13:52:41 <RRSAgent> RRSAgent has joined #dap
13:52:41 <RRSAgent> logging to http://www.w3.org/2017/05/18-dap-irc
13:52:43 <trackbot> RRSAgent, make logs world
13:52:43 <Zakim> Zakim has joined #dap
13:52:45 <trackbot> Zakim, this will be DAP
13:52:45 <Zakim> ok, trackbot
13:52:46 <trackbot> Meeting: Device and Sensors Working Group Teleconference
13:52:46 <trackbot> Date: 18 May 2017
13:56:07 <fjh> Agenda: https://lists.w3.org/Archives/Public/public-device-apis/2017May/0022.html
13:56:11 <fjh> fjh has changed the topic to: das https://lists.w3.org/Archives/Public/public-device-apis/2017May/0022.html
13:56:36 <fjh> Chair: Frederick_Hirsch
13:56:50 <fjh> Present+ Frederick_Hirsch
13:57:04 <fjh> Topic: Welcome, scribe selection, agenda review, announcements
13:57:31 <shalamov> shalamov has joined #dap
13:58:43 <fjh> github digest (16 May) https://lists.w3.org/Archives/Public/public-device-apis/2017May/0019.html
13:59:02 <fjh> github digest (9 may) https://lists.w3.org/Archives/Public/public-device-apis/2017May/0008.html
13:59:03 <fjh> mail list spam removal?
13:59:04 <fjh> Orientation Sensor First Public Working Draft and Motion Sensors Explainer W3C Note were published
13:59:05 <fjh> https://lists.w3.org/Archives/Public/public-device-apis/2017May/0012.html
13:59:06 <fjh> HTML Media Capture CR published 4 May, https://www.w3.org/TR/html-media-capture/
14:01:18 <anssik> Present+ Riju_Bhaumik
14:01:38 <dom> Present+
14:01:39 <anssik> Present+ Mikhail_Pozdnyakov
14:01:51 <anssik> Present+ Alexander_Shalamov
14:01:58 <anssik> Present+ Anssi_Kostiainen
14:02:25 <dom> ScribeNick: dom
14:04:34 <dom> Topic: Minutes approval
14:04:35 <fjh> Topic: Minutes approval
14:04:44 <fjh> Approve minutes from 4 May 2017
14:04:45 <fjh> https://lists.w3.org/Archives/Public/public-device-apis/2017May/att-0004/minutes-2017-05-04.html
14:04:46 <fjh> proposed RESOLUTION: Minutes from 4 May 2017 are approved
14:04:47 <dom> RESOLUTION: Minutes from 4 May 2017 are approved https://lists.w3.org/Archives/Public/public-device-apis/2017May/att-0004/minutes-2017-05-04.html
14:04:53 <dom> Topic: HTML Media Capture
14:04:59 <fjh> Chromium implementation https://lists.w3.org/Archives/Public/public-device-apis/2017May/0011.html
14:05:07 <anssik> Test results
14:05:07 <anssik> http://w3c.github.io/test-results/html-media-capture/20170428.html
14:05:15 <dom> FJH: anything needed on this?
14:05:16 <anssik> Analysis of failures
14:05:38 <dom> anssik: my assessment is that the identified failures are false negatives
14:05:43 <anssik> capture_audio-manual.html
14:05:47 <anssik> capture_audio_cancel-manual.html
14:05:53 <anssik> audio capture via <input type=file> not implemented, not a normative spec requirement since accept attribute defined in HTML spec
14:06:10 <dom> ... the first 2 failures (referenced above) are due to the fact that audio capture is not implemented - but that's not a normative requirement
14:06:16 <dom> ... I think the test cases can be dropped
14:06:20 <anssik> capture_fallback_file_upload-manual.html
14:06:25 <anssik> iOS unable to upload files other than media types, unable to test
14:06:51 <dom> ... the 3rd failure on ios is specific to the lack of support of upload on that platform
14:07:19 <dom> s/of upload/non-media upload/
14:07:28 <dom> ... this means we have fairly widespread adoption of that feature
14:07:38 <dom> FJH: that means once the test results are updated we can exit CR
14:07:59 <dom> "This Candidate Recommendation is expected to advance to Proposed Recommendation no earlier than 6 July 2017"
14:08:29 <anssik> https://github.com/w3c/html-media-capture/issues/12
14:08:31 <dom> anssi: there is one thing about how we reflect enum types in IDL attributes
14:08:56 <dom> ... but riju doesn't think that's a blocker; we will investigate this
14:09:34 <dom> riju: the support for enum for attribute reflection was removed; implementations are using DOMString
14:10:08 <dom> Anssi: one approach would be re-import the definition of enum into the spec
14:10:16 <dom> ... or we could change the IDL to DOMString
14:10:22 <dom> ... we will investigate and report back
14:12:47 <dom> Dom: might be worth bringing change soon so that we can stick with the current PR entrance date of July 6
14:12:53 <fjh> dom: publish CR before 6 June would not need to change PR schedule
14:13:51 <dom> Topic: Magnetometer
14:14:05 <anssik> I provided a synthesis of the discussion in:
14:14:05 <anssik> https://github.com/w3c/magnetometer/issues/16#issuecomment-302066759
14:15:22 <dom> anssik: there are use cases both calibrated & uncalibrated magnetometer
14:15:54 <anssik> Editor's conclusion: There are key use cases for both calibrated magnetometer and uncalibrated magnetometer, as well as various native apps that make use of both of these capabilities. This suggests we should consider uncalibrated magnetometer of similar importance to the existing (calibrated) magnetometer.
