[![W3C][1]][2]

# Device and Sensors Working Group Teleconference

## 20 Apr 2017

[Agenda][3]

See also: [IRC log][4]

## Attendees

Present

    Frederick_Hirsch, Alexander_Shalamov, Tobie_Langel, Anssi_Kostiainen,
Wanming_Lin, Dominique_Hazael-Massieux

Regrets

    Mikhail_Pozdnyakov

Chair

    Frederick_Hirsch

Scribe

    tobie, fjh

## Contents

  * [Topics][5]

    1. [Welcome, scribe selection, agenda review, announcements][6]

    2. [Minutes approval][7]

    3. [FPWD of Orientation Sensor specification and FPWD of Motion Explainer
Note][8]

    4. [HTML Media Capture update][9]

    5. [Screen Orientation API][10]

    6. [Generic Sensor API][11]

    7. [Wake Lock][12]

    8. [Other Business][13]

    9. [Adjourn][14]

  * [Summary of Action Items][15]

  * [Summary of Resolutions][16]

* * *

<tobie> Scribenick: tobie

### Welcome, scribe selection, agenda review, announcements

<fjh> New WDs published for Accelerometer, Gyroscope, Magnetometer ,
[https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/0017.html][17]

<fjh> TPAC F2F planning, please respond before 1 May,
[https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/0014.html][18]

anssik: there might be overlaps, but that's the best effort.

... if we find funding could fjh travel?

fjh: that would really help, however still need to understand if I can go

<fjh> github weekly summary 1 : [https://lists.w3.org/Archives/Public/public-
device-apis/2017Apr/0019.html][19]

<fjh> github weekly summary 2: [https://lists.w3.org/Archives/Public/public-
device-apis/2017Apr/0020.html][20]

<fjh> [https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/0021.html][21]

<fjh> tobie: suggests F2F in Europe outside of TPAC

<fjh> **ACTION:** fjh discuss F2F alternatives/approach with dom [recorded in
[http://www.w3.org/2017/04/20-dap-minutes.html#action01]][22]

<trackbot> Created ACTION-793 - Discuss f2f alternatives/approach with dom [on
Frederick Hirsch - due 2017-04-27].

### Minutes approval

<fjh> Approve minutes from 6 April 2017

<fjh> [https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/att-0013/minutes-2017-04-06.html][23]

<fjh> proposed RESOLUTION: Minutes from 6 April 2017 are approved

**RESOLUTION: Minutes from 6 April 2017 are approved**

### FPWD of Orientation Sensor specification and FPWD of Motion Explainer Note

<fjh> CfC completed successfully [https://lists.w3.org/Archives/Public/public-
device-apis/2017Apr/0022.html][24]

<fjh> **ACTION:** fjh to send transition request for Orientation Sensor
specification and FPWD of Motion Explainer Note [recorded in
[http://www.w3.org/2017/04/20-dap-minutes.html#action02]][25]

<trackbot> Created ACTION-794 - Send transition request for orientation sensor
specification and fpwd of motion explainer note [on Frederick Hirsch - due
2017-04-27].

### HTML Media Capture update

<fjh> CR transition request sent and approved, sent publication request.

fjh: transition request sent and approved; I also sent publication request

### Screen Orientation API

shalamov: was busy with other things. Will do next week

fjh: suggests fwd the message to the group

dom: request was for GH issue

fjh: suggests responding on the list first so the group is aware, noting that
issues will be entered into GH

shalamov: what mailing list?

dom: public-webapps@

### Generic Sensor API

<fjh> ScribeNick: fjh

<tobie> fjh: github summary is super useful. Thanks dom et al.

<tobie> fjh: two questions - concern about security risks with low level APIs
, though you make good argument in email; and permsissions approach

tobie: great that implementers are getting involved with permissions and
security work

... have some stuff available in different places

<scribe> ... new threats keep emerging

tobie: want to first write a paper and discuss and use as basis for moving
forward

... do not have shared understanding of goals, use cases and risks

... material is in various issues, which is why need to pull together; lost
original draft

... discussions on new threats, issues, mechanisms, implementer notes

... re high level versus low level and security - put tighter permissions on
low level APIs

... thus provide incentive for higher level APIs, e.g. fewer user prompts etc

... fingerprinting , eavesdropping using sensors etc - so many threats and
many unexpected. Hard to explain to non-experts

... some sensor use cases need low level access, others might not (e.g.
ambient light).

... different sensors have different use cases, threats and issues

... just starting, need to create shared goals

anssik: tobie will have F2F time with Lucasz next week

tobie: yes, good

<dom> +1 on "permission prompt" being a bad approach

<anssik> +1

tobie: prompting for permissions is bad

<dom> (but that's distinct from binding sensors to a permission system à la
Permission API)

fjh: right, just train users to say yes to prompts

tobie: would like more conversations with Google implementers working on
security

... on this topic

fjh: do we need a workshop?

... @dom does this sound like a W3C workshop?

tobie: mistake to assume magic number for security, like sensor frequency of
60Hz, need to understand use cases

fjh: propose workshop of security and permissions on sensors - focus might be
good, ratther than generic F2F

dom: had a F2F similar to this in Paris

... in 2015?

fjh: might be worth doing again, first look at what the result of the earlier
workshop was

<anssik> [https://www.w3.org/2014/07/permissions/][26]

dom: new workshop on new threats, new lessons, new work

fjh: +1

[https://www.w3.org/2014/privacyws/][27]

<dom> [https://www.w3.org/2014/07/permissions/minutes.html][28]

tobie: lacking work now on permissions API, not a priority

... concern

fjh: can make permissions a priority if we get interest and agreement on goals
at workshop

tobie: issues arise, e.g. revocation of permissions, policy; there is a whole
ecosystem of work to consider

<scribe> **ACTION:** fjh to review outcome of W3C Workshop on trust and
permissions for web applications [recorded in [http://www.w3.org/2017/04/20
-dap-minutes.html#action03]][29]

<trackbot> Created ACTION-795 - Review outcome of w3c workshop on trust and
permissions for web applications [on Frederick Hirsch - due 2017-04-27].

dom: rough agreement on this?

