W3C home > Mailing lists > Public > public-credentials@w3.org > April 2015

Re: Overlap with Credentials/Web Payments CG (was Re: CfC to publish a FPWD of Credential Management; ending April 17th.)

From: Wendy Seltzer <wseltzer@w3.org>
Date: Mon, 13 Apr 2015 09:01:17 -0400
Message-ID: <552BBE1D.5000500@w3.org>
To: Mike West <mkwst@google.com>, Manu Sporny <msporny@digitalbazaar.com>, Brad Hill <hillbrad@gmail.com>, Dan Veditz <dveditz@mozilla.com>
CC: "public-webappsec@w3.org" <public-webappsec@w3.org>, Credentials Community Group <public-credentials@w3.org>, Web Payments IG <public-webpayments-ig@w3.org>
On 04/13/2015 04:45 AM, Mike West wrote:
> (Forking the thread for clarity)
> 
> Hi Manu!
> 
> I've put forward this draft of the credential management spec in order to
> seek exactly this sort of feedback from developers. If there are indeed
> technical deficiencies in the spec that make it unsuitable for use cases
> that we ought to support, then we certainly need to change it.
> 
> Indeed, the API proposed in this document is intended to be fairly generic
> (it has ~2 methods) and extensible (by subclassing `Credential`) so as not
> to block future innovation. It would be helpful to understand how exactly
> it blocks you from doing the work you'd like to be doing.
> 
> On Mon, Apr 13, 2015 at 3:44 AM, Manu Sporny <msporny@digitalbazaar.com>
> wrote:
> 
>> On 04/10/2015 04:21 PM, Mike West wrote:
>>> Well, wait no longer! This is a real call for consensus to publish
>>> the following draft of "Credential Management" as a First Public
>>> Working Draft:
>>
>> -1, the spec completely ignores the very substantial work going on in
>> the Credentials CG and the Web Payments IG that is related to the API
>> you're proposing.
>>
> 
> Perhaps the word "credentials" is causing problems; after skimming the
> documents you pointed to, I don't see significant overlap between this spec
> and those groups. Is your concern that we're co-opting the term? Or is
> there something deeper?

Apart from using a common term differently, I don't see much overlap and
hence potential conflict between the different pieces of work. Mike's
WebAppSec draft is certainly not asserting that it is the sole source of
meaning for the term "credential," nor is it saying that web users could
not request or express richer credentials.

> 
> I suggest the Web AppSec Chairs start coordinating w/ the Web Payments
>> IG and the Credentials CG before proposing the publication of this FPWD.
>>
> 
> +Brad, Dan, Wendy.

I'll join this morning's Web Payments IG call and am happy to work to
help resolve the disagreement.

--Wendy

> 
> --
> Mike West <mkwst@google.com>, @mikewest
> 
> Google Germany GmbH, Dienerstrasse 12, 80331 München,
> Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
> Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
> Flores
> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
> 


-- 
Wendy Seltzer -- wseltzer@w3.org +1.617.715.4883 (office)
Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
http://wendy.seltzer.org/        +1.617.863.0613 (mobile)
Received on Monday, 13 April 2015 13:01:22 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:23 UTC