23:58:22 <RRSAgent> RRSAgent has joined #dap
23:58:26 <RRSAgent> logging to https://www.w3.org/2025/11/12-dap-irc
23:58:26 <Zakim> RRSAgent, make logs Public
23:58:27 <Zakim> please title this meeting ("meeting: ..."), anssik
23:58:27 <anssik> Meeting: Devices and Sensors WG + WebApps WG F2F – 13 November 2025
23:59:38 <anssik> Chair: Anssi, Reilly, Marijn, Diego
23:59:44 <anssik> Agenda: https://github.com/w3c/das-wg/issues/76
23:59:44 <gb> https://github.com/w3c/das-wg/issues/76 -> https://github.com/w3c/das-wg/issues/76
23:59:48 <anssik> Scribe: Anssi
00:00:09 <anssik> scribeNick: anssik
00:00:22 <anssik> Present+ Anssi_Kostiainen
00:00:29 <anssik> Present+ Matt_Reynolds
00:00:34 <Mek> present+ Marijn_Kruisselbrink
00:00:34 <anssik> Present+ Reilly_Grant
00:00:38 <anssik> Present+ Marijn_Kruisselbrink
00:01:09 <anssik> Present+ Diego_Gonzalez-Zuniga
00:01:21 <anssik> Chair: Anssi, Reilly, Marijn, Diego, Marcos
00:01:30 <anssik> Present+ Vincent_Scheib
00:01:37 <anssik> Present+ Mike_West
00:02:23 <anssik> Present+ Marian_Harbach
00:02:33 <anssik> Present+ Marcos_Caceres
00:02:40 <anssik> RRSAgent, draft minutes
00:02:41 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
00:02:54 <anssik> Regrets+ Leonie_Watson
00:03:02 <anssik> RRSAgent, draft minutes
00:03:03 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
00:03:58 <atsushi> atsushi has joined #dap
00:03:58 <anssik> Present+ Will_Morgan
00:04:57 <anssik> Present+ Atsushi_Shimono
00:05:02 <xiaoqian> xiaoqian has joined #dap
00:05:03 <anssik> RRSAgent, draft minutes
00:05:04 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
00:05:10 <anssik> Topic: Welcome
00:05:35 <anssik> -> Agenda https://github.com/w3c/das-wg/issues/76
00:05:35 <gb> https://github.com/w3c/das-wg/issues/76 -> Issue 76 Devices and Sensors WG - TPAC 2025 agenda (by anssiko)
00:05:39 <anssik> -> IRC https://irc.w3.org/?channels=#dap
00:05:44 <anssik> Anssi: Welcome to the Devices and Sensors WG and WebApps WG joint F2F!
00:06:51 <antosart> antosart has joined #dap
00:07:03 <anssik> Present+ Ananya_Kittane_Yogananda
00:07:19 <antosart> Present+ Antonio_Sartori
00:07:40 <scheib> present+
00:08:05 <anssik> Subtopic: Intros
00:08:14 <anssik> Anssi: familiar faces, also new folks
00:08:30 <anssik> ... joining as new Will from iProov and Ananya from Samsung
00:09:07 <tidoust> tidoust has joined #dap
00:09:14 <anssik> Present+ Antonio_Sartori
00:09:23 <anssik> ... Antonio from Chrome working on permissions
00:09:46 <liminzhu> liminzhu has joined #dap
00:10:53 <anssik> Topic: Geolocation permission element
00:11:15 <tomayac> tomayac has joined #dap
00:11:19 <anssik> Maryan: we try to me UX better showing the prompt in context
00:11:27 <tomayac> Present+ Thomas_Steiner
00:11:30 <anssik> ... site is able to control timing, but we don't want to overload the user with prompts
00:11:37 <anssik> ... we're looking for a better signal to show prompts
00:11:46 <anssik> ... we can get into and revisit
00:12:00 <anssik> ... we believe the path forward is to get the signal upfront
00:12:11 <anssik> ... people click on things all the time not connected with activity
00:12:21 <anssik> ... user in the driver's seat
00:12:39 <anssik> ... we propose geolocation element aka PEPC
00:12:52 <anssik> ... discussed in Seville initially
00:13:28 <anssik> ... geolocation element is a button on the page, when clicked it is equivalent of getGeolocation call
00:13:45 <anssik> ... we prescribe the text and icon, allow some styling and want the signal to be of high quality
00:13:54 <anssik> ... in essence the element is a functional part of the site
00:13:55 <anssik> q?
00:14:11 <anssik> ... developer get the element from the page
00:14:20 <anssik> ... I share a code demo, how this could look like
00:14:43 <anssik> ... inside the function we can access the position property, if unvailable, we handle that separately
00:14:52 <anssik> ... for many use cases no need to call the JS separately
00:15:28 <anssik> ... this way the user does not see the prompt, clicking on the element allows users to grant permission even if they ignored an earlier request
00:15:58 <tomayac> RRSAgent, draft minutes, s'il vous plaît
00:15:58 <RRSAgent> I'm logging. I don't understand 'draft minutes, s'il vous plaît', tomayac.  Try /msg RRSAgent help
00:15:58 <anssik> ... real-life example of the UX in Chrome
00:16:21 <tomayac> RRSAgent, draft minutes
00:16:22 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html tomayac
00:16:29 <anssik> ... this UX is in Chrome OT
00:16:57 <anssik> q?
00:17:29 <anssik> Dan: because you know the user understands what s/he is clicking, showing a prompt makes this less confusion?
00:17:37 <anssik> Marian: right, we can do that in the moment
00:17:46 <anssik> Dan: this raises your confidence there's no mistake this this UX
00:18:15 <anssik> Marian: developers are excited about this, they don't need to design UI with arrows pointing to top left, for example
00:18:40 <anssik> Mike: the reason we use this presentation is we have a strong signal, APIs currently can be cannot for any reason and don't have this signal
00:19:05 <anssik> Reilly: this flow forces user to make a decision
00:19:32 <anssik> Marcos: I Safari we did that
00:20:10 <anssik> Mike: Chrome's position is it is sometimes better to make prompts quieter and sometimes louder, have a signal that informs us
00:20:11 <anssik> q?
00:20:33 <anssik> ... you can change Safari's signal I assume
00:20:39 <anssik> Marcos: not necessarily
00:20:52 <anssik> Present+ Daniel_Murphy
00:21:16 <anssik> Marian: I mentioned there are some security or integrity guarantees we provide, the user saw a button "use location" in some form
00:21:27 <anssik> ... we lock down the content
00:21:41 <anssik> ... if the language is available we use that, otherwise browser locale
00:21:50 <anssik> ... element is fully controlled by browser
00:22:06 <anssik> ... in these cases we check the button is fully visible with adequate contract wrt background
00:22:13 <anssik> q?
00:22:34 <anssik> Anssi: do you handle non-trivial cases like transparency?
00:22:45 <anssik> Mike: we map the rules we have
00:23:36 <tomayac> Intersection Observer v2: https://web.dev/articles/intersectionobserver-v2
00:23:51 <anssik> Marcos: these are parts of intersection observer v2 that are unimplementable on the WebKit side or add more complexity we are willing to add
00:24:04 <anssik> ... shadows and hit testing, for example
00:24:31 <anssik> ... we want a simple model, on the iOS side there's occlusion and transparency and that has served the iOS platform well
00:24:37 <anssik> ... we should start with a small set
00:24:46 <anssik> Mike: I'm interested in finding a compromise here
00:25:36 <anssik> ... it seems easier to remove restrictions than add them, and the set of things we're working on is the max set of restrictions, and as we learn what developers want and intersect with heuristics
00:25:47 <anssik> ... the path we plan to take is we start with vital restrictions
00:26:02 <anssik> ... we are open to feedback and want to take any learnings into consideration we have now
00:26:25 <anssik> Marcos: base styling and static elements put too many restrictions, given Geolocation API is the fallback
00:26:37 <anssik> ... not much to add in terms of restrictions
00:26:50 <anssik> Mike: we present the prompt in terms of the signal we get
00:26:56 <anssik> q?
00:27:09 <anssik> Marcos: significant issue of the design is to have an element on the page
00:27:09 <anssik> q?
00:27:41 <anssik> q?
00:27:56 <kagami> kagami has joined #dap
00:27:59 <MarianH> MarianH has joined #dap
00:28:25 <antosart> q+
00:28:27 <anssik> Marcos: example is Uber, with an order button in icon mode, when watching location and the element goes away, questions like that
00:28:29 <anssik> q?
00:28:35 <mkwst> mkwst has joined #dap
00:28:53 <mkwst> q+
00:29:07 <anssik> antosart: I want to ask whether we do need to have the same restriction that behaves differenty
00:29:13 <anssik> ... you can always fall back to the old prompt
00:29:13 <anssik> q?
