05:55:56 <RRSAgent> RRSAgent has joined #privacy
05:55:56 <RRSAgent> logging to http://www.w3.org/2016/04/28-privacy-irc
05:56:00 <Zakim> Zakim has joined #privacy
05:56:06 <wseltzer> wseltzer has changed the topic to: Privacy IG
06:36:06 <yoav> yoav has joined #privacy
07:18:26 <yoav_> yoav_ has joined #privacy
08:11:02 <Zakim> Zakim has left #privacy
08:28:34 <Zakim> Zakim has joined #privacy
08:28:47 <wseltzer> zakim, please ping us in 10 hours
08:28:47 <Zakim> ok, wseltzer
09:14:49 <chaals> chaals has joined #privacy
10:27:15 <yoav> yoav has joined #privacy
11:50:23 <HotBlack> HotBlack has joined #privacy
12:28:16 <chaals> chaals has joined #privacy
13:38:38 <fjh> fjh has joined #privacy
13:54:49 <fjh> fjh has joined #privacy
13:59:09 <anssik> anssik has joined #privacy
14:10:21 <TallTed> TallTed has joined #privacy
15:40:32 <azaroth> azaroth has joined #privacy
15:52:05 <keiji> keiji has joined #privacy
15:53:13 <keiji> keiji has joined #privacy
15:53:20 <christine> christine has joined #privacy
15:55:13 <shepazu> shepazu has joined #privacy
15:56:32 <tara> tara has joined #privacy
15:56:36 <keiji> RRSagent, make minutes
15:56:36 <RRSAgent> I have made the request to generate http://www.w3.org/2016/04/28-privacy-minutes.html keiji
15:56:45 <keiji> RRSAgent, make logs team
15:57:18 <ivan> ivan has joined #privacy
15:58:01 <npdoty> npdoty has joined #privacy
15:58:19 <keiji> Meeting: PING April 2016
15:58:31 <ivan> Present+ Ivan_Herman
15:58:43 <keiji> present+
15:58:46 <azaroth> Present+ Rob_Sanderson
15:59:55 <tara> present+
16:00:06 <TimCole> TimCole has joined #privacy
16:00:33 <Ian> Ian has joined #privacy
16:00:44 <tara> Hullo and welcome!
16:01:05 <Ian> rrsagent, pointer?
16:01:05 <RRSAgent> See http://www.w3.org/2016/04/28-privacy-irc#T16-01-05
16:01:08 <Ian> agenda?
16:01:18 <mikeoneill> mikeoneill has joined #privacy
16:01:29 <npdoty> present+
16:01:45 <npdoty> "living in the land of privacy" :)
16:02:21 <keiji> Chair: Christine
16:02:23 <Ian> zakim, who's here?
16:02:23 <Zakim> Present: Ivan_Herman, keiji, Rob_Sanderson, tara, npdoty
16:02:25 <Zakim> On IRC I see mikeoneill, Ian, TimCole, npdoty, ivan, tara, shepazu, christine, keiji, azaroth, TallTed, anssik, chaals, yoav, Zakim, RRSAgent, schuki, terri, wseltzer_transit,
16:02:25 <Zakim> ... trackbot, mounir, plinss, Mek, dveditz, dustinm, mkwst, hadleybeeman
16:02:32 <Ian> present+ Ian
16:02:32 <keiji> Scribe: keiji
16:02:56 <Ian> -> https://www.w3.org/2016/Talks/ij_ping/ Slides for payments discussion
16:03:09 <Ian> present+ Christine
16:03:37 <keiji> Chritine: Guests from web annotation and web payment group
16:03:39 <ericstephan> ericstephan has joined #privacy
16:03:48 <Ian> [Doug Intro]
16:04:02 <keiji> Doug: I am team contact from web annotation.
16:04:10 <Ian> [Ian intro: 19 years at w3c, former head of comms, current payments lead]
16:04:33 <chaals> present+ chaals
16:04:43 <Ryladog> Ryladog has joined #privacy
16:04:53 <TimCole> present+ Tim_Cole
16:04:59 <keiji> Ian: also 19 years first time to join privacy group.
