[saag] IAB Privacy and Security program meeting
Ted Hardie <ted.ietf@gmail.com> Wed, 20 July 2016 14:15 UTC
Return-Path: <ted.ietf@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C36F12D7B0 for <saag@ietfa.amsl.com>; Wed, 20 Jul 2016 07:15:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nUI_2SpCjZsq for <saag@ietfa.amsl.com>; Wed, 20 Jul 2016 07:15:10 -0700 (PDT)
Received: from mail-oi0-x236.google.com (mail-oi0-x236.google.com [IPv6:2607:f8b0:4003:c06::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E50712D66E for <saag@ietf.org>; Wed, 20 Jul 2016 07:15:10 -0700 (PDT)
Received: by mail-oi0-x236.google.com with SMTP id l72so73140175oig.2 for <saag@ietf.org>; Wed, 20 Jul 2016 07:15:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=OFInwQPW4+tZdunu49labXGK6zNB7HFP3UQKQk2pZ+c=; b=ZTH0wl6XxRfcPVaZFCIjaDGXF0dpOhYNgikGMGhpl6sE8gKEwj3JKRSY8j7UJFBjPZ CrTeZaOizJFaRDbCQC3KP6Vn9P/z4xtQBcjU2Mn7ytjn+KjyDNc4vhWXQXSbTEnYBc5h PUBTW8ApwE7neaI7rQTsCHA5r5lNRZAUQ7EJqkTTE111I5s+jihGUAY+HnIgvvedePiz ffkDLc/H0nUEKahcVZRnVahbiHXgf6wqRWdA4Uz+ifRaww7mjqgqtbt1hC1sRpK4Oc7n l2bk+ClfyO3piP/6YW2i2hRrnRmOS5njKKGReNIQro0L9lK1gHbv5GWb1GadOlBKtaan 9p6A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=OFInwQPW4+tZdunu49labXGK6zNB7HFP3UQKQk2pZ+c=; b=Gu24TEkHh10yGl4d5eA9eDBLFuFTTU0CN8MNxHzHTZSQASAWic5oyAFhebTH6NJ8dB 7/ve7CDer5fMOsKovCentIo9rrdyYW+GPhd8WLC6rkKx190SREDxPNUZMHHuPrBv1wBY RBYqrzn6FVUyt3WEjvQPlrxKiQy9upKn9Sz/QkjqMTYEP44ZiGbbJ5+H7J6N1wBLzDEz 2DpNa6cuGD5pCXuqQv9TAsBbl87P+gIKuv2c2+aJpVOCmlOfYSo9LNP/U7VcdkJC+qiW P7WH8WeggLUvU7Li4J9KYBIjaUReK/tfsrChIC4HU/6syrWe6u2SEhxyrs76FBKXDq8e 4WRg==
X-Gm-Message-State: ALyK8tI/zWUqBx0R+h7rWX+ahs863YD1NA+DgEIvlKgEARkmbQW3+/9AZ8tYQsGYzv3ymQ8Q3xexnn9onkoM3Q==
X-Received: by 10.157.51.49 with SMTP id f46mr27731065otc.40.1469024109154; Wed, 20 Jul 2016 07:15:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.202.222.213 with HTTP; Wed, 20 Jul 2016 07:14:39 -0700 (PDT)
From: Ted Hardie <ted.ietf@gmail.com>
Date: Wed, 20 Jul 2016 16:14:39 +0200
Message-ID: <CA+9kkMDF_djOWJGmuh0r_9AVCpjgA-FGWk_OAC8w0Zf7q5c6Nw@mail.gmail.com>
To: "saag@ietf.org" <saag@ietf.org>
Content-Type: multipart/alternative; boundary="001a113d0ece315c34053811d4a3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/1XbPlStvo9pnDK0rH6p18WLvfM4>
Subject: [saag] IAB Privacy and Security program meeting
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jul 2016 14:15:13 -0000
Howdy, The IAB program on privacy and security met Monday. After the meeting, we expect a major update to draft-iab-web-pki-problems-02, narrowing its scope substantially. We also anticipate soliciting reviews on the draft from saag with the next revision. The group also discussed draft-hardie-privsec-metadata-insertion and believes that its advice might be best incorporated into RFC 3552bis, if there should be IETF consensus on the advice. We will send text to the editors as a next step. The group also agreed to volunteer as a guinea pig audience for future privacy training as part of the EDU team's program for IETF 97. The group then discussed the general topic of "identifier lifecycle management", with a focus on describing design patterns for avoiding identifier leakage and linkability. A small document team for that has come together. Lastly, the group agreed to review https://www.w3.org/TR/fingerprinting-guidance/ both to provide feedback and to consider a companion document related to technologies outside the web. The description of the program is here: https://www.iab.org/activities/programs/privacy-and-security-program/ regards, Ted Hardie