<div dir="ltr">Hi all,<br><div>Here are the notes from today's meeting. They are also stored <a href="https://hackmd.io/@oidf-wg-sse/wg-meeting-20240220">here</a>.</div><div><br></div><div>I realize that the next scheduled meeting is on March 5th, when many of us will be busy at the Gartner IAM summit. I would like to cancel that one and meet on March 19th. I have created a <a href="https://hackmd.io/@oidf-wg-sse/wg-meeting-20240319">notes doc</a> for that meeting with the agenda item from today that we did not get to.</div><div><br></div><div>Atul</div><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><span><div dir="ltr" style="margin-left:0pt" align="left"><table style="border:none;border-collapse:collapse"><colgroup><col width="142"><col width="482"></colgroup><tbody><tr style="height:0pt"><td style="vertical-align:middle;padding:-9.432pt -9.432pt -9.432pt -9.432pt;overflow:hidden"><p dir="ltr" style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><a href="https://sgnl.ai" target="_blank"><span style="font-size:11pt;font-family:"Work Sans",sans-serif;color:rgb(17,85,204);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:137px;height:68px"><img src="https://lh3.googleusercontent.com/aO7jB_JqOxA0tVDXsAotNQnsfEkxEORgtkVnVFrmkR7O8j3B4lbbRsGFuprzQhfDmri2YH8_dnjPiZnGMZxIcT9xRcdY6rYm-xGophLkgvl_v8istAefyh4qkSVINQtPfcmq5BZiKbfFHmursSUHyll1jEWBTd--nw26MIMKd86Br32rGZkvJwnEED_nzQ" width="137" height="68" style="margin-left:0px;margin-top:0px"></span></span></a></p></td><td style="vertical-align:top;padding:5pt 5pt 5pt 5pt;overflow:hidden"><p dir="ltr" style="line-height:1.44;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:"Work Sans",sans-serif;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">Atul Tulshibagwale</span></p><p dir="ltr" style="line-height:1.44;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:"Work Sans",sans-serif;color:rgb(102,102,102);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">CTO </span></p><p dir="ltr" style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><font size="1"><span style="font-family:"Work Sans",sans-serif;color:rgb(17,85,204);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:20px;height:27px"><a href="https://linkedin.com/in/tulshi" target="_blank"><img src="https://lh6.googleusercontent.com/ezm4lDcLtajK4RMqqHALoRgXyaC4HRlw0wWsR2Jvms0V9Wrxr3x5G66zsUrYpRXyeJ3RwLS3GdKUwO0Ui5mXPodSkUx8Xsarf_vj6WlJ05Y1qJoMFTlCZnEgtHvlJ7_7Dr7zWNjkvf3nMW9u1P5ye76SeHgz2QqGQ_rm-sjqYOS-vH1UZL7Yiewi4UO3Qw" width="20" height="27" style="margin-left:0px;margin-top:0px"></a> </span></span><span style="font-family:"Work Sans",sans-serif;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:20px;height:27px"><a href="https://twitter.com/zirotrust" target="_blank"><img src="https://lh6.googleusercontent.com/HAnAvykj318aQf5zTUZkjIJDtwelDecFi5d-idBrpUDBj7aKTdup5Mfia6UIbXTAP46zg7gigNnroQ9he3j81Sf9qCRRSS-w_nZ3oSXJnYLbPlCXgt6IqoifgHXETuJSRvFIZRIdn_aAbtp8ilKFyIVuTXjVe6cNAfXc5KZNwJeYinwfZZxVvHHaR5uIdQ" width="20" height="27" style="margin-left:0px;margin-top:0px"></a> </span></span><a href="mailto:atul@sgnl.ai" target="_blank"><img src="https://lh3.googleusercontent.com/63PpVJLMybZyfD61JVu0TVH_KkP_IhneeBpDNvbd1KeSFJn6KZzWCgp4hFbrTrIxfksYyM-_wOjNKbjEhSQ2khRXVI3XKcwABLNLI_bFjkN0_NgVoijs_nIRcVJKeQm0s0MRdtkUkCOp5Omyv1faqcNiQxGEUyAvmE9HkeeQCeHa-LxleK0oHSAyQrDY6g" width="21" height="21" style="background-color:transparent;color:rgb(0,0,0);font-family:Arial;white-space:pre-wrap;margin-left:0px;margin-top:0px"></a></font></p></td></tr></tbody></table><br></div><div dir="ltr" style="margin-left:0pt" align="left">---</div><div dir="ltr" style="margin-left:0pt" align="left"><br></div><div dir="ltr" style="margin-left:0pt" align="left"><h1 class="gmail-part" id="gmail-WG-Meeting-2024-02-20" title="" aria-describedby="popover142547" style="box-sizing:border-box;margin:0px 0px 16px;font-family:inherit;line-height:1.25;color:inherit;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238)"><span style="box-sizing:border-box">WG Meeting: 2024-02-20</span></h1><h2 class="gmail-part" id="gmail-Agenda" style="box-sizing:border-box;font-family:inherit;line-height:1.25;color:inherit;margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238)"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/9G0fxp20TPePQqPAUvEjxA?view#Agenda" title="Agenda" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Agenda</span></h2><ul class="gmail-part" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">New CAEP Events</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">De-coupling SSF from CAEP / RISC</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"></li></ul><h2 class="gmail-part" id="gmail-Attendees" style="box-sizing:border-box;font-family:inherit;line-height:1.25;color:inherit;margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238)"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/9G0fxp20TPePQqPAUvEjxA?view#Attendees" title="Attendees" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Attendees</span></h2><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Mike Kiser (SailPoint)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul Tulshibagwale (SGNL)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Tom Sato (VeriClouds)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Shayne Miel (Cisco)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Apoorva Deshpande (Okta)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">George Fletcher (Capital One)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Nancy Cam Winget (Cisco)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Ravi Chhetri (VeriClouds)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Stan