16:05:08 <Ian> present+ Greg
16:05:09 <Ian> present+ Joe
16:05:16 <Ryladog> Present+ Katie_Haritos-Shea
16:05:30 <azaroth> q+ to introduce self :)
16:05:41 <keiji> Ivan: from annotation group and digital publishing
16:05:46 <TimCole> q+ to introduce myself
16:06:14 <azaroth> ack azaroth
16:06:14 <Zakim> azaroth, you wanted to introduce self :)
16:06:30 <keiji> Rob: from web annotation group and digital publishing IG.
16:06:32 <JoeHallCDT> JoeHallCDT has joined #privacy
16:06:53 <TimCole> ack tim
16:06:53 <Zakim> TimCole, you wanted to introduce myself
16:06:56 <ericstephan> present+ ericstephan
16:07:03 <tara> Welcome everyone!
16:07:51 <keiji> christine:  agenda request was to put web annotation discussion 1st.
16:08:16 <keiji> … we usually have over view of the specification.
16:08:28 <gnorcie> gnorcie has joined #privacy
16:08:33 <keiji> …  who can make introduction.
16:08:43 <shepazu> q+
16:09:14 <keiji> ??? we have three specs.
16:09:26 <ivan> s/???/Rob:
16:09:48 <christine> Web Annotation Data Model URI: http://www.w3.org/TR/2016/WD-annotation-model-20160331
16:10:04 <christine> Web Annotation Vocabulary URI: http://www.w3.org/TR/2016/WD-annotation-vocab-20160331/
16:10:14 <christine> Web Annotation Protocol URI: http://www.w3.org/TR/2016/WD-annotation-protocol-20160331/
16:10:27 <keiji> Rob: purpose of the model is to describe annotations.
16:11:32 <keiji> Rob: explain the spec overviews...
16:13:51 <gnorcie> q+
16:15:20 <npdoty> +1 that spam is a key intersecting issue
16:16:07 <ivan> q+
16:16:49 <ivan> +1 to doug
16:16:57 <ivan> ack shepazu
16:16:58 <npdoty> +1 on harassment
16:17:05 <keiji> Doug: I want to know that this architecture in the charter of the WG thare are all privacy implication.
16:17:25 <shepazu> note that the WG scope is wider than the 3 specs we have, and there are potentially deeper privacy issues in the architecture itself (including harassment issues) that aren't necessarily in the scope of these specs, like finding text, tracking what users are highlighting/commenting on, private annotations, and other issues; there is an issue that an annotation service provider (including annotation aggregators) might track user visits across sites (e.g.
16:17:25 <shepazu>  traffic data), and that others might mine this data for public annotations for fingerprinting
16:18:03 <keiji> … we understand that a lot issues but today we would like to limit the scope.
16:18:29 <keiji> christine: agree that.
16:18:58 <shepazu> there's privacy issues from the sites that are being annotated, as well (e.g. that sites might snoop on readers)
16:19:23 <ivan> ack ivan
16:19:28 <keiji> tim: there are big issues beyond the spec.
16:20:12 <keiji> Ivan: the model is easy to extend.
16:20:25 <npdoty> q+ on data model for identity and audience
16:20:43 <ericstephan> +1 ivan to open and extensible
16:21:06 <shepazu> q+
16:21:13 <ivan> ack gnorcie
16:21:32 <shepazu> q+ to address opt-out
16:21:45 <keiji> gnorcie: some one might not want to have annotation so there should be some option.
16:21:56 <azaroth> q+ re opt-out
16:22:11 <npdoty> +1 on that point, we discussed that at a panel here in Berkeley yesterday
16:22:15 <ivan> ack shepazu
16:22:15 <Zakim> shepazu, you wanted to address opt-out
16:22:31 <keiji> doug: we aware this issue.
16:22:45 <keiji> … we had the conversation on opt-out issues.
16:23:00 <keiji> … abuse prevention initiatives
16:23:24 <keiji> … it is beyond annotation but this is issue W3C addresss.
16:23:32 <keiji> s/addresss/address/
16:23:54 <keiji> … I am interested in following up this opt-out mechanism.
16:24:02 <azaroth> q?
16:24:59 <keiji> Joe: having such conversation is valuable.
16:25:21 <keiji> doug:  we should continue this conversation in this group not in annotation group.
16:25:43 <npdoty> it might be useful if shepazu can follow-up on public-privacy mailing list on the more general harassment issue that applies to specs other than Annotation
16:26:26 <keiji> nick:  Question in data model part.
16:27:06 <keiji> … agent authar part
16:27:18 <keiji> s/authar/auther/
16:27:40 <keiji> … what is expected application for those
16:27:55 <keiji> … that defines privacy requirement on data model.
