EPUB 3 Working Group Telco — Minutes
Date: 2022-02-03
See also the Agenda and the IRC Log
Attendees
Present: Dave Cramer, Toshiaki Koike, Masakazu Kitahara, Shinya Takami (高見真也), Matthew Chan, Matt Garrish, Brady Duga, Wendy Reid
Regrets: Ben Schroeter
Guests:
Chair: Dave Cramer
Scribe(s): Matthew Chan
Content:
- 1. Review Privacy and Security PR.
- 2. Updates to Obfuscation.
- 3. Discuss Security feedback.
- 4. AOB?.
- 5. Resolutions
Dave Cramer: today we are going to continue the talk about security and privacy issues.
1. Review Privacy and Security PR.
See github pull request epub-specs#1972.
Dave Cramer: first the big PR of the updated security and privacy section.
Dave Cramer: https://pr-preview.s3.amazonaws.com/w3c/epub-specs/pull/1972.html#sec-security-privacy.
Dave Cramer: https://raw.githack.com/w3c/epub-specs/update/privacy-security/epub33/rs/index.html.
Dave Cramer: here are previews of both Core and RS.
… there have been many changes to this recently.
Matt Garrish: since the last call I’ve pulled out some of the normative sounding stuff in the privacy and security section, e.g., scripting.
… there’s now 2 new sections under part 2 - 1 about network access (methods to indicate and stop network access), 2 opening external links in a browser.
… took scripting stuff and moved it back to the scripting section.
… there were a couple statements that could be normative which were in fact made normative - DOM events, and user control of stored data.
… the security and privacy section was not really edited otherwise.
Dave Cramer: https://raw.githack.com/w3c/epub-specs/update/privacy-security/epub33/rs/index.html#sec-epub-rs-network-access.
Matt Garrish: reflecting push from last call of making the things that could be normative actually normative.
Dave Cramer: super helpful, thank you.
… link to network access section of RS spec.
… and right next to that is external links (‘RS should open external links in browser to use browser’s security features’).
… and these sound testable.
… comments?.
… how close is this to what existing RS are doing now?.
Wendy Reid: we (Kobo) pass.
Brady Duga: Google passes.
Shinya Takami (高見真也): I will ask JP participants in Japanese.
… [addresses JP members].
… we’ve discussed with reps from Voyager (browser based RS).
… Voyager does not support scripting, but they do support remote resources.
… so we think the additional normative requirements are acceptable for the JP market.
Brady Duga: do the external links open in a new browser window (i.e. new browser context)?.
Shinya Takami (高見真也): i will confirm.
… [addresses in JP].
… another browser window will pop-up to view the link.
Dave Cramer: mgarrish do you think this is now in a place where we can merge it?.
Matt Garrish: yes, a lot of this existed prior anyway. We’re just making it normative. I would merge now..
… i think Ivan’s last comment said he was happy with it now.
Proposed resolution: Merge PR 1972. (Wendy Reid)
Wendy Reid: +1.
Shinya Takami (高見真也): +1.
Matthew Chan: +1.
Brady Duga: +1.
Dave Cramer: +1.
Matt Garrish: +1.
Masakazu Kitahara: +1.
Toshiaki Koike: +1.
Resolution #1: Merge PR 1972.
Dave Cramer: any general comments on this before we move on?
2. Updates to Obfuscation.
See github pull request epub-specs#1980.
See github issue epub-specs#1873.
Dave Cramer: this is the PR. There’s a lot of discussion in the related issue..
… we’ve made a bunch of fixes to this.
… npd asked if we could explain harms of font obfuscation techniques, i.e., interop issues, opacity for end users inspecting what they are reading.
… but i’ve never had to inspect font file of epub i’m reading, so i’m not on board with that.
… could create liability for RS.
… but i’m not aware of legal issues, or threat of legal issues.
Brady Duga: i’m skeptical of even mentioning legal issues without explicit guidance from lawyers.
… even the caution that we’re currently proposing, not sure what legal implications we are hinting at with that.
… if I was concerned about legal issues, I would consult my legal team rather than getting it from a spec.
Dave Cramer: i share this concern.
Matt Garrish: yeah, i struggled to come up with a caution that was meaningful.
… there was talk about DMCA.
… there are probably legal issues all over the place, so why pick just one.
… i’m not strongly in favor of this, so I would be okay with removal.
… stuff on content side is a little less controversial.
Dave Cramer: and some of the other limitations are legitimate.
… there can be real interop problems, etc..
Wendy Reid: +1 to general caution.
Brady Duga: i’m fine with the general caution.
Dave Cramer: mgarrish can you just remove the legal reference?.
Matt Garrish: yes.
Brady Duga: one other language issue about “designed to break the obfuscation”.
… you’re not breaking the obfuscation because its a well defined algorithm.
Wendy Reid: “deobfuscate”.
Brady Duga: “intentionally make available”?.
Matt Garrish: agree.
… on the RS side, do we leave it as SHOULD, or should be go back to MUST support deobfuscation?.
Brady Duga: fine with having it as SHOULD support deobfuscation.
Dave Cramer: fine with leaving it at SHOULD, this is not a core feature.
Proposed resolution: Remove the legal reference from PR 1980, and merge 1980. (Wendy Reid)
Shinya Takami (高見真也): +1.
Wendy Reid: +1.
Toshiaki Koike: +1.
Matthew Chan: +1.
Brady Duga: +1.
Masakazu Kitahara: +1.
Dave Cramer: +1.
Resolution #2: Remove the legal reference from PR 1980, and merge 1980.
3. Discuss Security feedback.
Dave Cramer: See last meeting’s discussions.
Dave Cramer: last meeting we had npd join us to talk through all this.
… and i think we’ve already implemented some of the suggestions that came up (i.e. moving some of the normative sounding assertions out of the section, making them normative).
Wendy Reid: is there any remaining thing we still need to address, or are we ready to go back to PING and ask for new review?.
Dave Cramer: there were questions at the end of the call about the EPUBReadingSystem
object.
Wendy Reid: its common for websites to look at which browser/OS combo users are on.
… there are websites that say ‘sorry, this only works on Chrome’ or whatever, but no real equivalent where certain epubs only work on specific RSes.
Matt Garrish: isn’t some of this already covered? The issue here is relaying info out via script.
… the things in scripting section about user consent, etc. seems applicable.
… not sure why the EPUBReadingSystem object is special case.
Wendy Reid: agree, there is coverage in other areas we discussed.
Matt Garrish: what are we worried that people will do with this? What is the risk of revealing the UA?.
Wendy Reid: if content creators were using that in any way there would be more mobile friendly books.
Dave Cramer: the reality now is that the people who make the epubs don’t really know who read them.
… not seeing what action we could take here.
… feels like we’ve gotten feedback from PING, and we’ve addresses those discussions in these PRs, and will merge them.
… we can let them tell us if this is satisfactory, or if we need to go for another round of discussion.
… this is progress.
… thanks to wendyreid and mgarrish.
4. AOB?.
Wendy Reid: there’s a new CG. Interactive Media CG. They are exploring intersection of media, interactivity, and content. e.g. Games on the web.
… they’ve reached out to synced media, so i suggested they talk to Publishing as well.
… i will share in the mailing list.
Dave Cramer: and we’re getting closer to CR.
… cool, thank you everyone for your time, we’ll see everyone next week.
5. Resolutions
- Resolution #1: Merge PR 1972.
- Resolution #2: Remove the legal reference from PR 1980, and merge 1980.