See also: IRC log
<trackbot> Date: 28 January 2015
<npdoty> agenda for January 28: https://lists.w3.org/Archives/Public/public-tracking/2015Jan/0004.html
<WileyS> I hear no one on the call - is it working?
<WileyS> I hear typing now - I guess we're good
<WileyS> Thank you Nick
<fielding> TPE changes since LCWD are diffed at http://www.w3.org/2011/tracking-protection/drafts/diffs/TPE-LCWD-to-20141217.html
<npdoty> Compliance changes since WD are diffed at http://services.w3.org/htmldiff?doc1=http%3A%2F%2Fwww.w3.org%2FTR%2F2014%2FWD-tracking-compliance-20141125%2F&doc2=http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html
<npdoty> scribenick: npdoty
schunter: welcome back. agenda for today, looking at TPE review and then Compliance
… any comments for the agenda?
schunter: ask fielding to walk us through the changes
… goal is moving to next step, Candidate Recommendation
… give the group two weeks to review, if the changes are okay, then would like to move this to Candidate Recommendation
<fielding> http://www.w3.org/2011/tracking-protection/drafts/diffs/TPE-LCWD-to-20141217.html
fielding: this is a diff of changes from the Last Call draft
… slight change in wording about the HTTP specs
… line 433, in response to a comment, removed the %31 notation, everyone understands “1” and “0”
… line 459, moved javascript property back to navigator
… based on discussion with browser folks
… “nullable” property, just clarifies
… added a note about possible extension text
… value for “G” was added, and a new section for a Gateway response
… (section hasn’t changed since last list discussion of that topic)
<WileyS> I haven't
… wileys, did you review that section?
<WileyS> But I don't believe my issues were significant enough to hold up the process
<fielding> section 6.2.4 of http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html
fielding: 6.3.1, just a little more text to describe “G” as a potential answer
… 6.3.2 changed MAY to can because not interoperability requirement
… note about status-id resolution, which is a response to a Last Call comment
… do we need a wider character set to allow in the well-known URL request?
… don’t currently see any reason to do so
… fixes in the references
… in exceptions API section, changes to improve the definitions of origin, based on conversations with browser folks
… definitions are much shorter, an improvement
schunter: makes it easier to re-use algorithms. now points to existing references, RFCs and Recommendations
fielding: +1. just a terminology change, but makes it easier for implementers
… clarified later in that section that lack of exception might not imply DNT:1 (for example, if user generally sends nothing)
… in the StoreExceptionPropertyBag, added “expires” and “maxAge” parameters
fielding: make it the same as what cookies are able to describe
… per moneill
… may have further comments on that
… (do we need both?)
… description of those parameters
… using referenced terminology, rfc6265
… in 7.6, changed to refer to DNT preference rather than header field (since it might be expressed through the DOM as well)
… suggestion about the use of a “t” qualifier for transferred consent
… addition from dsinger that claims are being made by the site and not the user agent
… “Nonetheless, at the time of the call”
… explanation of why the API doesn’t need a return value / asynchronous response
… additional references, others just moved around
schunter: any comments or
questions?
... set a two-week deadline for comments
<wseltzer> npdoty: About the Gateway response, do we have any feedback from implementers or commenters?
<WileyS> I will in the next week
<wseltzer> npdoty: process points before transition to CR
<wseltzer> ... we need to respond to all LC comments
<wseltzer> ... and bring info to the Director, including potential responses from commenters
<fielding> Other things remaining for me: 1) mark DNT-extensions as at-risk; 2) look into changing the ABNF of representation to a more JSONish description (editorial)
<wseltzer> ... Group needs to decide it wants to move forward.
<wseltzer> ... So: we decide we want to move forward, present to director
<wseltzer> fielding: Editorial marking for "at-risk" features?
<wseltzer> ... For the DNT extension mechanism
<wseltzer> npdoty: I'll look into that
<wseltzer> schunter: In 2 weeks, we'll freeze the document.
<wseltzer> ... then go into CR transition
<WileyS> Are there any companies that have signed-up for candidate review?
<WileyS> What happens if no one signs up?
