Deweaponize 'all known'

[AramZS]

This will be brought up in next month's meeting.

[npdoty]

"all known" is in the charter template, fwiw.

I agree that it should generally be improved in the template, for example to include mitigations and not just documentation of implications. I don't know that removing "all known" is very important, though. It doesn't take that much text to refer to implications, and it's the ones known by the WG that must be documented.

[chrisn]

What's the purpose in removing "all known"? It opens the door to the WG choosing not to document vulnerabilities that it knows about, which would be an undesirable outcome.

[seanturner]

@chrisn I suggested removing it because I think it could also go the other way and a proposal could be held hostage - I know x but you don't. Mind you, I would like to think this is pretty far fetched just like I think it's pretty far fetched that not having those words gives us an out to quietly, or otherwise, neglect to document security/privacy considerations. Given the participants, I would very much suspect that purposely omitting a known security/privacy considerations would sit well. And, I tend to think less is more here.

[chrisn]

I agree, and would prefer not to see a change to the charter to allow for a situation that you describe as far-fetched.

[chrisn]

I'm surprised to see this merged where there's a clear absence of consensus, and no attempt made to resolve.

[AramZS]

@chrisn We did do a wider consensus call on the teleconference on this topic and found consensus after discussion there. See: https://github.com/patcg/meetings/blob/main/2023/05/02-telecon/README.md#review-wg-charter-prs

[chrisn]

Consensus should extend beyond those able to make specific teleconferences.

[martinthomson]

So this could be used to force the WG to document ridiculous vulnerabilities. I don't see why you couldn't use another basis to object to a document that failed to capture vulnerabilities you thought important.

[chrisn]

The concern I have is that removing "all known" reduces the emphasis in the group to review and document security and privacy concerns. This is especially important in the design of new privacy related technologies.

Any privacy concerns raised to the group should be carefully reviewed and documented. Similar with potential security vulnerabilities.

So it's not clear to me what this change to the charter is achieving, other than giving the group the ability to not document something, while pointing to the charter to say "well, we don't have to cover everything..." That seems an undesirable outcome.

[AramZS]

@chrisn Our mission and scope text makes it very clear that we intend to review and document security and privacy concerns extensively. There is nothing stopping either internal reviewers in the group or the extensive horizontal review process within the W3C from rejecting a draft on the basis of privacy problems. Our concern, as has been stated by other folks on this thread, is that "all" presents a high potential for disruption.

[chrisn]

I see, I remain unconvinced that adjusting the charter in this way reduces potential for disruption. After all, W3C has mechanisms to object to decisions and escalate those, should the objector feel strongly enough.

[samuelweiler]

@martinthomson The charter template change was reverted. Any objection to rolling back this change to again match the template?

[martinthomson]

no