00:29:16 <anssik> ack antosart
00:29:19 <anssik> ack mkwst
00:29:27 <anssik> Mike: it is possible to use the same prompt
00:29:49 <anssik> ... the primary goal is to distinguish the cases, and make it easy for the user to grant permission to the site
00:29:54 <anssik> ... we don't have that singla
00:30:03 <anssik> s/singla/signal
00:30:15 <anssik> Mike: current implementation does not allow the use of element when styling it
00:30:27 <anssik> ... amazing presentaion
00:30:30 <kagami> q?
00:30:35 <kagami> q+
00:30:35 <anssik> s/presentaion/presentation
00:30:54 <anssik> Mike: presence of the element on the page, there are two ways developers use this element
00:31:05 <anssik> ... 1) gather the information in the moment and execute the task
00:31:17 <anssik> ... 2) to gather the permission on an ongoing basis
00:31:29 <anssik> ... there are a number of ways we can explore to use the API
00:31:49 <Alvin-Ji> Alvin-Ji has joined #dap
00:31:50 <anssik> ... personal opinion is, good to encourage developers to make it visible on the page the location is being used
00:31:52 <anssik> q?
00:32:17 <anssik> ack kagami
00:32:40 <anssik> kagami: intersection observer v2 usage, we have a popover there, can we do a similar thing for the element too?
00:33:02 <anssik> Mike: yes, we rely on intersection observer as a runtime evaluation so the user can actually see it
00:33:12 <anssik> ... we force the element to be on the top
00:33:14 <anssik> q?
00:33:23 <tomayac> q+
00:33:34 <anssik> Mike: better to force the element be on top
00:33:34 <anssik> q?
00:33:55 <anssik> kagami: not sure how the intersection observer can show up in the spec...?
00:34:29 <anssik> Mike: only thing that occurs to me is we have a case where developers render a button and search has a popup, and regulators want to have a popup
00:34:45 <anssik> ... current implementation allows us to put something on top of the element
00:34:46 <anssik> q?
00:35:25 <anssik> Anssi: <input type=file> learnings?
00:35:32 <anssik> Mike: great example to dig into more
00:36:06 <anssik> ... wrt the thing that happens when you click on that element, I suggest the prompt mechanism we have in place, prompt mechanism is a sufficient bar to abuse, the file picker dialog
00:36:35 <anssik> ... there are a lot of capabilities on the web that have a lower bar to entry and in those cases having high quality signal is useful allow us to represent
00:36:48 <anssik> ... the original proposal we talk about permission element is one-size-fits-all approach
00:37:00 <anssik> ... generally any information we ask for, fits that model
00:37:08 <anssik> ... more tailored to a specific thing we ask for
00:37:33 <anssik> ... we have a different set of heuristics for geolocation, notifications, or getDisplayMedia
00:37:44 <Marcos> Marcos has joined #dap
00:37:44 <anssik> ... we have more confidence for a picker style UI
00:37:46 <anssik> q?
00:37:49 <Marcos> q+
00:38:26 <anssik> Marian: <input type=file> was restricted and geolocation element is more relaxed in terms of presentation
00:38:29 <anssik> q?
00:39:07 <anssik> Marcos: given it is the form, clicking on label triggers the form
00:39:28 <anssik> Mike: we don't allow label clicking to trigger geolocation element
00:39:29 <anssik> q?
00:39:31 <anssik> ack marcos
00:39:59 <Marcos> q+
00:40:03 <anssik> tomayac: for Marcos' point element consuming space, I think would be possible to remove the element if the prompt action happened, so that it is only shown when needed?
00:40:05 <mkwst> (But note that the label is _always_ directly included in the button.)
00:40:13 <anssik> Marcos: it is still an element in the DOM then
00:40:20 <anssik> tomayac: can remove it from the DOM?
00:40:30 <anssik> Marcos: not attached to the DOM then
00:40:42 <anssik> ... maybe the element should not be able to watchPosition
00:40:59 <anssik> Reilly: you should give the user more explicit signal
00:41:10 <anssik> tomayac: stop watching if the element is removed from the DOM?
00:41:42 <anssik> Mike: excited about exploration
00:41:42 <anssik> q?
00:41:52 <anssik> Reilly: 5 min time check
00:41:54 <anssik> q?
00:41:57 <Marcos> q+
00:42:10 <anssik> ack tomayac
00:42:19 <anssik> ack Marcos
00:42:52 <anssik> Marcos: the original PEPC had a notion of recoverability, not possible to do that on Apple's platform. when installed it becomes part of the OS
00:42:53 <anssik> q?
00:43:15 <anssik> ... no way to recover, must go to open settings
00:43:38 <anssik> Mike: different platforms differ here
00:43:46 <anssik> Marcos: API to go to settings page?
00:44:04 <anssik> Mike: using such an API would be more palatable fi we know for sure what the user wants
00:44:37 <anssik> Reilly: we need more steps on the OS level to guide, take responsibility, I understand iOS is more integrated
00:44:57 <anssik> Marcos: can't be an expectation for the PEPC proposal, platform limitations need to be considerations
00:44:59 <MarianH> q+
00:45:03 <anssik> Mike: I understand these limitations
00:45:04 <anssik> q?
00:45:11 <anssik> q?
00:45:15 <anssik> ack MarianH
00:45:46 <anssik> Marian: OT participants are excited about the recovery bit, camera and mic, also for geolocation
00:45:46 <anssik> q?
00:46:29 <anssik> Mike: even when we cannot recover, the browser knows it has geolocation
00:46:31 <anssik> q?
00:46:47 <anssik> Marcos: ask is to consider installed app to be tightly integrated into the OS
00:46:48 <anssik> q?
00:47:24 <anssik> Mike: iOS is special, we are dependant on y'all to help here
00:47:36 <willmorgan> willmorgan has joined #dap
00:47:41 <anssik> Reilly: Chrome for Android we do something similar, we will consider this feedback in the design
00:47:42 <anssik> q?
00:47:45 <willmorgan> q+
00:47:54 <anssik> ... we are at the end of the timebox
00:48:04 <anssik> Mike: we want more people to use this
00:48:24 <anssik> Mike: kagami's intersection observer feedback is very helpful
00:48:47 <anssik> Mike: if there are fundamental objections we need to proceed more carefully
00:48:48 <anssik> q?
00:48:50 <anssik> ack willmorgan
00:49:04 <mkwst> (If no fundamental objections, we want to ship.)
00:49:13 <anssik> willmorgan: PWA use case, at the point of install, would be the right moment to ask for this permission and otherwise block
00:49:45 <anssik> Marcos: design is for time of use
00:50:05 <anssik> ... having said that, Uber app for example asks for location right when I start the app
00:50:35 <anssik> Marian: runtime permissions where the Android model and it created some pretty serious privacy issues
00:50:37 <anssik> q?
00:50:51 <anssik> Marian: asking permissions as a requiment for installation did not work out well
00:50:52 <anssik> q?
00:51:31 <anssik> Topic: Approximate Geolocation
00:52:24 <Marcos> Marcos has joined #dap
00:52:36 <anssik> gb, this is w3c/geolocation
00:52:36 <gb> anssik, OK.
00:52:56 <anssik> Anssi: previous topic was issue #196
00:52:56 <gb> https://github.com/w3c/geolocation/issues/196 -> #196
00:52:57 <mattreynolds> Approx Geolocation slides: https://docs.google.com/presentation/d/1HRut4OLs6WRoINrzbrqSywVJtWs0F6GublKZxko_5nA/edit?slide=id.p#slide=id.p
00:53:17 <anssik> Anssi: and this issue, approximate geolocation, is issue #195
00:53:18 <gb> https://github.com/w3c/geolocation/pull/195 -> Pull Request 195 Add support for approximate geolocation (by alvinjiooo) [TPAC2025]
00:53:57 <anssik> Matt: working with Antonio and Alvin on approximate geolocation
00:54:19 <anssik> ... we want to mitigate risk of exposing precise geolocation, want to make this safer, and comply with legal requirements
00:54:47 <anssik> ... e.g. in California we have specific requirements, different in rural locations
00:55:15 <anssik> ... we want to see if we can rely on platform location, most platforms where Chrome runs we pass flags to do this
00:55:32 <anssik> ... e.g. iOS and Android have an approximate concept
00:55:48 <anssik> ... Windows has an option to fallback with accuracy levels
00:56:19 <anssik> ... does not work with WiFI AP, might be functional now?
00:56:32 <anssik> ... on iOS there's a switch to enable and disable precise geolocation per app
00:56:34 <tomayac> Just for fun: early 2008 mock of approximate geolocation access: https://web.archive.org/web/20080512172655im_/http://azarask.in/blog/wp-content/uploads/2008/05/geolocation-security-mockup-export.png (Source: https://web.archive.org/web/20080512172655/http://www.azarask.in/blog/post/geolocation-in-firefox-and-beyond/).
