See also: IRC log
<npdoty> (how many pieces of software does WebEx require you to install these days?)
<tara> more than 9000
<barryleiba> Billions and billions.
<tara> Giving a moment for folks to join...
agenda item 1: privacy review requests
<tara> Remote Playback API
<tara> http://w3c.github.io/remote-playback/
until Jan 30 for review
<tara> WebRTC Statistics API
also for Web RTC
<tara> https://www.w3.org/TR/2016/WD-webrtc-stats-20161214/
short time frame - looking for comments
<tara> Screen Orientation API
<tara> https://www.w3.org/TR/screen-orientation/
3rd request is screen orientation API
<tara> https://www.w3.org/TR/security-privacy-questionnaire/
<tara> https://github.com/w3c/screen-orientation/issues
they used the draft questionnaire
<tara> IndexedDB API
4th request
<tara> https://www.w3.org/TR/IndexedDB-2/
<tara> https://github.com/w3c/IndexedDB/issues/
they were looking for comments, PING did not provide comments in timeframe - Tara asked if comments are still welcome
Wendy mentioned that there might be some concerns
deadline for the 3rd request is 12 Feb
time to make comments
<mikeoneill> +q
tara asking for volunteers
mike looked at indexDB, might say something over the weekend - the basic privacy danger is that the third party could use indexdb to track you - like you can with local storage to re-enliven cookies
mike: issue of third parties
having access to storage in browsers - is the broader
issue
... relevant is the ePrivacy directive
browsers are obliged under the proposal to guard access by third parties of storage within browsers
mike continued - we should have a general discussion about Web RTC
local IP address issues
<tara> Christine - the exposure of local IP address in WebRTC has been an ongoing issue for W3C and IETF specs
<tara> Christine: we're in a better position now; Nick?
<tara> Nick: suggestion was for different modes; default mode would expose only RFC 1918 local IP addr (auto-config, not one hidden behind VPN)
tara to send a call to list for volunteers for reviews
agenda item 2: I-D ACTION: draft-ietf-httpbis-client-hints-03.txt
<tara> https://datatracker.ietf.org/doc/draft-ietf-httpbis-client-hints/
<tara> https://tools.ietf.org/html/draft-ietf-httpbis-client-hints-03
for indicating preferences ... discussion around identifiability
as a result of 'hints'
<npdoty> mikeoneill: I think this might be the right one https://www.ietf.org/id/draft-ietf-rtcweb-ip-handling-03.txt
mark n and nick replied on list
mike: did you get a reply to your comment? (asking Nick)
nick: I think so, he had some questions or request, have some follow-up to do
<npdoty> Mark replied on Christmas day: https://lists.w3.org/Archives/Public/public-privacy/2016OctDec/0065.html
tara: is anyone here following the work in IETF (from PING)?
Barry is following HTTP group in general but not everything they are doing, will take a quick look at the doc
nick: might be useful, it made me wonder what other specs might be doing other things
barry: we should look at what the group is putting out, will put on my queue - mark is on group and liasion to IETF, so presume he is alert - he sent this one (for example)
agenda item 3 - ePrivacy directive
tara: some items more relevant for tracking protection wg, perhaps
<npdoty> christine: on my list as well, question: brought up in the Tracking Protection WG, but does anyone know what they plan to do?
<npdoty> mikeoneill: haven't discussed it yet, though it's on the tpwg mailing list
mike: we need to monitor
... browsers would have a legal obligation to protect personal
data of the user
... because they have to ask and register consent
... see what I have written (link above)
... potentially a big legal obligation
... quite important and ties to our work here
tara: thanks to the link to the analysis
<tara> ach mik
<tara> Privacy questionnaire
agenda item 4 - privacy questionnaire
<tara> Christine renewing effort in new year to address questionnaire
<tara> Will be done in chunks of work instead of one lot of work
<npdoty> +1, I like the idea of working on particular pieces
agenda item 5 - summary of security IG call
tara: fairly short call, core participants
charter was updated and renewed
<npdoty> https://www.w3.org/2011/07/security-ig-charter.html
thinking about how to manage the security reviews
need people with the right amount of expertise and how to do that
manage workload
question around the development of the questionnaires
interested in knowing how PING work on questionnaire proceeds
update security wiki
relevant issues in the press, who does reviews, etc
sam: biggest // is around reviews
nick: curious about the size of the group and the reviews q
if smaller than this group and both struggling to get reviews, wonder if we should combine?
sam: you are on the right track
should combine where we can
<tara> Christine: we should renew the practice of inviting a rep from the group
<tara> For a robust discussion of issues
<tara> We could also invite the security IG rep at that time
<tara> And then we get one combined discussion
nick: enough overlap to do collaboration
tara: heads-up one in the planning
mike: re WebRTC statistics thing,
maybe we could meet with Security IG
... will look into over the next week or so
... ask WebRTC people to give a presentation
tara: Web payments looking to
talk to us in Feb
... choose a time for the next call
<npdoty> 16 February?
16 Feb?
RSA conflict
9 Feb?
tara: propose 16 Feb
sam: reminder to give early notice to all include web sec
<Marc> Goodbye
<npdoty> weiler, can we make the minutes public?
This is scribe.perl Revision: 1.148 of Date: 2016/10/11 12:55:14 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) No ScribeNick specified. Guessing ScribeNick: christine Inferring Scribes: christine WARNING: No "Topic:" lines found. Present: weiler keiji npdoty christine barryleiba mikeoneill tara Got date from IRC log name: 19 Jan 2017 Guessing minutes URL: http://www.w3.org/2017/01/19-privacy-minutes.html People with action items: WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option. WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report[End of scribe.perl diagnostic output]