Add Security and Privacy Self-Review Questionnaire

[anssiko]

This is a prerequisite for Privacy and Security reviews: https://www.w3.org/Guide/documentreview/#how_to_get_horizontal_review

@rakuco @reillyeon given you're on top of this specification I'm expecting you to help fill in this questionnaire. I pre-populated this doc with some content to help get the work started. I don't claim those responses to be complete or even accurate so I seek your expert review. Thank you for your contributions.

#125 is complementary material to help guide reviewers. I acknowledge that this specification last time reached its CR maturity in 2016 and at that time this self-assessment was not required, and we don't have a prior record. However, we have completed these reviews and done self-assessment for the Generic Sensor family of specs in 2018 which can be reused for its applicable parts for this review. I provided links to those self-assessments in this doc.

[reillyeon]

Looks good with some minor changes.

[anssiko]

Much thanks @reillyeon for your contributions.

This PR welcomes further review and contributions from other interested contributors with an understanding the holiday season is about to start. Thus I'd propose we don't rush this and revisit in January.

[anssiko]

@rakuco PTAL at your convenience.

[anssiko]

@lknik @maryammjd @toreini we acknowledge your deep domain expertise could help further improve this self-assessment response before we ship it to the Privacy Interest Group for review. You are of course welcome to provide your feedback also through the PING review mechanism. Thank you for your contributions that enable the WG to deliver privacy-preserving Web APIs.

[lknik]

Update 2.11 in Security and Privacy Self-Review Questionnaire

@anssiko

Looks good to me. I'd just wonder about "Minor manufacturing imperfections and differences unique to the underlying platform and the sensor hardware in the hosting device can be detected through readings over time."

Is it really possible with reduced precision? Perhaps change from "can be" to "might be"?

[anssiko]

Perhaps change from "can be" to "might be"?

@lknik thanks, that is a better wording for this. Updated the PR in f9c6e3a

[toreini]

Hi Anssi,
I read through the document. It generally looks fine to me. One item that I think could be mentioned is the communication channel in 2.3. As it contains PII data a mention of that could help, something like -> a secure communication channel is recommended.

If you think it is too obvious to mention, leave it though.

Cheers,
Ehsan

[anssiko]

@toreini thanks for your feedback. Your suggestion has been incorporated. I reworded it slightly, see 50ab599

See also https://www.w3.org/TR/security-privacy-questionnaire/#secure-contexts

[toreini]

Thanks @anssiko ! Yes, I know this exists, but thought it would clarify better if reiterated in the questionnaire. :)

[anssiko]

With review from multiple WG participants, including the WG's privacy domain experts (thanks @lknik @toreini!), I consider this PR is ready to be merged.

I expect us to continue refine this doc based on review feedback from TAG, PING and Security reviewers. Further contributions are welcome via new PRs.

[rakuco]

My apologies for the late review.

Question 2.13, the one about different behavior in first-party and third-party contexts, did get me thinking, so I've filed #135 to mention that the Permissions Policy integration affects third-party contexts. I've also filed #133 to track a mismatch between the current S&P normative requirements and the Permissions Policy integration we have.