00:56:52 <anssik> ... we want to expose new permission level and allow users to downgrade
00:57:17 <anssik> ... sites can function and request approximate geolocation, user agent can return and obfuscate the precise
00:57:42 <anssik> ... geolocation approximate concept was introduced, not all combinations possible
00:57:55 <anssik> ... if you grant precise you also grant coarse geolocation
00:58:19 <anssik> ... new PositionOptions changes
00:58:28 <anssik> ... accuracyMode
00:58:45 <anssik> ... we have enableHighAccuracy, why not reuse it?
00:59:12 <anssik> ... does not provide guarantees, many platforms will still try to use precise location
00:59:25 <anssik> ... many sites pass false here, so we don't want to regress the apps
00:59:32 <anssik> ... defaults to false
00:59:33 <anssik> q?
00:59:51 <anssik> Matt: what should the old do when the new feature is there?
01:00:18 <anssik> Reilly: modern devices use more complex behavour, does not map to enableHighAccuracy
01:00:27 <anssik> Marcos: on legacy system it does not matter?
01:01:10 <anssik> Reilly: you propose to use the existing value but change to string?
01:01:29 <anssik> Marcos: correct, stringifies to "true", "false" and "precise"
01:02:04 <anssik> [ add Marcos' WebIDL gymnastics joke ]
01:02:20 <anssik> q?
01:02:57 <anssik> Matt: proposing GeolocationPosition changes
01:03:01 <tomayac> https://chromestatus.com/metrics/feature/timeline/popularity/5320
01:03:04 <anssik> ... accuracyMode attribute
01:03:23 <anssik> ... may not be the same as if user's downgrade
01:04:58 <anssik> Reilly: 2.6% of pages using geolocation set enableHighAccuracy per Chrome metrics
01:05:26 <anssik> Matt: Permissions API integration changes
01:05:59 <anssik> antosart: getCurrentPosition prompts, then Permissions API query() returns "granted"
01:06:00 <anssik> q?
01:06:28 <anssik> antosart: if only approximate geolocation is granted, this returns "ask" or "deny"
01:06:34 <anssik> ... open to revisit this
01:06:36 <Marcos> Marcos has joined #dap
01:06:48 <Marcos> q+
01:07:13 <anssik> ack Marcos
01:07:51 <anssik> Marcos: an idea, related to the problem around precision, what if we fix that and get half off way from the circle, that tells you how close you are
01:08:30 <anssik> Reilly: key thing, browser tells I only give you approximate geolocation
01:08:42 <anssik> Marcos: as a user I might not tell the truth
01:08:58 <anssik> Reilly: user wants to lie to the site I'm precisely here even if I'm not
01:09:16 <anssik> Present+ Vincent_Scheib
01:09:41 <anssik> Marcos: my phone may not get a GPS lock, I might be revealing too much
01:09:51 <anssik> Reilly: faking the location would not be a reliable privacy shield
01:10:29 <anssik> Marcos: I want to further investigate accuracyMode in permission status
01:10:54 <anssik> Matt: we get accuracy value in the object, can look at that, could look at that also
01:10:57 <anssik> q?
01:11:52 <anssik> Matt: what requirements we should have for the algorithm to generate estimated location
01:12:08 <anssik> ... Mozilla has one algorithm implemented as an extension
01:12:17 <anssik> ... Apple has its own algorithm
01:12:42 <anssik> ... we don't know if these algorithms meet specific requirements, can't ask for implementers to do that
01:13:06 <anssik> ... we can guarantee "coarsened position estimate"
01:13:28 <anssik> ... multiple estimates collected over time can generate a more precise estimate
01:13:48 <Marcos> q+
01:13:53 <anssik> ... guarantees for developers, can satisfy some legal requirements
01:13:55 <anssik> q?
01:14:13 <anssik> ack Marcos
01:14:27 <anssik> Marcos: the platform dependency is visible here
01:15:23 <anssik> Matt: want to bring this feature to platforms that do not have support for approximate geolocation
01:15:43 <anssik> ... precise location reconstruction, reduce time resolution
01:15:56 <anssik> Marcos: standard per platform?
01:16:14 <anssik> Matt: not fully researched yet
01:16:36 <anssik> [ Matt shows a demo! ]
01:18:55 <anssik> Marcos: WebKit is broadly excited about this feature
01:19:19 <kagami> kagami has joined #dap
01:19:22 <anssik> tomayac: Android allow precise and non-precise location, this UI demoed will not show you that option?
01:19:24 <kagami> q+
01:19:56 <anssik> antosart: in page setting you see a message only approximate geolocation is allowed, a trade-off
01:20:10 <anssik> ack kagami
01:20:22 <anssik> kagami: a question about watchPosition and approximate geolocation
01:20:36 <anssik> ... what is the expected UX there, what happens in native apps then?
01:20:52 <anssik> Matt: watchPosition and approximate, not well defined yet
01:21:05 <anssik> ... we are going to say you only get an estimate every one minute or so
01:21:07 <anssik> q?
01:21:15 <anssik> RRSAgent, draft minutes
01:21:16 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
01:21:22 <MarianH> side note: <geolocation> element slides: https://docs.google.com/presentation/d/1IzZDnW6-pQDMEaISkydhZKCupMQskQh_WUSujb6Y2go/edit?slide=id.p#slide=id.p
01:21:24 <anssik> Marcos: we should investigate what the platforms are doing
01:21:25 <anssik> q?
01:22:09 <anssik> Reilly: watchPosition has to make sense in context of loop-calling getPosition
01:22:28 <anssik> ... the discussion we've had here, the desire is if the user does not move outside the course region, the value should not change
01:22:38 <anssik> ... we can still provide the value repeatedly
01:22:42 <Marcos> q+
01:22:59 <anssik> ... interesting question is how far the user has to go to trigger a new location update
01:23:23 <anssik> ... e.g. on a train, you get period updates that maintain privacy principles while give you an approximate location
01:23:43 <anssik> q?
01:23:46 <anssik> ack Marcos
01:24:24 <anssik> Marcos: during the breakout, we talked about how on Apple platform geolocation attaches to a point of interest, underlying platform knows how to do that
01:24:44 <anssik> ... good exercise, some platforms use the browser implementation, not platform-provided coarse-location
01:24:56 <anssik> Matt: we want to allow implementations to innovate here
01:24:58 <anssik> q?
01:25:21 <anssik> Reilly: any upcoming shipping plans or last-minute feedback from implementers?
01:25:21 <kagami> kagami has joined #dap
01:25:58 <anssik> antosart: we have implemented the permission prompt flow, we are trying to ship an experiment to small amount of users for changing to approximate location to see how the understand
01:26:07 <anssik> now in Beta, going to Stable for a small test group
01:27:08 <anssik> Reilly: part of this is motivated on every platform has this feature of coarse geolocation, and the site only functions with approximate, this leads to site not working and can't tell the user what needs to be done because it doesn't know enough
01:27:08 <anssik> q?
01:27:58 <anssik> RRSAgent, draft minutes
01:27:59 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
01:34:51 <anssik> RRSAgent, draft minutes
01:34:53 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
02:04:16 <Matt_Reynolds> Matt_Reynolds has joined #dap
02:04:21 <anssik> Topic: Confusion about geolocation emulation in two specs
02:04:36 <anssik> Anssi: issue #212
02:04:37 <gb> https://github.com/w3c/geolocation/issues/212 -> #212
02:05:01 <anssik> Reilly: this was per the preference of WebDriver authors, prefer to close this issue
02:05:21 <anssik> Marcos: I was confused because this issue did not link back to WebDriver
02:05:21 <anssik> q?
02:05:31 <kagami> kagami has joined #dap
02:06:42 <big-screen> big-screen has joined #dap
02:06:42 <willmorgan> willmorgan has joined #dap
02:07:02 <MarianH> MarianH has joined #dap
02:07:19 <anssik> RESOLUTION: Keep the split and add a non-normative reference from Geolocation to WebDriver for the automation section, for issue #212
02:07:46 <anssik> Topic: Better integration with testing framework
02:07:54 <anssik> Anssi: issue #193
02:07:55 <gb> https://github.com/w3c/geolocation/issues/193 -> Issue 193 Better integration with testing framework (by marcoscaceres) [TPAC2025]
02:08:14 <matatk> matatk has joined #dap
02:08:17 <anssik> Marcos: testing framework has a virtual location, but in theory in browser you set a location and browser gives back what you have
02:08:19 <m-alkalbani> m-alkalbani has joined #dap
02:08:23 <anssik> Reilly: this is push model, not pull
02:08:27 <matatk> present+ Matthew_Atkinson
02:08:37 <anssik> ... I think we resolve this making those changes
02:09:29 <anssik> RESOLUTION: Make the changes suggested by Marcos in issue #193
02:10:06 <anssik> Topic: Improve position accuracy definition
02:10:11 <anssik> Anssi: issue #206
02:10:11 <gb> https://github.com/w3c/geolocation/issues/206 -> Issue 206 Improve position accuracy definition (by marcoscaceres) [TPAC2025]
02:10:39 <anssik> Marcos: I did archeology, confidence level is 95% baked into the spec, wishful thinking at the time this was specified
02:10:53 <anssik> ... was 67% on Android, and on iOS 65-75% or so
02:11:03 <anssik> ... we return null on Apple platforms
02:11:22 <anssik> Reilly: the additional context is, it is better to define accuracy, does the spec say accuracy must be something
02:11:57 <anssik> ... 3 values you get: position, fixed position, circle around the position, and what the system believes is the user is in that circle, or 3d oval in fact
02:12:08 <anssik> ... centre of the oval and the probability the user is inside it
02:12:12 <anssik> ... I did research
02:12:36 <anssik> ... GPS receivers, with user in that 3d space, 65%
02:12:47 <anssik> s/GPS/for GPS
02:13:31 <anssik> Reilly: I assume the GPS receivers on Apple devices do the same, complexity here is we get position from various places, not sure if all those services standardize on a particular value
02:14:06 <anssik> ... at the risk of making the API more complicated,  we could make the API more complicated adding the confidence to the API
02:14:44 <anssik> Marcos: I like the idea of revealing it is 65% or so, it complicates things yes
02:15:06 <anssik> Reilly: you need mapping libraries on top
02:15:16 <anssik> [ Reilly pointing at the UX person in the room ]
02:15:34 <anssik> Marcos: not to reveal a lot, it is OS-level information, nice to reveal on the location object
02:15:43 <anssik> Reilly: nice standards position from WebKit
02:17:19 <gb> https://github.com/w3c/geolocation/issues/206 -> Issue 206 Improve position accuracy definition (by marcoscaceres) [TPAC2025]
02:17:25 <anssik> q?
