Re: PING summary - 23 March 2017

> On 13 Apr 2017, at 21:11, Christine Runnegar <runnegar@isoc.org> wrote:
> 
> (3) Request for PING review of ODRL Information Model and ODRL Vocabulary & Expression
> 
> https://www.w3.org/TR/odrl-model/
> https://www.w3.org/TR/odrl-vocab/
> 
> There may be a potential to fingerprint based on the intersection of policy settings. A question was also raised as to whether it could be used to capture keystrokes secretly (e.g. via a hidden input field). But, the specification does not log actual keys, it does post-processing; events after text to add/remove has been generated. So, the answer is probably no. There are a series of events after text entry, e.g. events to edit or modify the text (such as add or remove). Use case - people who edit content on Github, blogs, etc.
> 
> We need more information from the spec experts.


Dear PING, the POE WG discussed this at our last teleconference [1].

The ODRL specs are aimed at expressing policies, and hence are not impacted by keystroke logging.

We were not clear on the comment/impact on “fingerprinting”.

We would be happy to answer any followup questions.

Cheers...
Renato Iannella

[1] https://www.w3.org/2017/04/24-poe-minutes <https://www.w3.org/2017/04/24-poe-minutes>

Received on Wednesday, 26 April 2017 02:34:18 UTC