16:27:58 <shepazu> s/auther/author/
16:28:09 <keiji> Rob:  how the data model is used.
16:29:09 <TimCole> q+
16:29:59 <keiji> … use case and motivation are difficult questions.
16:30:11 <ivan> ack npdoty
16:30:11 <Zakim> npdoty, you wanted to comment on data model for identity and audience
16:30:51 <keiji> … you can point with URL as an author
16:31:09 <keiji> … audience we do not anticipate you will not use it for access control.
16:31:37 <keiji> … user is not a member of a class of person this annotation is not appropriate for use in access control.
16:31:52 <keiji> … may be not understood by audience.
16:32:05 <shepazu> q+
16:32:05 <ivan> ack azaroth
16:32:06 <Zakim> azaroth, you wanted to discuss opt-out
16:32:50 <keiji> … opt-out was not a web site is not wanted annotated
16:33:38 <keiji> … if you have personal note, bookmark etc… content provider do not care about it.  If you publish it many people can see it it becomes issue.
16:33:55 <npdoty> I like the foaf/URI model, but there's also other fields I don't totally understand, like a hashed-mailto address which has a privacy/security purpose that I'm not sure about
16:34:12 <ivan> ack TimCole
16:34:26 <npdoty> and I'd be interested to know more about how I would post private or access-controlled annotations
16:34:51 <keiji> tim: if you have group of people annotating different part of document.
16:35:01 <azaroth> npdoty: Yeah, that was a relatively recent addition.  It's essentially a unique identity (ala a URI) but as a string generated in a one-way fashion from the private email address
16:35:02 <JoeHallCDT> http-auth @npdoty? or is that dead
16:35:03 <keiji> tim: that could be a use case.
16:35:26 <JoeHallCDT> ah, it's cookie-like but passed in URL
16:36:05 <keiji> doug:  key is not that this things can be published it does not invade privacy.
16:36:20 <npdoty> it might be that certain things are left to implementations (like access control), but it's useful to explicitly note which things are going to be like that
16:36:39 <keiji> … people can publish more and can annotate.
16:36:59 <keiji> … in such scenario we do not have control over the annotation.
16:37:39 <keiji> … I think that we do have notion of private group different from audience.
16:38:09 <npdoty> azaroth: is the hashed email intended to be used for reputation/spam? does sha1 hash provide the level of privacy that the user expects?
16:38:24 <keiji> … we can limit access to document only for specific private group.
16:38:50 <keiji> … it is some thing like access control.
16:39:41 <keiji> christine: we need to continue this conversation on opt-out issue.
16:39:45 <npdoty> I'm happy to continue offline, but can we get a sense of the schedule for feedback?
16:39:52 <azaroth> npdoty: Yes, or at least hopefully it will contribute to personal identity management that could help with spam.  And for the second question ... we don't know! Very happy for feedback on that :)
16:39:53 <chaals> chaals has joined #privacy
16:39:57 <keiji> … we can continue over mailing list.
16:40:17 <tara> Many thanks!
16:40:24 <azaroth> Thank you for inviting us! :)
16:40:31 <ivan> thanks for having us!
16:40:43 <keiji> … this discussion is very important in PING and feel free to join our discussion.
16:41:13 <keiji> Rob: we would like to have feedback as soon as possible.
16:41:27 <npdoty> azaroth: it's helpful to have those purposes stated explicitly somewhere, so that we can evaluate whether the mechanisms satisfy those purposes
16:42:02 <ivan> q+
16:42:13 <azaroth> ack shepazu
16:42:14 <ivan> ack shepazu
16:42:16 <azaroth> ack ivan
16:42:18 <npdoty> comments requested as soon as possible, with a CR transition planned for a few weeks
16:42:36 <ivan> https://github.com/w3c/web-annotation/issues/204
16:42:49 <keiji> Ivan: there were two other comments other than opt-out.
16:43:20 <keiji> … I would welcome if there is discussion on this topic.
16:43:33 <npdoty> sure, we should send collected discussion to the contacts/group
16:43:36 <keiji> … feel free to use github issue list.
16:44:17 <Ian> topic: Payments
16:44:20 <Ian> https://www.w3.org/2016/Talks/ij_ping/
16:44:42 <keiji> Ian: answring nick question.
16:44:56 <keiji> … we are scheduling f2f in July.
