Privacy Interest Group Teleconference -- 23 Jun 2016

<keiji> Thank you!

<keiji> password for what? wendy?

<keiji> I think you do not need to use password for web-ex

<keiji> I updated the list for review request please let me know if I miss something.

<keiji> https://www.w3.org/wiki/Privacy/Privacy_Reviews

<tara> Thanks, Keiji!

Agenda item 1: Welcome and introductions

<keiji> scribe: christine

<scribe> New person: Sam Weiler (new W3C staff member)

<npdoty> welcome!

Other agenda items?

2. Follow-up on WebRTC spec (see [1])

<tara> https://github.com/w3c/webrtc-pc/issues/690

https://github.com/w3c/webrtc-pc/issues/690

<npdoty> christine: asked to look at aspects of WebRTC that we've looked at before

<npdoty> ... Greg provided some comments in Github (see above)

<npdoty> ... as to what "mode" of local IP address is provided

<npdoty> ... at last IETF meeting, there was discussion about these different modes

<npdoty> https://tools.ietf.org/html/draft-ietf-rtcweb-ip-handling-01

Christine read out the discussion in https://github.com/w3c/webrtc-pc/issues/690

<npdoty> wseltzer: lengthy companion IETF document on privacy issues and modes

@nick, thanks for taking over scribing

Nick - see document - https://tools.ietf.org/html/draft-ietf-rtcweb-ip-handling-01 - defines the 4 modes

which can be all private local IP addresses up to none

Greg's q is what the default mode is?

<wseltzer> [[ We recommend Mode 1 as the default behavior only if cam/mic

<wseltzer> permission has been granted, or Mode 2 if this is not the case.

<wseltzer> Uberti & Shieh Expires September 21, 2016 [Page 5]

<wseltzer> Internet-Draft WebRTC IP Handling March 2016

Don't know if that defines it

<wseltzer> Users who prefer Mode 3 or 4 should be able to select a preference or

<wseltzer> install an extension to force their browser to operate in the

<wseltzer> specified mode.]]

Nick - even mode 2 which may be intended to be the default mode, could still be used to fingerprint the user, but will not reveal where in the world they are

Nick - so I think it is just a question of default

Wendy pasted in the relevant part - default is mode 2

Nick - may be an issue that the most common use of the spec might be for fingerprinting

Christine asked where should the warning go about fingerprinting - W3C spec or IETF spec or?

Nick - give the advice to the W3C people - that they should at least note it

Sam - guessing warnings like this need to go in both

<npdoty> I think there is a note about the risk in the webrtc document

<npdoty> at least, in the editor's draft

Christine - agree would be good to make sure this risk is noted in the W3C spec

Wendy - that IETF document is about the privacy concerns - addresses all these issues

Tara - follow up?

Christine - maybe discuss with Greg and add to the discussion he is already having with the WG in github

Nick - will take the task to mention the research paper from Princeton to the WG

to the WebRTC WG

Agenda item 3 3. Performance APIs, Security and Privacy [2]

<tara> Performance APIs, Security and Privacy

https://w3c.github.io/perf-security-privacy/

<tara> What is the status of this item?

<wseltzer> [wseltzer raised two issues: https://github.com/w3c/perf-security-privacy/issues ]

<tara> Authors reached out to ask for feedback; we invited them to the call but sadly they are not available.

<tara> They are pointing to the fingerprint doc and the privacy questionnaire

<tara> Published as working draft of a note.

Wendy put some comments in github, others are encouraged to do so too

<tara> Privacy questionnaire

<tara> We all need to put more time into this effort. Get it out before the end of the year.

<npdoty> +1, I have the same consideration for the fingerprinting doc

Wendy - can call for consensus to publish and do so, but if further changes needed do that first

Nick - re fingerprinting - some changes need to be made based on feedback - needs some examples and the paper I mentioned has some examples - on my to do list - hope to have before the next call

Wendy - AOB - Tracking Protection WG is coming to a close - specs are in candidate recommendation and a charter coming to an end - since seeing low adoption of the DNT signal response - likely to close the WG

or suspend and invite people to join PING

Christine - that would be great to have the extra help

<npdoty> weiler, yep, that's on me

Wendy clarified - PING is not for further discussion of tracking documents - PING is for privacy considerations and reviews - gives those poeple at new place to continue discussion on how to advance privacy on the Web

<Zakim> wseltzer, you wanted to ask nick, hrm?

Wendy - would recharter Tracking Protection WG if needed

<tara> Info sharing re Web privacy threats, mitigations, etc.

<tara> A chance for people to contribute any items of interest to thr group

<tara> IEEE S&P: some discussion of sensors being used to detect other things.

<tara> gyroscope being used to detect same person on other site?

Nick to send a pointer

<tara> Wendy: lot of data breach news. Web Auth group is working on dropping reliance on passwords

Wendy - inreasing numbers of data breach notifications, your passwords may have been compromised - Web Auth WG is working to mitigate that problme by decreasing reliance on password - juts published 1st WD

<tara> Expect a call for review soon!

<tara> Also from the Social WG.

Wendy expect review request and reviews request from the social WG

<wseltzer> https://w3c.github.io/webauthn/

Wendy - going into details - model of Web Auth - 3 part system - a local authincator, a local lcient and relying party

Wendy - local client = web server

intersting privacy questions include - are we properly making the authentications unlinkable?

and the current hot q in group is around extensions to the protocol - if an authenticator wants to add aditional information at the relying party's request - do we have sufficient privacy protections?

hope people will look at these issues

Sam - adding to what Wendy said - discussing internally, do we need to look at new work on how to delegation on authorisation?

Sam - if look how people share passwords - scope a site specific credential?

Sam - one downside of the Web Auth - might make tight sharing of we credentials hard

Sam - how do you do delegation of authorisation - discussing internally?

Nick - is this issue, new technology? or Web sites have not built into?

Sam - would like to see technology that they don't evne need to be aware of - so we do need new technology - if they implement Web Auth - delegations comes along for free

<npdoty> that seems difficult to insulate from the application

<npdoty> but certainly an interesting challenge

Keiji - the delegation issue is intresting for discussion, but should we cover in this group as a privacy issue

Sam - probably not - just wanted to provide a little context

<npdoty> will the Web Authentication group look at delegation of authorization? that seems probably outside of their scope

Wendy - we could be a good place to think about it - as it becomes an issue - there are more and less privacy solutions for delegations

privacy first thinking could get us to better solutions

Keiji - that makes sense - but the main issue is usability and functionality (just my feeling)

Wendy - yes, we don't design the protocols here

Keiji - K and Wendy received a contact from Privacy Management Forum from TM (?)

interested in standardisations and would like to communicate with us (TM Forum)

<keiji> www.tmforum.org<http://www.tmforum.org>).

Keiji - welcoming views, input

<tara> Hello Marta (from Blockchain)

<wseltzer> https://www.w3.org/2016/04/blockchain-workshop/

Marta from Blockstream - first call - having the blokchain meetup in Boston next week - will be discussing privacy there - please contact me if interested

can decide what activities are worth pursuing in this area

next call 28 July

- DRAFT -

Privacy Interest Group Teleconference
23 Jun 2016

Attendees

Contents

Summary of Action Items

Summary of Resolutions

Scribe.perl diagnostic output