W3C home > Mailing lists > Public > public-privacy@w3.org > July to September 2017

Re: PING: next teleconference - 27 July 2017 - UTC 16

From: Nick Doty <npdoty@ischool.berkeley.edu>
Date: Wed, 26 Jul 2017 14:03:40 -0500
Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-Id: <5BF0425C-CF14-4DA4-8908-712DA4A1604B@ischool.berkeley.edu>
To: Tara Whalen <tjwhalen@gmail.com>
I'm traveling, but I'll try to join at least on the phone and hopefully on IRC as well.

I'm pleased to see a Security and Privacy Considerations section already present in the TTML Working Draft:
https://www.w3.org/TR/2017/WD-ttml2-20170630/#security-and-privacy <https://www.w3.org/TR/2017/WD-ttml2-20170630/#security-and-privacy>

Some thoughts/questions:
* does use of TTML reveal to the server/provider of the content that the user is making use of the Timed Text? might that reveal that the user requires accessibility features? in more detail, does the processing based on user language, media queries or other features reveal particular details about the user's configuration of the TTML content processor?
* fetching of external resources (images, fonts, audio, etc.) is one part of the TTML functionality, but the security/privacy considerations are listed as out of scope. Are their other documents that cover those requirements? Do fetches follow the Fetch spec, follow CORS, have basic CSRF protections, etc?
* Timed Text seems to inherently reveal where in the timed content the user currently is. I imagine this is similar to existing functionality in video players, but are there any other parties that can determine where I am in a current video based on when external resources are fetched or based on the display of the TTML content?


> On Jul 24, 2017, at 11:17 PM, Tara Whalen <tjwhalen@gmail.com> wrote:
> Hello all,
> Our next call will be this Thursday 27 July 2017 at UTC 16.
> Proposed agenda:
> 1. Privacy review request: Timed Text Markup Language 2 (TTML2)
> Presentation by Nigel Megitt, co-chair, TTWG
> Working draft: https://www.w3.org/TR/2017/WD-ttml2-20170630/ <https://www.w3.org/TR/2017/WD-ttml2-20170630/>
> 2. PING F2F at IETF 99
> 3. AOB
> Call details:
> https://mit.webex.com/mit/j.php?MTID=ma6877c08b5312f6f61599ee0676b9120 <https://mit.webex.com/mit/j.php?MTID=ma6877c08b5312f6f61599ee0676b9120>
> +1 617-324-0000
> meeting number: 316 409 766
> IRC in the #privacy room.
>     • Server: irc.w3.org <http://irc.w3.org/>
>     • Username: <your name>
>     • Port: 6667 or 6665
>     • Channel: #privacy
> Christine and Tara

Received on Wednesday, 26 July 2017 19:04:10 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 26 July 2017 19:04:10 UTC