re PING @ IETF 97

Hi all,

Thank you to those who were able to make the PING and friends get-together yesterday in Seoul.

We had an informal discussion about various items:

(1) User Data Controls in Web Browsers

https://gist.github.com/mnot/96440a5ca74fcf328d23


This is Mark Nottingham’s draft. You may have heard it described as the “private browsing mode” draft. It has already been used by a couple of WGs to evaluate their own specifications. Mark is welcoming comments. Additionally, we discussed the possibility of PING adopting the draft with the aim of ultimately publishing it as a PING Group Note.

This is timely, especially given the discussion at TPAC and the follow-up conversation raised by David.

Next steps: We will add this to the agenda for the next call. In the meantime, please review the draft and share your comments on this list.

(2) Mitigating Browser Fingerprinting in Web Specifications

https://w3c.github.io/fingerprinting-guidance/


It’s really time we move this toward becoming a PING Group Note. Look for a separate note on this.

(3) Privacy questionnaire

We have been receiving increasing numbers of requests to conduct privacy reviews of specifications. Our PING resources do not scale to this. So, we really need to devote our core effort to getting this out the door. I’m looking for volunteers to work with me on the draft in December. 

(4) Secure Contexts

Secure Contexts is now a Candidate Recommendation
https://www.w3.org/TR/secure-contexts/


(5) Some ideas for increasing PING outreach

- reach out to browsers like Brave, Ghostery 
- raise public awareness of Web privacy issues (i.e. beyond Web specification authors)

(6) Other items

Deprecate modification of 'secure' cookies from non-secure origins
https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone-01


Double-keying third-party cookies and tracking
https://github.com/httpwg/http-extensions/issues/248


Christine (co-chair)

Received on Friday, 18 November 2016 02:39:31 UTC