14:16:54 <dom> fjh: some of the concerns are around usability / understanding from developers
14:17:11 <dom> ... we need to straighten up how this gets presented
14:18:24 <dom> anssik: a separate constructor (rather than a parameters-based approach) was the one that seemed to gain consensus
14:18:30 <dom> ... remains to find the right naming
14:19:18 <anssik> Editor's conclusion: Consensus on the API design emerged, exact naming of the interfaces remains an issue. In the interest of focusing the energy of the participants on more burning issues than naming things, the editor merged the PR inviting further feedback regarding naming of the interfaces to be provided in issue #16.
14:19:47 <dom> fjh: a process issue around how pull requests get merged before consensus is clear
14:19:54 <dom> ... seems to have happened a couple of times now
14:20:38 <dom> anssik: the pull request just landed a proposal in the editors draft, which seems OK as editors draft aren't expected to reflect consensus all the time
14:21:42 <dom> ... the other case was around use cases for ambient light which I landed as non-normative content
14:21:47 <dom> ... I didn't see that as controversial
14:22:03 <dom> FJH: it's probably ok; we should hear from tobie if he feels otherwise
14:23:51 <dom> Anssik: this pull request that I landed was open 7 months ago, so it's good to get preliminary closure on this (although naming isn't done yet)
14:23:53 <dom> Topic: Ambient Lights
14:24:18 <dom> FJH: apparently we're not auto-publishing updates to that one?
14:24:44 <dom> anssik: bikeshed + echidna is still not completely solved
14:25:00 <anssik> https://github.com/w3c/sensors/issues/74
14:25:49 <fjh> dom: can use bikeshed command line to publish WD
14:26:54 <dom> anssik: I can do the "manual" thing
14:26:56 <fjh> dom: thought the integration was working, that Tobie had something working, need to find out from Tobie what is not working or status
14:27:04 <dom> dom: not clear what's blocking the automated approach
14:27:16 <dom> anssik: I'll publish an updated WD of ALS
14:27:30 <anssik> Security and Privacy considerations for ALS
14:27:30 <anssik> https://github.com/w3c/ambient-light/issues/13#issuecomment-302393458
14:28:13 <dom> Anssi: Alex can show that we can mitigate the threats in the article
14:30:32 <dom> Alex: in normal conditions, rounding to 50 lumen would enough to mitigate this risk
14:30:36 <fjh> alex: hard to reproduce vulnerability without creating unrealistic conditions of screen brightness, flashing, wake lock etc
14:30:37 <dom> ... (in our test setup)
14:31:39 <dom> anssik: we can leave the exact rounding to implementors
14:32:05 <dom> q+
14:32:25 <fjh> ack dom
14:33:23 <fjh> dom: are there more threats related to light? do we have a general theory?
14:33:51 <fjh> dom: can we model concerns, so we can mitigate more in advance
14:34:20 <dom> alex: I tried formalizing the threats, but there are too many variables in the real world
14:34:28 <fjh> alex: tried to model considering reflectivity of surfaces etc but too hard to do for variety of surfaces
14:34:31 <dom> ... (e.g. reflection from real wordl objects)
14:34:38 <dom> ... it's not a linear problem
14:34:49 <dom> ... so it's very difficult to model the attack vector
14:35:33 <dom> fjh: it feels already good that we can solve that already hard-to-exploit case
14:36:16 <dom> anssik: so we should update the ALS spec privacy & security section with rounding - would it be normative?