Bounev (VeriClouds)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Jen Schreiber ()</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Tim Cappalli (Okta)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Sean O'Dell (Disney)</span></li></ul><h2 class="gmail-part gmail-in-view" id="gmail-Notes" style="box-sizing:border-box;font-family:inherit;line-height:1.25;color:inherit;margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238)"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/9G0fxp20TPePQqPAUvEjxA?view#Notes" title="Notes" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Notes</span></h2><h3 class="gmail-part gmail-in-view" id="gmail-New-CAEP-Events" style="box-sizing:border-box;font-family:inherit;line-height:1.25;color:inherit;margin-top:24px;margin-bottom:16px;font-size:1.25em"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/9G0fxp20TPePQqPAUvEjxA?view#New-CAEP-Events" title="New-CAEP-Events" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">New CAEP Events</span></h3><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em"><li class="gmail-" style="box-sizing:border-box;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Apoorva) There's a "session fingerprint" claim. How is it different than the subject of the event</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Apoorva) The "session presented" event: There seem to be a number of use cases, so how do we define the standard claims within that</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Apoorva) If you are changing the UA fingerprint, then you are changing the session, so why do you need another fingerprint</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(George) There may be number of pieces of data that can contribute to building confidence about the session. We need not be prescriptive about what goes into the event</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(George) A cross-channel use case is very interesting. If a user uses one channel to authenticate to another channel, does this help correlate those events</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(George) What are we trying to represent by "session"?</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(George) You need some way to represent a machine identity / non-logged in user activity</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(George) You could say the subject is the "session identifier", but you could still send other signals using the "session established" / "session presented" events</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Shayne) If you are trying to use something to identify the sesion, then those things go into the subject. So the fingerprint is not identifying the session, but presenting some qualities of the session</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Shayne) This might be worth mentioning in the spec</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(George) It is contextual data about the session, as seen at the Transmitter</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Shayne) No algorithm is specified for calculating the fingerprint</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Nancy) There needs to be some semantic on how to calculate and use that value</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Atul) Probably makes sense as a separate claim, so that you can detect the change</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Nancy) We may not want to nail down an algorithm, but we should agree on a semantic interpretation</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Nancy) One more question: IP addresses can rotate or change, so how do we respond to that in this event?</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Tim) People are still using "source address". People want to know, and while it might be a legacy idea, it might still be useful</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(George) All of these are contextual signals. Some person may have a static IP, and if they ever logged in from another place, it would be anomalous. Similarly other contextual data can be used for such detection. We should have a way for adding other contextual data, e.g.: IP address, protocol in use, etc.</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Apoorva) Would the contextual data be used in creating the fingerprint</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Apoorva) Standardizing the claims will help interoperability</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Apoorva) Should there be two separate events?</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Atul) Session established means "I see this user for the first time", whereas a session presented means "I see this user return"</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Shayne) One simple reason for different event types is that there will be a lot of "session presented" events and only a few "session established" event</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Sean) The "session established" can result in more prescriptive action (e.g. SCIM delete)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Sean) Fingerprinting could be a problem for privacy</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(George) Any contextual data will have potential privacy issues. So what do these events mean for consent, policy, etc.</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><span style="box-sizing:border-box">(Sean) We could have a "PPID" that could have better privacy properties</span></li><br class="gmail-Apple-interchange-newline"></ul></div></span></div></div></div>