<WileyS> Actually implement DNT on the server side
<WileyS> And if no one implements?
npdoty: CR is a Call for Implementations, but you don’t have to commit to ahead of time
fielding: if nobody implements it, it won’t go to a full Rec
<WileyS> Thank you
+1, need implementations to progress further
<wseltzer> scribenickk: wseltzer
<scribe> scribenick: wseltzer
npdoty: Diff between current ED
and what we published in November as WD
... 1st significant change, sec 1 "Scope"
... Change proposals and comments addressed
... Issue-209
... Definitions: clarifying that party status is just with
respect to a given user action
... Server compliance: changes in indicating
compliance/non-compliance
... Added paragraph on DNT:0 (moved)
... 1st party compliance, one-word change to fix an ambiguity I
had introduced
... 3.3.1.3 ... use defined term "tracking data"
... 3,3,2,1 remove line so as not to duplicate requirement from
general permitted uses
... UGE, improve handling
<npdoty> https://lists.w3.org/Archives/Public/public-tracking/2014Dec/0028.html
npdoty: That was the full set of
editorial corrections.
... Still a few comments in email
<npdoty> Perhaps we could change:
<npdoty> > A party MUST provide public transparency of the time periods for which data collected for permitted uses are retained.
<npdoty> to:
<npdoty> > A party MUST publicly describe definite time periods for which data collected for permitted uses are retained.
<npdoty> https://lists.w3.org/Archives/Public/public-tracking/2015Jan/0001.html
npdoty: don't think there's more
to do on non-normative text
... welcome group's review
schunter: not yet to 2-week deadline
fielding: there was an issue on
server log files
... not sure if current text is sufficient to cover temporary
log-file use
<npdoty> http://www.w3.org/2011/tracking-protection/drafts/tracking-compliance.html#server-compliance
npdoty: server compliance section
fielding: does the text there cover, or are we waiting for more text?
npdoty: I'm not anticipating more text
fielding: I think it covers
sufficientl
... chairs can do a call to close issue-134
<npdoty> +1
schunter: other comments?
fielding: the text in the document hasn't gotten any comments in a while
issue-134?
<trackbot> issue-134 -- Would we additionally permit logs that are retained for a short enough period? -- open
<trackbot> http://www.w3.org/2011/tracking-protection/track/issues/134
scribe: so I'd suggest chairs call to close issue-134.
npdoty: still waiting for cfo
response on isseu 235, 219
... several issues we've resolved or editorial, need to revirew
with group
<npdoty> http://www.w3.org/wiki/Privacy/TPWG#Change_proposals
<fielding> http://www.w3.org/2011/tracking-protection/track/products/5
fielding: is this compliance current or compliance next?
npdoty: Current
<npdoty> if the Tracker is out of date, that’s something we should ask Justin about
schunter: we made some progress on CFOs
issue-235?
<trackbot> issue-235 -- Auditability requirement in Reasonable Security section -- raised
<trackbot> http://www.w3.org/2011/tracking-protection/track/issues/235
schunter: we determined consensus to remove auditability language
issue-219?
<trackbot> issue-219 -- Limitations on use in a 3rd party context of data collected in a 1st party context -- raised
<trackbot> http://www.w3.org/2011/tracking-protection/track/issues/219
schunter: whether parties can
collect info as first parties and use in third-party context?
We determined consensus not to permit 3d pty use of 1st pty
data
... One important point, there can be UGE
<fielding> or prior consent
schunter: that was closer to user expectations
<npdoty> yeah, we use “UGE” when we could more precisely refer to “user-granted exceptions, in band or out of band, or other prior consent”
<npdoty> I can make those changes to the draft this week
schunter: interesting, on 219, Roy had objections to both cases, but there was no third option
<npdoty> and then have fewer issue blocks
<fielding> I reserve the right to object to sound proposals as well ;-)
schunter: AOB?
npdoty: take a couple weeks to
review issue resolution, couple weeks to review document
overall
... hope that's all we have left before LC
[adjourned, meet again next week]
This is scribe.perl Revision: 1.140 of Date: 2014-11-06 18:16:30 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Found ScribeNick: npdoty Found ScribeNick: wseltzer Inferring Scribes: npdoty, wseltzer Scribes: npdoty, wseltzer ScribeNicks: npdoty, wseltzer Default Present: npdoty, [FTC], Carl_Cargill, rvaneijk, moneill2, Fielding, WileyS, dwainberg, hefferjr, schunter, Chris_Pedigo, Amy_Colando, WaltMichel, kulick, WSeltzer Present: npdoty [FTC] Carl_Cargill rvaneijk moneill2 Fielding WileyS dwainberg hefferjr schunter Chris_Pedigo Amy_Colando WaltMichel kulick WSeltzer Regrets: dsinger justin Found Date: 28 Jan 2015 Guessing minutes URL: http://www.w3.org/2015/01/28-dnt-minutes.html People with action items:[End of scribe.perl diagnostic output]