02:19:20 <anssik> RESOLUTION: Draft a PR to remove any specific confidence value and attribute, and clarify the meaning of the accuracy value (issue #206)
02:20:03 <anssik> kagami: I'm fine with this resolution
02:20:44 <anssik> Topic: The timeout option doesn't make sense for watchPosition
02:20:51 <anssik> Anssi: issue #184
02:20:52 <gb> https://github.com/w3c/geolocation/issues/184 -> Issue 184 The `timeout` option doesn't make sense for watchPosition (by saschanaz) [TPAC2025]
02:21:31 <anssik> kagami: watchPosition, if the user does not receive error, this should not say anything, now it somehow times out with an error, does not make sense for watchPosition
02:21:58 <anssik> Reilly: developer cares about I'm I going to get location at all, I want to update the UI, if I get no value my UI will do something different and I want to know
02:22:19 <anssik> ... timeout is not meaningful in this context
02:22:41 <anssik> ... I think the proposal is to clarify the timeout only applies to the first fix deadline
02:22:44 <anssik> q?
02:23:07 <anssik> Marcos: we should say what timeout 0 means here
02:23:27 <anssik> Reilly: now the default value is Infinite that's kind of 0, but we should encourage Infinity proper
02:23:49 <anssik> ... why we have differentiation between 0 and Infinite is that 0 means check cached position
02:24:26 <anssik> ... I think the cache position concept is legacy of how location systems used to work, in modern devices the OS has a cached position, a decreasingly sized circle-ish location
02:24:56 <anssik> ... the idea of cached location is a little weight, the maxAge idea is also a little weight, we don't know how old that is
02:25:14 <anssik> ... in Chromium we have a cache, there are bugs so we have considered removing that code path
02:25:24 <anssik> ... another parameter I'd like to get rid off
02:25:49 <anssik> ... it does not reflect the 2025 reality of geolocation capabilities in devices
02:26:01 <anssik> ... return the cache or throw a timeout immediately
02:26:12 <anssik> Marcos: we are not partitioning the cache, right
02:27:10 <gb> https://github.com/w3c/geolocation/issues/184 -> Issue 184 The `timeout` option doesn't make sense for watchPosition (by saschanaz) [TPAC2025]
02:27:48 <anssik> Marcos: I added a comment in the issue, it is rather long
02:28:11 <anssik> Reilly: I think I agree with the comment
02:28:20 <anssik> q?
02:28:35 <anssik> RESOLUTION: Change the watchPosition steps so that timeout is a deadline to an initial fix and that there's no deadline for returning an additional geolocation results after the initial fix (issue #184)
02:29:01 <anssik> Topic: Remove the default value of timeout in PositionOptions
02:29:05 <anssik> Anssi: issue #185
02:29:06 <gb> https://github.com/w3c/geolocation/issues/185 -> Issue 185 Remove the default value of `timeout` in `PositionOptions` (by saschanaz) [TPAC2025]
02:29:29 <atsushi_> atsushi_ has joined #dap
02:29:47 <anssik> Reilly: the question is, if we remove the default value, the timeout becomes nullable, then is using a null timeout instead of this large value be the same behaviour
02:30:02 <anssik> ... alternatively, we could remove the clamp and use Infinity
02:30:14 <anssik> kagami: the implementation could check for either
02:30:30 <anssik> Reilly: implementations may end up checking some very large threshold
02:31:19 <anssik> ... not a developer visible change, timeout behaviour will be the same regardless
02:32:10 <anssik> ... unsigned long can take Infinity, do we want to make this nullable unsigned long, this is a dictionary, in terms of C++ has a null check
02:32:16 <anssik> Marcos: effectively what kagami proposed
02:32:35 <matatk> matatk has joined #dap
02:33:01 <anssik> Reilly: clamp in unsigned long is undefined and not set to specific value
02:34:16 <chiace> chiace has joined #dap
02:35:38 <anssik> RESOLUTION: Remove the default value because we believe it does not have any developer visible impact (issue #185)
02:36:15 <anssik> Topic: Specify frame destruction behavior
02:36:19 <anssik> Anssi: issue #192
02:36:19 <gb> https://github.com/w3c/geolocation/issues/192 -> #192
02:36:43 <anssik> Reilly: Marcos asks if we don't spec this behaviour, and the frame is destroyed, we should have the steps
02:37:02 <anssik> ... however the question is it becomes non-active while the operation is in progress
02:37:13 <anssik> ... we don't have cleanup on not active, browser implementations do that
02:37:27 <anssik> Marcos: I wasn't sure if there's a check for destruction for the script execution context
02:37:36 <anssik> Reilly: I don't think the spec has one
02:37:51 <anssik> ... we can add on document not becoming fully active and that's good
02:37:52 <anssik> q?
02:39:47 <anssik> RESOLUTION: Add steps to on document becoming non-fully active clean up all watch operations (issue #192)
02:40:06 <anssik> Topic: AbortSignal integration
02:40:14 <anssik> Anssi: issue #179
02:40:15 <gb> https://github.com/w3c/geolocation/issues/179 -> Issue 179 `AbortSignal` integration (by jimmywarting) [Feature request] [TPAC2025]
02:40:36 <anssik> Reilly: about modernization, use promises for abort signals
02:40:49 <anssik> ... can I add an abort signal to the API to allow clearWatch with an abort signal
02:40:57 <anssik> ... clear watch when the signal happens vs immediately
02:41:07 <anssik> ... watchPosition is another place where we can put this
02:41:36 <anssik> ... my perspective is, we can add it, this is one of the things where developers will need to polyfill their way around this until implementations pick this up
02:41:45 <anssik> ... it is nice but feels low value
02:41:47 <anssik> Marcus:
02:41:54 <anssik> s/Marcus://
02:42:26 <anssik> Marcos: to mitigate the problem, to implement this in the spec we implement at the same time
02:43:14 <anssik> Reilly: not opposed, but I don't think this is useful
02:43:24 <anssik> Marcos: I don't hate it, "cool feature bro"
02:43:34 <anssik> Reilly: easy to polyfill on top of the current API
02:43:47 <anssik> ... take the abort signal and add clearWatch
02:43:49 <anssik> q?
02:44:42 <gb> https://github.com/w3c/geolocation/issues/192 -> Issue 192 Specify frame destruction behavior (by marcoscaceres) [TPAC2025]
02:45:23 <anssik> RESOLUTION: Consider this feature in a future version of the specification (issue #192)
02:45:43 <MarianH> MarianH has joined #dap
02:45:49 <anssik> Topic: Promisify getCurrentPosition()
02:45:50 <kagami> kagami has joined #dap
02:46:02 <anssik> Anssi: issue #174
02:46:03 <gb> https://github.com/w3c/geolocation/issues/174 -> Issue 174 Promisify `getCurrentPosition()` (by lukewarlow) [Feature request] [TPAC2025]
02:46:27 <anssik> Reilly: nice API but I don't think it is worth it to add this complexity because developers will need to polyfill for a number of years
02:49:13 <gb> https://github.com/w3c/geolocation/issues/196 -> Issue 196 <geolocation> element (by MinhAnhL) [Feature request] [TPAC2025]
02:49:35 <anssik> RESOLUTION: Due to added complexity, close the issue after confirming with the original author of the proposal, new proposal for better ergonomics, see geolocation element #196 (issue #174)
02:50:51 <tomayac> Node.js solved the transition from callbacks to promises by introducing new names (`fs` → `fsPromises`), so we _could_ do the same here, but it wasn't deemed worth it, especially since `<geolocation>` is the promising (no pun intended) new way.