16:44:58 <Ian> https://www.w3.org/2016/Talks/ij_ping/?full#2
16:45:24 <keiji> … if we can get feedback before that timming it is appreciated.
16:45:42 <Ian> https://www.w3.org/2016/Talks/ij_ping/?full#3
16:45:56 <keiji> … 15 min may be too short to discuss.
16:46:37 <keiji> … if you have expeience one click web service like uber etc.  it is what we would like to achieve.
16:46:39 <JoeHallCDT> chairs: for scheduling: I think we'll need to postpone the topic I suggested for another time (I have a hard stop and don't want to short shrift Web Payments)
16:47:31 <keiji> … payment applicaiton to priovide credential.  When you click buy button how the browser react would be defined.
16:47:55 <keiji> … harmonized payment experience accross web sites.
16:48:19 <keiji> … being presented choinces and user choose etc.
16:49:11 <keiji> … makeing digita wallet on web possible.
16:49:35 <Ian> https://www.w3.org/2016/Talks/ij_ping/?full#4
16:49:48 <keiji> … there are many restriction around digital wallet.
16:50:12 <keiji> … explains First Public Working Drafts.
16:53:20 <keiji> … we define how to make payment out of browser.
16:53:24 <Ian> https://www.w3.org/2016/Talks/ij_ping/?full#6
16:53:30 <keiji> … there may be some other privacy issues.
16:55:45 <christine> q?
16:55:46 <keiji> … how much merchant can know method of payment from user side.
16:56:00 <npdoty> q+ on client-side
16:56:47 <keiji> nick:  question on client-side credential.
16:56:49 <shepazu> q+
16:56:56 <JoeHallCDT> regrets, I have to leave the call!
16:56:57 <JoeHallCDT> cheers
16:56:59 <JoeHallCDT> JoeHallCDT has left #privacy
16:57:42 <keiji> … you suggest transaction can be done through client side?
16:58:07 <shepazu> q-
16:58:15 <npdoty> ack me
16:58:15 <Zakim> npdoty, you wanted to comment on client-side
16:58:20 <keiji> Ian: Longer term scope include various kind of payment method.
16:58:22 <shepazu> for tokenization, think of a nonce
16:58:50 <christine> q?
16:59:00 <keiji> … we are moving the direction only provide less information.
16:59:25 <shepazu> q+
16:59:52 <keiji> Ian: Bank and merchant are interested in fraud prevention.
17:00:04 <npdoty> yeah, I think it's similar to the spam discussion in annotation
17:00:21 <keiji> … that is topic we did not mention.
17:00:26 <npdoty> there are attacks on security that implementers will need to respond to, and there are often going to be privacy implications about that response
17:00:58 <ericstephan> great discussion, thank you.  Gotta run
17:01:01 <azaroth> q?
17:01:05 <Ian> (People may wish to comment on the editor's drafts, which are likely to be more up to date with improvements)
17:01:23 <keiji> doug: I am interested in talking on block h
17:01:25 <npdoty> ack shepazu
17:01:32 <npdoty> s/block h/blockchain/
17:01:43 <keiji> … and identity.
17:02:38 <npdoty> yeah, thanks all for presenting your works in progress
17:02:43 <npdoty> 26 May?
17:02:54 <Ian> IJ: Thank you all!
17:02:57 <keiji> next call May 26th.
17:03:02 <azaroth> Thanks all and bye!
17:03:20 <azaroth> azaroth has left #privacy
17:04:13 <keiji> RRSagent, make minutes
17:04:13 <RRSAgent> I have made the request to generate http://www.w3.org/2016/04/28-privacy-minutes.html keiji
17:10:48 <Ian> Ian has left #privacy
17:11:23 <keiji> RRSAgent, make logs public
17:13:02 <yoav> yoav has joined #privacy
17:18:32 <keiji> keiji has joined #privacy
17:57:26 <chaals> chaals has joined #privacy
18:14:18 <yoav> yoav has joined #privacy
18:28:47 <Zakim> wseltzer, you asked to be pinged at this time
18:31:32 <yoav> yoav has joined #privacy
19:05:43 <yoav> yoav has joined #privacy
19:28:01 <Zakim> Zakim has left #privacy
20:53:35 <keiji> keiji has joined #privacy
21:38:15 <yoav> yoav has joined #privacy
23:34:04 <keiji> keiji has joined #privacy