14:36:49 <dom> alex: this research is just a first step to initiate a conversation with Google security team, & Lukasz
14:37:01 <dom> ... I think we need to wait for that discussion to settle before changing the spec
14:37:33 <dom> anssik: that makes sense, but I was wondering if we should be put a normative minimum rounding threshold
14:38:10 <dom> Topic: Generic Sensor API
14:38:33 <anssik> Rewrite Abstract Operations
14:38:33 <anssik> https://github.com/w3c/sensors/pull/197
14:38:39 <dom> anssik: I've identifed 3 issues that can be worth an overview
14:39:26 <dom> Mikhail: we were advised by Chrome engineers to decouple change notification from sensors & requestAnimationFrame
14:39:51 <dom> ... coupling in the real world creates disadvantages as it reduced the FPS
14:40:10 <dom> ... this is important as Tobie was planning to integrate the concept of rAF in the specs
14:41:15 <dom> ... the pull request brings consistency between implementation & spec
14:41:27 <dom> ... I've restructed the abstract operations so that they match with the real world
14:41:33 <dom> ... and dropped unneeded operations
14:41:39 <dom> ... it also fixes some pending issues
14:42:28 <dom> ... incl the fact that sensor objects can influence each other (where two sensors with different options influence each other)
14:42:38 <dom> q+
14:42:43 <fjh> ack dom
14:43:33 <dom> mikhail: I tried to make the execution flow more consistent by setting up a common structure for the algo
14:44:14 <fjh> dom: aliigning with implementations can be good or bad depending on the circumstances, is this only for chrome or is it general enough
14:44:27 <dom> mikhail: it's general
14:44:41 <dom> anssik: yes, it's implementation agnostic
14:46:34 <anssik> Add Input Elements to Mitigation Strategies
14:46:34 <anssik> https://github.com/w3c/sensors/pull/190
14:47:14 <anssik> https://github.com/w3c/sensors/issues/189
14:48:47 <dom> alex: the proposal is to stop all sensors that can interact with touch - i.e. currently motion sensors and ambient light
14:49:19 <dom> s/with touch/with touch when an element has focus/
14:49:38 <dom> anssik: this would mean stopping sensors when using a third-party payment system in a game for instance
14:49:38 <fjh> are there any unexpected consequences?
14:49:51 <dom> ... that sounds reasonable
14:50:03 <dom> alex: another approach is to reduce the polling frequency in these conditions
14:50:24 <dom> ... the point of this issue is that we can use focus state to enforce different security policies that affect sensors
14:50:46 <dom> anssik: I think this is breaking new ground - we haven't found other features in the platform using this for security/privacy
14:51:01 <dom> ... alex can help push this forward if tobie can't
14:51:07 <dom> ... this feels pretty important to have in the spec
14:51:13 <fjh> would be good to note this in the spec
14:51:44 <anssik> Take into account user gestures as an input for security policy enforcement #196
14:51:44 <anssik> https://github.com/w3c/sensors/issues/196
14:52:43 <fjh> good idea to use user actions
14:52:54 <fjh> we discussed in privacy discussions earlier
14:52:55 <dom> Alex: the idea is to take into account trusted events for sensors privacy & security
14:54:03 <dom> FJH: how would this work at the generic sensor level?
14:54:21 <dom> dom: I assume you would only get access to a sensor object out of a trusted event callback
14:54:48 <dom> Topic: Battery Status API
14:54:56 <anssik> https://github.com/w3c/battery/issues/10
14:54:56 <anssik> https://github.com/w3c/battery/pull/11
14:55:03 <dom> anssik: the spec was updated
14:55:19 <dom> riju: implementation is done, missing just test cases
14:56:10 <dom> anssik: question is what next step - do we need an updated CR?
14:56:12 <dom> fjh: +1
14:56:49 <dom> ... I'll do a CfC once the document is ready
14:57:30 <dom> ACTION: Anssi to prepare a new CR draft for battery
14:57:34 <trackbot> Created ACTION-799 - Prepare a new cr draft for battery [on Anssi Kostiainen - due 2017-05-25].
14:58:18 <fjh> dom: impact on Firefox?
14:59:03 <anssik> https://github.com/w3c/battery/issues/5#issuecomment-257617533
15:01:06 <dom> RRSAgent, draft minutes
15:01:06 <RRSAgent> I have made the request to generate http://www.w3.org/2017/05/18-dap-minutes.html dom
15:01:17 <fjh> Topic: Other Business
15:01:45 <fjh> dom: Vibration API will not be shipping in Safari
15:02:06 <fjh> anssik: doesn’t affect anything, dead code removal
15:02:25 <fjh> anssik: looked into hosting but Newcastle might offer more space
15:02:49 <fjh> fjh: thanks, now we need to consider whether we have resources to put together a workshop
15:03:00 <fjh> fjh: thanks everyone
15:03:04 <fjh> Topic: Adjourn
15:03:07 <fjh> rrsagent, generate minutes
15:03:07 <RRSAgent> I have made the request to generate http://www.w3.org/2017/05/18-dap-minutes.html fjh
16:40:06 <shalamov> shalamov has joined #dap
16:51:17 <fjh> s/we discussed in privacy discussions earlier/we discussed such an approach in privacy discussions earlier/
16:51:55 <fjh> s/fjh: thanks,/thanks,/
16:52:09 <fjh> s/fjh: thanks everyone/thanks everyone/
16:52:14 <fjh> rrsagent, generate minutes
16:52:14 <RRSAgent> I have made the request to generate http://www.w3.org/2017/05/18-dap-minutes.html fjh
17:04:32 <Zakim> Zakim has left #dap
17:48:21 <zkis> zkis has joined #dap
18:22:02 <zkis> zkis has joined #dap