02:51:59 <anssik> RRSAgent, draft minutes
02:52:00 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
02:55:50 <Marcos> Marcos has joined #dap
02:55:55 <Marcos> q+
02:56:05 <anssik> ack Marcos
02:58:07 <scheib> q+
03:00:44 <diekus> diekus has joined #dap
03:01:01 <diekus> present+
03:01:03 <anssik> ack scheib
03:05:53 <tomayac> People have been commenting on https://github.com/w3c/geolocation-sensor/issues/22 in expectation of this meeting.
03:05:54 <gb> https://github.com/w3c/geolocation-sensor/issues/22 -> Issue 22 Support geolocation (especially geofencing) in the "background" (by kenchris) [geo-background-fencing] [geo-background-tracking] [use-cases]
03:07:37 <anssik> Topic: Screen Wake Lock API
03:07:40 <anssik> Subtopic: Remove permission check
03:07:54 <anssik> gb, this is w3c/screen-wake-lock
03:07:54 <gb> anssik, OK.
03:08:06 <anssik> Anssi: issue #366
03:08:06 <gb> https://github.com/w3c/screen-wake-lock/pull/366 -> Pull Request 366 Remove permission check (by marcoscaceres) [TPAC2025]
03:08:24 <anssik> Marcos: we designed this around powerful features, we don't need screen wake lock
03:08:39 <anssik> ... in WebKit we implemented it as a bunch of dead code to pass the tests
03:08:59 <anssik> ... by default in Chrome we have a checkbox but it is on by default
03:09:03 <anssik> ... you don't prompt for it
03:09:11 <anssik> ... we can probably remove the permission check
03:09:25 <anssik> Mike: we have the setting for this, however?
03:10:03 <anssik> Vincent: this is in Safari, what is the motivation for removing this?
03:10:12 <anssik> Marcos: we have fake implementation for this
03:10:32 <anssik> Vincent: that is a very minor issue, we have an implementation for this that's real
03:10:42 <anssik> ... why should we drop it?
03:10:45 <reillyg> q+_
03:10:48 <reillyg> q-_
03:10:49 <anssik> Marcos: no one uses a permission prompt
03:10:51 <reillyg> q-
03:10:55 <reillyg> q+
03:11:00 <anssik> Marian: you can go to settings and turn it off
03:11:02 <anssik> ack reillyg
03:11:32 <anssik> Reilly: I asked Mike about this before the meeting, he mentioned there's a bunch of powerful features without corresponding permission UI
03:11:58 <anssik> ... we use the machinery without prompting users, example we use this as a way to control the feature
03:12:09 <anssik> Mike: we allow require delegation, and delegate it
03:12:22 <anssik> ... in this case we don't prompt unless delegated
03:12:30 <anssik> ... I don't know if this is the case here
03:12:50 <anssik> Marcos: could keep that aspect
03:12:56 <anssik> Mike: we keep the check
03:13:09 <anssik> Marcos: add stuff that never got implemented, indicators and such
03:13:41 <anssik> Reilly: only thing we could remove, if we remove prompt-related text, couple of steps request permission to use
03:14:02 <anssik> ... request permission to use
03:14:17 <anssik> Marcos: permission policy makes sense, we massage the other things
03:15:16 <anssik> Reilly: question, if a browser has a setting to disable the API, would that fall in which category, policy-controller or not?
03:15:23 <anssik> Marcos: policy-controlled
03:16:00 <anssik> Mike: I don't think this distinction makes a lot of sense, the feature can always be available and be in a weird state
03:16:13 <Dingwei> Dingwei has joined #dap
03:16:15 <anssik> ... I don't remember the permission feature on top of my head
03:16:24 <anssik> q?
03:16:38 <scheib> https://www.w3.org/TR/permissions/#permissions
03:16:49 <anssik> Reilly: if there's a way to specify a powerful feature check and the permissions feature check in a single check, it'd resolve Marcos' concern
03:16:50 <scheib> https://www.w3.org/TR/permissions/#powerful-features
03:17:07 <anssik> ... with the spec algorithms available to us those need to be two separate steps I believe
03:17:15 <anssik> ... we want a simpler way of checking
03:17:50 <anssik> antosart: in Chrome this may not be the case, we have setting in Chrome not related to permissions
03:18:01 <anssik> Reilly: then the behaviour is implementation-defined
03:18:15 <anssik> Marcos: I want to remove the line "request for permission to use screen wake lock"
03:18:33 <anssik> Mike: what is the web-facing implementation you need to fake in the tests
03:19:12 <anssik> ... please note prompt the user is not web visible
03:19:37 <reillyg> https://www.w3.org/TR/permissions/#dfn-getting-the-current-permission-state
03:19:59 <tomayac> `await navigator.permissions.query({name: 'screen-wake-lock'})` returns always 'granted'
03:20:03 <anssik> Reilly: if we change the algorithm here, it removes the request permission
03:21:26 <anssik> Marijn: no way to request permission in this case
03:21:37 <anssik> Marcos: we don't have code to fake ask
03:21:46 <anssik> Reilly: precludes us from ever prompting
03:21:57 <anssik> Mike: confused on what you're faking here for tests
03:22:28 <anssik> q?
03:23:13 <gb> https://github.com/w3c/screen-wake-lock/pull/366 -> Pull Request 366 Remove permission check (by marcoscaceres) [TPAC2025]
03:24:01 <anssik> RESOLUTION: Replace "request permission to use" with "get the current permission state" (issue #366)
03:24:21 <anssik> RRSAgent, draft minutes
03:24:22 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
03:24:36 <anssik> Subtopic: Require transient activation
03:24:44 <anssik> Anssi: issue #351
03:24:44 <gb> https://github.com/w3c/screen-wake-lock/pull/351 -> Pull Request 351 Require transient activation (by marcoscaceres) [TPAC2025]
03:25:09 <anssik> Marijn: you can require transient activation without consuming it
03:25:38 <anssik> Vincent: can you require activation types  and not consume and check more than once
03:26:08 <anssik> Marcos: check for sticky activation is a reasonable ask
03:26:27 <anssik> Marijn: sticky is whether the page has ever had transient activation
03:26:39 <anssik> tomayac: invisible video is the workaround to this issue, with media autoplay
03:26:53 <anssik> Reilly: media autoplay requires some signal I believe
03:27:14 <anssik> ... a legitimate concern that if we require activation developers will play a silent video
03:27:35 <anssik> ... Screen Wake Lock API was created to not need to use autoplay video for this purpose
03:27:51 <anssik> ... that concern is not something we worry about, we don't take away a thing people would use
03:28:11 <anssik> Mike: Screen Wake Lock API has been out these for a long time
03:28:17 <anssik> Marcos: not so long time for WebKit
03:28:47 <anssik> RRSAgent, draft minutes
03:28:48 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
03:29:11 <anssik> Reilly: do we need to increase user activation requirements, or is sticky activation good enough?
03:29:46 <anssik> ... I proposed sticky because we proactively take away the wake lock so reacquiring is a consideration
03:29:54 <anssik> ... using sticky the site is allowed to reacquire
03:30:05 <anssik> ... some other complicated edge cases
03:30:15 <anssik> RRSAgent, draft minutes
03:30:16 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
03:31:03 <gb> https://github.com/w3c/screen-wake-lock/pull/351 -> Pull Request 351 Require transient activation (by marcoscaceres) [TPAC2025]
03:32:32 <anssik> kagami: why require transient first?
03:33:01 <anssik> Reilly: if you run an operation, you want it to complete, say file upload, if I switch tabs, we implemented this so the page is invisible so hand hold the lock
03:33:08 <anssik> kagami: can we pretend it has a lock?
03:33:13 <anssik> Reilly: can automatically acquire the lock
03:33:23 <anssik> kagami: what needs to be reacquired?
03:33:37 <anssik> Marcos: that's not how it works today unfortunately
03:33:53 <anssik> Reilly: forces developers to explicitly decide
03:35:02 <anssik> RESOLUTION: Require transient activation for the first, and allow subsequent requests (issue #351)
03:38:21 <anssik> RRSAgent, draft minutes
03:38:23 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
04:45:18 <Matt_Reynolds> Matt_Reynolds has joined #dap
04:46:52 <atsushi> atsushi has joined #dap
04:48:25 <MarianH> MarianH has joined #dap
04:50:45 <xiaoqian> xiaoqian has joined #dap
04:53:26 <tomayac>  /join wicg
04:54:49 <anssik> s/\/join wicg//
04:54:59 <anssik> RRSAgent, draft minutes
04:55:00 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
04:55:35 <anssik> s//join wicg//
04:55:36 <anssik> RRSAgent, draft minutes
04:55:37 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
04:55:59 <anssik> s/join wicg//
04:56:13 <anssik> s|join wicg||
04:56:15 <anssik> RRSAgent, draft minutes
04:56:16 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
04:56:22 <Will_Morgan> Will_Morgan has joined #dap
04:57:19 <DKA> DKA has joined #dap
04:57:21 <MarianH> Present+ Marian_Harbach
04:57:25 <tomvg> tomvg has joined #dap
04:57:26 <DKA> q?
