/tobie:promiting/tobie: prompting/ Succeeded: s/>/?/ Succeeded: s/>/?/ Succeeded: s/permsissions/permissions/ Succeeded: s/hi anssi :)// Succeeded: s/github week/github weekly summary/g Succeeded: s/ACTIONB-793: discussed during teleconference// Succeeded: s/transition request sent and approved/transition request sent and approved; I also sent publication request/ Succeeded: s/suggests responding on the list first so the group is aware/suggests responding on the list first so the group is aware, noting that issues will be entered into GH/ Present: Frederick_Hirsch Alexander_Shalamov Tobie_Langel Anssi_Kostiainen Wanming_Lin Dominique_Hazael-Massieux Regrets: Mikhail_Pozdnyakov Found ScribeNick: tobie Inferring Scribes: tobie Agenda: https://lists.w3.org/Archives/Public/public-device-apis/2017Apr/0018.html Found Date: 20 Apr 2017 Guessing minutes URL: http://www.w3.org/2017/04/20-dap-minutes.html People with action items: dom fjh tobie WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option.[End of scribe.perl diagnostic output]