Dear TF members, Here are the minutes from our last call. Cheers, Boris *** Tuesday, 26 September 2023 17:00 (UTC+2) Attendees: Maarten Aertsen, Farzaneh Badii, Shane Kerr, Andronikos Kyriakou, Tim Wicinski, János Zsakó Scribe: Boris Duval -- RFC 8932 Maarten drafted a text referring to RFC 8932 (DNS Privacy Service Operators), mentioning that the task force's advice was to apply this RFC at a specific level (minimum compliance). The text also deals with how to structure a meaningful privacy statement, a topic that has been raised at previous meetings. As far as QNAME minimization is concerned, this RFC should also cover it. -- Dealing with obsolete references The task force discussed how to deal with references in the document that might be obsolete in the future and decided to add a reader warning to this effect. This warning could also cover other topics such as staff training. Maarten volunteered to draft this text. -- Certifications The task force discussed referencing ISO 27001 or equivalent standards as best practice. The task force agreed in principle, but still needs to work out how to reference them in the document. -- Human right principles Farzaneh told the task force that Cloudflare and Quad9 were mentioning human rights principles in their privacy practices. The task force agreed to point out that some operators have made commitments to human rights in general in the document. Farzaneh volunteered to draft this text. -- Audits Farzaneh said that some operators, such as Cloudfare, have been audited for privacy. The task force felt that it would be good to make a reference to this in the document, but that operators shouldn't be pushed to do audits because of certain limitations. Farzaneh volunteered to draft this text. -- Wording of the filtering section Farzaneh worked on a new wording for the filtering section, which she will send to the task force for review. -- Blocking practices Farzaneh spoke about blocking practices, referring to MLATs (Mutual Legal Assistance Treaties) - requests to block another country. The task force said that this could be mentioned in the document at a high-level pointing out to a few examples. Farzaneh volunteered to draft this text. -- Transparency reports Farzanaeh mentioned transparency reports for operators. The task force agreed that it could be mentioned as best practices. -- Community blocklist Farzaneh raised the topic of blocklists and asked whether the task force should make any recommendations. Recommendations could include that blocklists should be monitored by third parties, that blocked individuals should have the right to appeal, and that periodic reviews should be carried out to ensure that no one is blocked by mistake. The level of detail regarding blocklists should be defined before being incorporated into the document.