04:57:29 <Mek> Mek has changed the topic to: https://github.com/w3c/das-wg/issues/76
04:57:35 <Mek> Mek has changed the topic to: Agenda: https://github.com/w3c/das-wg/issues/76
04:57:43 <ananya> ananya has joined #dap
04:58:07 <kei> kei has joined #dap
04:58:53 <DKA> present+ Dan_Appelquist
04:58:57 <anssik> Present+ Tom_Van_Goethem
05:00:48 <anssik> Present+ Samuel_Richard
05:06:13 <Will_Morgan> Present+ Will_Morgan
05:06:47 <anssik> scribe+ tomayac
05:07:27 <adekker> adekker has joined #dap
05:10:37 <anssik> Topic: Charter & roadmap
05:10:43 <anssik> Anssi: we will review our roadmap and discuss rechartering
05:10:48 <anssik> -> https://www.w3.org/das/roadmap
05:10:52 <anssik> -> https://www.w3.org/2024/02/das-wg-charter.html
05:11:05 <anssik> Anssi: Atsushi has kindly opened PR for the charter updates and a strategy issue where the W3C team will assess the issue
05:11:11 <anssik> -> https://github.com/w3c/charter-drafts/pull/720
05:11:12 <gb> https://github.com/w3c/charter-drafts/issues/720 -> https://github.com/w3c/charter-drafts/pull/720
05:11:16 <anssik> -> https://github.com/w3c/strategy/issues/530
05:11:17 <gb> https://github.com/w3c/strategy/issues/530 -> Issue 530 [wg/das] Devices and Sensors Working Group 2026 Charter (by himorin) [charter]
05:11:22 <tomayac> Anssi: We need to start soon on rechartering or extending.
05:12:09 <tomayac> ... Anssi would like to contribute demos on behalf of Intel.
05:12:32 <ananya> present+
05:12:41 <tomayac> ... Specifically talking about the Motion Sensors repo
05:13:35 <tomayac> ... https://github.com/intel/generic-sensor-demos
05:13:39 <anssik> RESOLUTION: DAS WG will host demos that support explainers and spec work in the WG's repos
05:14:42 <Matt_Reynolds> Matt_Reynolds has joined #dap
05:15:49 <tomayac> Atsushi: The charter needs updating starting from 2024
05:16:00 <tomayac> ... following the new charter template
05:16:09 <tomayac> ... spec status needs to be updated.
05:16:35 <anssik> q+
05:16:36 <tomayac> ... The WG may want to discuss about the scope or modify some text to align the current interests
05:17:25 <anssik> q?
05:17:30 <anssik> ack anssik
05:17:30 <tomayac> ... There is a recommendation to update the roadmap section in the charter and ask for horizontal review
05:18:03 <tomayac> Anssi: No substantial changes, but the boilerplate text. The end date is end of February.
05:18:14 <tomayac> ... we can extend by default about 2 months.
05:18:37 <tomayac> ... Legal people in each company want to review this.
05:18:39 <atsushi> 2026 rechartering strategy issue -> https://github.com/w3c/strategy/issues/530
05:18:40 <gb> https://github.com/w3c/strategy/issues/530 -> Issue 530 [wg/das] Devices and Sensors Working Group 2026 Charter (by himorin) [charter]
05:18:47 <Will_Morgan> q+
05:18:52 <tomayac> ... There is a heavier process for substantial changes.
05:19:12 <tomayac> Atsushi: The template includes text about the scope.
05:19:32 <tomayac> Anssi: It would be helpful to have checkbox items we need to work down
05:19:35 <DKA> q?
05:19:41 <DKA> q+ to ask about scope
05:19:59 <tomayac> ... We are use case driven and security and privacy focused. We work on real world use cases with developer demand.
05:20:16 <tomayac> ... Background geolocation has tons of use cases, but some challenges with security
05:20:27 <tomayac> ... Hardware security is exclusively out of scope
05:20:58 <tomayac> ... Coming to the deliverables. This is stuff the group _can_ work on.
05:21:11 <tomayac> ... Many haven't changed much and we haven't pushed for new features
05:21:18 <tomayac> ... Battery status is one of them
05:21:24 <Will_Morgan> q-
05:21:26 <tomayac> ... Screen wake lock was discussed in the morning
05:21:36 <tomayac> ... System wake lock is on the agenda
05:21:55 <tomayac> ... We can keep it in scope and if Reilly wants to work on this, we can
05:22:14 <tomayac> ... Generic Sensor API is the abstract class for many concrete sensors.
05:22:32 <tomayac> ... We're hearing that Will has product requirement for ALS for example
05:23:01 <tomayac> ... The geolocation sensor has developer and use case demand, but we don't know what the solution is.
05:23:12 <tomayac> ack DKA
05:23:13 <Zakim> DKA, you wanted to ask about scope
05:23:19 <anssik> ack DKA
05:23:24 <tomayac> Dan: Wanted to ask about scope?
05:23:54 <tomayac> ... How does DAS think about scope? Can we only work on things on the deliverables list? Or is there some flexibility? What model do you work under?
05:24:30 <tomayac> Anssi: We say something about this. The WG will not adopt new proposals until they have gone through the WICG or similar. There needs to be initial consense.
05:24:40 <tomayac> s/consense/consent
05:24:56 <tomayac> ... Otherwise the charter would be open-ended
05:25:15 <tomayac> Dan: This is interesting. Just noting that in Web App Sec, they have taken the view
05:25:23 <Dingwei> Dingwei has joined #dap
05:25:28 <tomayac> ... that they adopt things on a case-by-case basis
05:25:39 <tomayac> ... as long as it fits their scope
05:25:52 <tomayac> Anssi: Does Dan recommend us we do it this way?
05:25:53 <anssik> q?
05:25:59 <tomayac> Dan: Not recommending. Just asking.
05:26:18 <tomayac> ... would that approach be useful for you? Have you run into roadblocks?
05:26:37 <tomayac> ... Like when you want to work on something, but that something isn't on the charter.
05:27:06 <tomayac> Reilly: My perspective is that the process for incubation is mature enough that I haven't felt an urgency to accept something into the WG than usual.
05:27:21 <tomayac> Anssi: Maybe some might push back on adopting something too early
05:27:31 <tomayac> ... If there's a best practice emerging, we want to adopt it
05:27:45 <tomayac> ... We want to minimize friciton
05:27:52 <tomayac> s/friciton/friction
05:28:08 <tomayac> ... If it upsets someone, it's not worth it
05:28:16 <tomayac> ... ALS is where Will had use cases
05:28:30 <tomayac> ... DeviceOrientation is the old spec
05:28:50 <tomayac> ... Geolocation Sensor is an idea where we don't know if it's feasible
05:29:08 <tomayac> ... Contact Picker is a bit different. Compute Pressure.
05:29:41 <tomayac> ... Then we have tentative deliverables: Network Information API is too soon to make it a WG deliverable. Same with Idle Detection.
05:30:09 <tomayac> ... Then we have maintenance issues: Geolocation, Vibration, Media Capture.
05:30:28 <tomayac> Reilly: Only a few of the deliverables get active participation from the implementers
05:30:46 <tomayac> ... Particularly geolocation. Privacy has been very actively looking at this.
05:31:28 <tomayac> Anssi: We have this text: If additional in-scope Recommendation-track deliverables need to be added…
05:31:41 <tomayac> Dan: You have this in the charter, but you have never used it?
05:31:48 <tomayac> Anssi: We haven't.
05:32:24 <tomayac> ... One thing I want to mention: Reilly, implementation-wise: Generic Sensor has been implemented by reusing existing code?
05:32:49 <tomayac> Reilly: The answer is true that the API is polyfilled on top of the old APIs.
05:33:20 <tomayac> ... It's implemented as a JS polyfill, but you can think of it like this. It's actually C++.
05:33:40 <tomayac> ... It's not exactly on top, these APIs use different units.
05:34:14 <tomayac> Anssi: Geolocation Sensor needs the use cases to be discussed
05:34:28 <tomayac> ... Device Posture will be discussed after Sam's presentation
05:34:49 <tomayac> ... Contact Picker is implemented by Google and WebKit behind a flag
05:35:32 <tomayac> Anssi: CPU Performance API points back at Compute Pressure. Reilly, are you working with the person?
05:35:36 <tomayac> Reilly: No
05:35:52 <tomayac> Anssi: Do you want to update the PR Atsushi?
05:36:09 <tomayac> Anssi: The PR is already merged.
05:36:26 <tomayac> Dan: Your current charter talks about proposed recommendations, but there are none.
05:36:49 <anssik> q?
