W3C home > Mailing lists > Public > public-new-work@w3.org > July 2021

[wbs] response to 'Call for Review: Devices and Sensors Working Group Charter'

From: Tantek Çelik via WBS Mailer <sysbot+wbs@w3.org>
Date: Sat, 24 Jul 2021 02:09:01 +0000
To: public-new-work@w3.org
Message-Id: <wbs-a718ba7c2264b332566f77016fd0a384@w3.org>
The following answers have been successfully submitted to 'Call for Review:
Devices and Sensors Working Group Charter' (Advisory Committee) for Mozilla
Foundation by Tantek Çelik.


The reviewer's organization suggests changes to this Charter, and only
supports the proposal if the changes are adopted [Formal Objection].

Additional comments about the proposal:
   As in the previous DAS WG charter review, Mozilla is opposed to
continuing standards track work on a number of the specifications in the
DAS WG for a number of reasons.  Despite our past formal objection to the
DAS WG charter being overridden, we do want to acknowledge that the WG
republished several of the specifications in question as working drafts
(instead of candidate recommendations), which we see as progress towards
reflecting the actual level of maturity of those documents. 

However, as noted in our recent WebAppSec charter review formal objection,
in general we believe that specs should only be put on the standards track
(included as a Working Group deliverable towards a Recommendation) when
there is at least some explicit *interest* from two or more practical (web
impactful) implementations.

We request that specs be dropped that have shown interest from only one
implementer, otherwise we are at risk of a single-implementation spec,
which will only ever serve as documentation (i.e. not an actual open
standard), as we know that monoculture based standards end-up becoming de
facto, based on the one specific implementation’s details, bugs,
interpretations, and not what is written in a specification.

This is not the same as “implementation experience” which was noted as
only being tested in CR to PR, and was given as a reason to reject our
formal objection to the previous DAS WG charter review. Lack of even
*interest* (nevermind implementation testing), and in some cases actual
antipathy, is much worse.

We also request that some specs be dropped for privacy concerns,
(republished as NOTEs), in some cases because we have known privacy
concerns from our own implementation (and unimplementation) experience.

We acknowledge that many of the proposed deliverables contain an explicit
“Security and Privacy Considerations” section with some mitigations,
and this is good progress. There is also acknowledgment in many of their
Status sections that “The Devices and Sensors Working Group is pursuing
modern security and privacy reviews for this specification in consideration
of the amount of change in both this specification and in privacy and
security review practices since the horizontal reviews took place.” In
such cases, we would like to see explicit statement of the date of the most
recent such security and privacy reviews, and non-normative link to the
reviews as well, or an acknowledgment that no such reviews have yet been
completed.

On specific deliverables:

On the the grounds of privacy and insufficient implementer interest and
intent to support, we would like the group to cease work on the following
specifications:
* Battery API
* Proximity sensor API
* Ambient light sensor API
* Geolocation Sensor (see also:
https://mozilla.github.io/standards-positions/#geolocation-sensor)
* Orientation Sensor

For Geolocation Sensor and Orientation Sensor in particular, we still
believe that it would be better to work on improving existing implemented
specifications, and pursue additional declarative approaches rather than
new APIs.

On the grounds of insufficient implementer interest and intent to support,
we would like the group to cease work on the following specifications:
* System Wake Lock API 
* Compute Pressure (see also
https://lists.webkit.org/pipermail/webkit-dev/2021-May/031853.html)

Finally, due to our continued evaluation that this API and approach is
harmful, we rerequest that the Network Information API draft be dropped,
even from being a Tentative Deliverable.
https://mozilla.github.io/standards-positions/#netinfo

We agree with Apple’s objection about including the Contact Picker API.

We have user-surveillance and user-control concerns about the Idle
Detection API. Even with the required 60 second mitigation, it can be used
for monitoring a user’s usage patterns, and manipulating them
accordingly. It should be returned for further incubation.

For reference, our response to the previous DAS WG charter review:
https://lists.w3.org/Archives/Public/public-new-work/2020Jun/0012.html

Thank you for your thoughtful consideration.



Answers to this questionnaire can be set and changed at
https://www.w3.org/2002/09/wbs/33280/das2021/ until 2021-07-23.

 Regards,

 The Automatic WBS Mailer
Received on Saturday, 24 July 2021 02:09:03 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:30:34 UTC