<tobie> dom: I'll start conversation internally

fjh: think useful to consider this as part of the conversation of whether to
have a F2F

dom: need to answer the question as to why another workshop and what is new

<dom> **ACTION:** Dom to look at potential for a permissions-oriented w3c
meeting/workshop [recorded in [http://www.w3.org/2017/04/20-dap-
minutes.html#action04]][30]

<trackbot> Created ACTION-796 - Look at potential for a permissions-oriented
w3c meeting/workshop [on Dominique Hazaël-Massieux - due 2017-04-27].

<scribe> **ACTION:** tobie to provide a list of important questions and
concerns that need answers - for which a workshop might help [recorded in
[http://www.w3.org/2017/04/20-dap-minutes.html#action05]][31]

<trackbot> Created ACTION-797 - Provide a list of important questions and
concerns that need answers - for which a workshop might help [on Tobie Langel
- due 2017-04-27].

<anssik> [https://w3c.github.io/permissions/][32]

### Wake Lock

<scribe> ScribeNick: tobie

<anssik> [https://github.com/w3c/permissions][33]

fjh: wakelock API had an issue with secure context

dom: spec was re-written based on TAG feedback

... TAG was happy with proposed changes

... I saw old issue with secure context which needed to be revisited

fjh: seems like an issue we could easily fix

... should we ping Andrej?

... we'll just leave it in the minutes

### Other Business

<fjh> none

<fjh> Thanks everyone

<fjh> good call

### Adjourn

<fjh> Note we discussed F2F issues with Dom on call so no need for follow up
action

<fjh> ACTION-793: discussed during teleconference

<trackbot> Notes added to ACTION-793 Discuss f2f alternatives/approach with
dom.

<fjh> close ACTION-793

<trackbot> Closed ACTION-793.

## Summary of Action Items

**[NEW]** **ACTION:** Dom to look at potential for a permissions-oriented w3c
meeting/workshop [recorded in [http://www.w3.org/2017/04/20-dap-
minutes.html#action04][34]]

**[NEW]** **ACTION:** fjh discuss F2F alternatives/approach with dom [recorded
in [http://www.w3.org/2017/04/20-dap-minutes.html#action01][35]]

**[NEW]** **ACTION:** fjh to review outcome of W3C Workshop on trust and
permissions for web applications [recorded in [http://www.w3.org/2017/04/20
-dap-minutes.html#action03][36]]

**[NEW]** **ACTION:** fjh to send transition request for Orientation Sensor
specification and FPWD of Motion Explainer Note [recorded in
[http://www.w3.org/2017/04/20-dap-minutes.html#action02][37]]

**[NEW]** **ACTION:** tobie to provide a list of important questions and
concerns that need answers - for which a workshop might help [recorded in
[http://www.w3.org/2017/04/20-dap-minutes.html#action05][38]]


## Summary of Resolutions

  1. [Minutes from 6 April 2017 are approved][39]

[End of minutes]

* * *

Minutes formatted by David Booth's [scribe.perl][40] version 1.144 ([CVS
log][41])

$Date: 2015/11/17 08:39:34 $

   [1]: https://www.w3.org/Icons/w3c_home

   [2]: http://www.w3.org/

   [3]: https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/0018.html

   [4]: http://www.w3.org/2017/04/20-dap-irc

   [5]: #agenda

   [6]: #item01

   [7]: #item02

   [8]: #item03

   [9]: #item04

   [10]: #item05

   [11]: #item06

   [12]: #item07

   [13]: #item08

   [14]: #item09

   [15]: #ActionSummary

   [16]: #ResolutionSummary

   [17]: https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/0017.html

   [18]: https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/0014.html

   [19]: https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/0019.html

   [20]: https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/0020.html

   [21]: https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/0021.html

   [22]: http://www.w3.org/2017/04/20-dap-minutes.html#action01]

   [23]: https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/att-0013/minutes-2017-04-06.html

   [24]: https://lists.w3.org/Archives/Public/public-device-
apis/2017Apr/0022.html

   [25]: http://www.w3.org/2017/04/20-dap-minutes.html#action02]

   [26]: https://www.w3.org/2014/07/permissions/

   [27]: https://www.w3.org/2014/privacyws/

   [28]: https://www.w3.org/2014/07/permissions/minutes.html

   [29]: http://www.w3.org/2017/04/20-dap-minutes.html#action03]

   [30]: http://www.w3.org/2017/04/20-dap-minutes.html#action04]

   [31]: http://www.w3.org/2017/04/20-dap-minutes.html#action05]

   [32]: https://w3c.github.io/permissions/

   [33]: https://github.com/w3c/permissions

   [34]: http://www.w3.org/2017/04/20-dap-minutes.html#action04

   [35]: http://www.w3.org/2017/04/20-dap-minutes.html#action01

   [36]: http://www.w3.org/2017/04/20-dap-minutes.html#action03

   [37]: http://www.w3.org/2017/04/20-dap-minutes.html#action02

   [38]: http://www.w3.org/2017/04/20-dap-minutes.html#action05

   [39]: #resolution01

   [40]: http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm

   [41]: http://dev.w3.org/cvsweb/2002/scribe/