05:36:51 <tomayac> Anssi: The charter is connected to device capabilities or sensors
05:37:13 <tomayac> Anssi: Is anyone aware of other work?
05:37:41 <tomayac> Mek: We could mention stuff as intentative
05:38:00 <tomayac> Anssi: Not a lawyer, but...
05:38:07 <tomayac> s/intentative/tentative
05:38:19 <tomayac> Anssi: Is Huawei interested?
05:38:21 <Will_Morgan> q+ to discuss suggested proposals in advance of rechartering
05:38:33 <tomayac> Wei: We need to clarify internally
05:38:59 <tomayac> ... That's a maybe, speaking as a guest and might want to propose new deliverables.
05:39:23 <anssik> ack Will_Morgan
05:39:23 <Zakim> Will_Morgan, you wanted to discuss suggested proposals in advance of rechartering
05:39:26 <tomayac> Reilly: Time check? Anything else we need to discuss?
05:39:45 <tomayac> Will: iproov is in a similar position as Huawei, we may want to propose new stuff
05:39:52 <Will_Morgan> iProov
05:40:04 <tomayac> s/iproov/iProov
05:40:22 <tomayac> Anssi: Do you need to be member to suggest new stuff?
05:40:28 <tomayac> Dan: No
05:40:32 <anssik> q?
05:40:37 <scheib> present+
05:40:48 <tomayac> Dan: Anybody can help write the charter. But you need to join the WG to contribute.
05:41:04 <tomayac> Atsushi: For some WG, there are some tentative specs in a CG
05:41:24 <tomayac> ... If you have a specific item, you can push it in the CG
05:41:59 <tomayac> Anssi: Let's conclude this and send a note to the list
05:42:55 <Mek> scribe+
05:43:12 <anssik> Topic: Freeform Window Hints
05:43:48 <anssik> Present+ Baran_Usluel
05:45:07 <Mek> Sam: Convertibles are devices that can behave both like a tablet and desktop device. Lots of chromebooks do this, surface tablets, detachables
05:45:48 <Mek> ...: other devices that do similar things,  even though not convertibles.  I.e. plug phone into external monitor that various phones support
05:46:35 <Mek> ...a lot of other stuff on the web that let devices adopt to them, media queries, input devices. Can adopt to lot of things. One thing we don't have signal for is how user is using device,  user posture rather than device posture.
05:46:58 <Mek> ...a focused app mode vs a desktop windowing mode,  users use devices differently in the different modes
05:47:11 <Mek> ... in focussed app mode more in consuming mode while in windowed mode more in a heavy productivity mode
05:47:44 <Mek> ...other thing we noticed between these modes is windows opening popups behave differently in these modes, but behave consistently in the same mode across devices and operating systems
05:48:02 <Mek> ...in focussed mode window popup opens a tab, while in multi window mode opens a new window.  devs need to be aware of this to adapt flows
05:48:14 <anssik> RRSAgent, draft minutes
05:48:16 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
05:48:23 <Mek> ...payment flow in a popup stays in context, while in a new tab would lose context and people might forgot why they are there
05:48:55 <Mek> ...knowing if your popup is going to open a popup vs a tab might make you want to perhaps use an iframe instead of a popup
05:49:30 <Mek> ...So what do we do about that? Impossible to feature detect today, since window.open does work but you don't know if it created a tab or a popup.  So need to detect that before opening the popup.
05:49:33 <anssik> q?
05:50:08 <Mek> ... Rough proposal of two pieces: one is hanging something of ScreenDetails that says supports free form windows or similar, also in a media query
05:50:19 <Mek> tomayac: there is a property in css for cursor, hover, fine, etc is that usable?
05:50:50 <Mek> Sam: Unfortunately not. Windowing mode has nothing to do with coarseness of input device.  Also is screen specific rather than device specific, so can change
05:51:04 <Mek> ... can switch between desktop and windowed mode with same coarseness, but still change modes
05:51:23 <Mek> ...can drag a window from phone over to desktop/to phone,  and everything will change.  So not tied to input modality or device
05:51:38 <Mek> ...so need a runtime thing with event listeners for changes etc, so not a client hint or device type
05:51:44 <Mek> anssik: is this more like extension to window management spec?
05:52:21 <Mek> Sam: yeah, talked to mike wasserman yesterday about this.  Think hanging something of ScreenDetails seems right. Only downside is permissions needed for screen details, for opening a popup shouldn't need to show scary permission prompt
05:52:53 <Mek> ...looking at a readonly permissionless screen details api that might work. Would have some fingerprinting entropy,  but shouldn't be a lot more than you can get today
05:52:59 <Mek> anssik: good news, we're also rechartering the group for that
05:53:12 <Mek> reillyg: a reason this needs to be on ScreenDetails and not on Screen?
05:53:34 <Mek> Sam: No,  original thought was for Screen.  But want to expose this for all attached screens,  so also need it on ScreenDetails
05:54:01 <Mek> reillyg: Screen only gets you info for current window,  but that is probably what apps mostly cares about, so could add it to Screen without limiting use cases
05:54:13 <anssik> s/the group for that/the Second Screen WG soon and this feature could be in scope
05:54:19 <Mek> Sam: Main reason for Screen Details was because we were talking to the authors of that.  But screen could also work
05:55:15 <Mek> ...noticed this on Chrome on macOS, varies between browsers.  If you use macOS's fullscreen to fullscreen the app it behaves the same as focused app mode and opens a tab. Web fullscreen API behavior is differently.  Knowing what is going to happen can extend to multi-desk/space scenarios on desktops as well
05:55:45 <Mek> reillyg: Yeah,  macOS effectively has this focused mode,  would be good for sites to be able to detect that there as well to avoid kicking you out of fullscreen
05:55:47 <anssik> q?
05:56:33 <Mek> tomayac: question for implementer interest.  Samsung/meta both have VR, is this particularly important in the VR context?
05:57:17 <Mek> Baran: There are overlaps between spacial browsers and this kind of focused view.  With one click can enter focused view in VR,  also in other modes where we don't want to break you out of a tab.
05:57:20 <Mek> q+
05:57:39 <Mek> Ananya: Very relevant problem for us as well
05:58:02 <Mek> ... there is no way to detect if your galaxy phone is docked/using Dex and if multiwindows are suddenly supported
05:58:07 <anssik> ack mek
05:58:16 <reillyg> scribe+
05:58:45 <reillyg> mek: Do you think this would also apply for PWA windows?
05:59:08 <reillyg> Sam: Isn't this what navigation capturing is for?
05:59:14 <reillyg> ... I think this could be used as part of deciding whether or not to open a new PWA window.
05:59:55 <reillyg> ... I can see a scenario where a PWA in focused-app mode might prefer to open links in a CCT in focused app mode and be okay opening them in new tabs in a windowing mode.
06:00:34 <anssik> q?
06:00:38 <scheib> (CCT: Chrome Custom Tabs == Android Custom Tabs)
06:01:25 <anssik> Reilly: to wrap discussion, initially forgot Device Posture API is foldable related, I think given the discussion on use cases this seems to fit in Second Screen WG as an extension to Window Management API
06:02:01 <anssik> q?
06:04:16 <anssik> RESOLUTION: The DAS WG proposes the Second Screen WG to adopt the Freeform Window Hints proposal into its charter, given it is an extension to the Window Management API
06:26:30 <MarianH> MarianH has joined #dap
06:27:58 <Matt_Reynolds> Matt_Reynolds has joined #dap
06:36:46 <anssik> q?
06:37:40 <anssik> q+
06:37:52 <anssik> ack anssik
06:40:09 <atsushi> atsushi has joined #dap
06:50:08 <anssik> Topic: Screen Brightness API & Biometric Liveness Detection
06:51:07 <reillyg> Topic: Screen Brightness API & Biometric Liveness Detection
06:51:28 <reillyg> [Slide 1]
06:51:48 <reillyg> Will_Morgan: We are a liveness provider that has been recently been certified by FIDO.
06:51:59 <reillyg> ... This is a complementary technology to Passkeys and Digital Credentials.
06:52:13 <reillyg> ... The goal is to determine that the user is a real person and not a deepfake.
06:52:21 <reillyg> ... We've been working on this for the last 6 years.
06:52:23 <reillyg> [Slide 2]
06:52:47 <reillyg> [Plays a demo of identity verification by taking a video of the user's face.]
06:53:07 <reillyg> Will_Morgan: Modern deepfakes threaten to invalidate this process.
06:53:10 <reillyg> [Slide 3]
06:53:28 <reillyg> [Shows a demo of a deepfake being used to fake identify validation.]
06:53:41 <reillyg> Will_Morgan: This is an ongoing challenge that the industry has been having.
06:54:17 <reillyg> ... This isn't for general authentication but for high-value ceremonies such as filing tax returns.
06:54:25 <reillyg> [Slide 4]
06:54:27 <reillyg> [Slide 5]
06:54:34 <reillyg> Will_Morgan: There are other companies in this space.
06:54:37 <reillyg> [Slide 6]
06:55:10 <reillyg> Will_Morgan: Since we've gotten involved in the W3C the industry has continued to grow. ~2 billion transactions per year.
06:55:29 <reillyg> ... My job has been to get to native success rates in a web browser.
06:55:46 <reillyg> ... Trust model and a large diversity of devices are difficulties.
06:55:52 <reillyg> [Slide 7]
06:55:57 <reillyg> [Slide 8]
06:56:26 <reillyg> Will_Morgan: Fingerprinting protections are a challenge for us because we want to fingerprint but not for the purposes perhaps that others like advertisers do.
06:56:30 <reillyg> ... Our use case if ephemeral.
06:56:36 <reillyg> s/if/is/
06:56:40 <reillyg> [Slide 9]
06:56:40 <anssik> RRSAgent, generate minutes
06:56:41 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
06:56:58 <reillyg> Will_Morgan: I'd like to see if there's any interest in the room for any of these areas.
06:57:20 <reillyg> [Slide 10]
06:57:33 <reillyg> Will_Morgan: What I'm trying to focus on are usability and increasing completion rates.
06:57:52 <reillyg> ... Our challenges are user abandonment and false rejects due to poor lighting.
06:58:12 <reillyg> [Slide 9]
06:59:00 <reillyg> [Slide 18]
06:59:15 <reillyg> Will_Morgan: Ambient light sensor is going to make the most difference for us.
06:59:25 <reillyg> ... We don't need much granularity.
07:00:17 <anssik> -> https://www.science.org/doi/10.1126/sciadv.adj3608
07:00:22 <reillyg> ... There have been interesting papers on attacks against the high-resolution API.
07:00:27 <reillyg> ... and again we don't need all that.
07:00:39 <reillyg> [Slide 19]
07:00:51 <reillyg> Will_Morgan: Our proposal is to bucket into dark, fair, good and bright buckets.
07:01:04 <reillyg> anssik: Are these specific lux values examples?
07:01:31 <reillyg> Will_Morgan: Yes, I don't have specific data on which values lead to be the best photo performance.
07:01:46 <reillyg> anssik: Are you interested in particular steps like "dark" to "fair"?
07:02:17 <reillyg> Will_Morgan: What we decide to do as developers really depends on what we're allowed to collect and correlate.
07:02:49 <reillyg> anssik: Would a boolean work?
07:03:13 <reillyg> Will_Morgan: I'm hesitant to say yes because we'd like to know if it's too dark, too bright or in between in a range where we think things would work.
07:03:24 <anssik> q?
07:03:39 <reillyg> ... I'd like to go to privacy experts to see what they think of this.
07:04:05 <reillyg> tomvg: I think here fingerprinting is not too much of a concern because brightness is temporal.
07:04:18 <reillyg> ... IIRC those attacks were cross-site leakage.
07:05:31 <reillyg> Will_Morgan: We take the refresh rate down to twice a second to reduce the rate at which data can be leaked.
07:06:25 <reillyg> ... Is a signal like it going from light to dark when you go outside leaking privacy?
07:06:30 <reillyg> tomvg: I don't see that being abused.
07:06:58 <reillyg> ... I think cross-site exposure is the main concern.
07:08:06 <anssik> Reilly: in cross-site leakage, you take cross-origin iframe and using JS you make the iframe change color from black to white, and readback the illuminance reflected from a surface such as the person's face
07:08:25 <anssik> ... if you can only read at a rate of 2 Hz it seems to mitigate this pretty well
07:08:44 <anssik> Vincent: in the paper, I don't think this is a much of an attack
07:09:00 <anssik> ... holding an object near the device not very practical
07:09:29 <anssik> Will: but on a phone it is different, there is so much environmental noise it might remove the noise
07:10:25 <anssik> Anssi: we couldn't reproduce the attack in a lab setting when we initially tied using the setting described in the initial paper
07:10:49 <anssik> s/tied/tried
07:10:58 <anssik> s/setting/setup
07:11:12 <reillyg> Will_Morgan: Third mitigation is indicating that ALS is in use.
07:11:20 <reillyg> [Slide 20]
07:12:12 <reillyg> Will_Morgan: We're less interested in this because if we understand the lighting conditions then we probably don't need it.
07:13:19 <reillyg> [Slide 21]
07:13:32 <reillyg> [Slide 22]
07:13:58 <reillyg> Will_Morgan: We are considering proposing a "spectrum mode" media stream constraint.
07:14:58 <reillyg> ... We have ideas for more building access type scenarios where the application could be a PWA and getting access to the front-facing infrared camera would be helpful for liveness detection.
07:16:07 <reillyg> ... TAG feedback yesterday during the breakout mentioned that we should consider in permissions how infrared allows you to see through things that are not transparent in the visible spectrum.
07:16:23 <reillyg> ... We might treat that as a separate permission.
07:16:33 <reillyg> [Slide 23]
07:16:57 <reillyg> Will_Morgan: Bringing back face detection would be helpful.
07:17:12 <reillyg> ... Sites today ship ML models to do this but it's a waste of bandwidth because all operating systems have this built-in.
07:18:57 <anssik> Reilly: the concern earlier was that OS built-in Face Detection implementations were different across platforms
07:19:07 <anssik> Will: common denominator?
07:19:19 <anssik> Reilly: what is the minimum capability that'd be useful for your app?
07:19:42 <anssik> Will: bounding box, eyes and mouth points
07:20:21 <anssik> Reilly: you will still run complicated algorithm on the server side
07:20:37 <anssik> Will: you only send the minimum required to the server to improve privacy
07:21:13 <anssik> ... this also will mimize the time-to-interaction metric
07:21:59 <anssik> Reilly: arbitrary UVC is harder, PTZ is in the spec already
07:22:18 <anssik> Will: for focus would need manual controls
07:22:31 <anssik> Reilly: you can manually focus with Image Capture spec
07:22:51 <reillyg> [Slide 25]
07:22:56 <anssik> Will: suggested next steps
07:23:26 <anssik> ... in order of importance
07:23:37 <anssik> ... 1) Revive ALS
07:23:54 <anssik> ... 2) Drop Screen Brightness unless other UCs emerge
07:24:12 <anssik> ... 3) Introduce spectrumMode in getUserMedia
07:24:25 <anssik> ... 4) Revisit Face Detection API
07:24:34 <anssik> Will: I feel ALS is the low-hanging fruit
07:25:53 <anssik> Anssi: would be happy to let Will to edit the ALS API spec to update it to meet these requirements
07:32:13 <reillyg> Topic: Background Geolocation
07:32:22 <anssik> gb, this is w3c/geolocation-sensor
07:32:22 <gb> anssik, OK.
07:32:47 <anssik> Subtopic: Use cases for background geolocation
07:32:51 <anssik> Anssi: issue #22
07:32:52 <gb> https://github.com/w3c/geolocation-sensor/issues/22 -> Issue 22 Support geolocation (especially geofencing) in the "background" (by kenchris) [geo-background-fencing] [geo-background-tracking] [use-cases]
07:33:06 <anssik> ... this issue has been the go-to place for the community to share their use cases for this feature
07:33:12 <anssik> ... there's currently ~80 comments, up 28% YoY
07:33:32 <anssik> ... I asked Claude for a summary to see if it surfaces some new perspectives
07:33:35 <anssik> -> Summary https://github.com/w3c/geolocation-sensor/issues/22#issuecomment-3492451283
07:33:35 <gb> https://github.com/w3c/geolocation-sensor/issues/22 -> Issue 22 Support geolocation (especially geofencing) in the "background" (by kenchris) [geo-background-fencing] [geo-background-tracking] [use-cases]
07:36:52 <xiaoqian> xiaoqian has joined #dap
07:37:05 <reillyg> scheib: Implementers are currently saturated with other work.
07:37:31 <reillyg> ... We shouldn't land a prototype unless there's a viable path to shipping.
07:37:59 <reillyg> ... Is it a priority right now to do the work? No, Chrome doesn't have a partner for this.
07:38:48 <anssik> RRSAgent, generate minutes
07:38:49 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
07:40:57 <Mek> https://w3c.github.io/geolocation-sensor/#use-cases-background-geofence
07:41:46 <reillyg> PROPOSED RESOLUTION: Move discussion of Background Geolocation use cases into the Geolocation API repo.
07:43:37 <reillyg> RESOLVED: Move discussion of Background Geolocation use cases into the Geolocation API repo.
07:49:56 <reillyg> RESOLVED: Discuss publishing a Discontinued Draft of the Geolocation Sensor API and removing it from group deliverables during rechartering.
07:51:07 <reillyg> RRSAgent, generate the minutes
07:51:08 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html reillyg
07:51:37 <anssik> RRSAgent, generate the minutes
07:51:38 <RRSAgent> I have made the request to generate https://www.w3.org/2025/11/12-dap-minutes.html anssik
09:09:30 <Zakim> Zakim has left #dap
09:10:46 <xiaoqian> xiaoqian has joined #dap