- From: Frederick Hirsch via cvs-syncmail <cvsmail@w3.org>
- Date: Thu, 13 Jan 2011 17:58:52 +0000
- To: public-dap-commits@w3.org
Update of /sources/public/2009/dap/policy-reqs
In directory hutz:/tmp/cvs-serv17284
Modified Files:
WD-src.html WD.html
Log Message:
update sotd
Index: WD.html
===================================================================
RCS file: /sources/public/2009/dap/policy-reqs/WD.html,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- WD.html 13 Jan 2011 17:50:38 -0000 1.10
+++ WD.html 13 Jan 2011 17:58:50 -0000 1.11
@@ -31,11 +31,20 @@
<dd><span>Dominique Hazaël-Massieux</span>, W3C</dd>
</dl><p class="copyright"><a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a> © 2011 <a href="http://www.w3.org/"><acronym title="World Wide Web Consortium">W3C</acronym></a><sup>®</sup> (<a href="http://www.csail.mit.edu/"><acronym title="Massachusetts Institute of Technology">MIT</acronym></a>, <a href="http://www.ercim.eu/"><acronym title="European Research Consortium for Informatics and Mathematics">ERCIM</acronym></a>, <a href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>, <a href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a> and <a href="http://www.w3.org/Consortium/Legal/copyright-documents">document use</a> rules apply.</p><hr></div>
<div id="abstract" class="introductory section"><h2>Abstract</h2>
- With the emergence of numerous new APIs in Web browsers and runtime engines, the need to control which Web sites and applications can make use of these APIs increases. This document describes use cases and requirements for controlling access to these APIs.
+ With the emergence of numerous new APIs in Web browsers and
+ runtime engines, the need to control which Web sites and
+ applications can make use of these APIs increases. This document
+ describes use cases and requirements for controlling access to
+ these APIs.
</div><div id="sotd" class="introductory section"><h2>Status of This Document</h2><p><em>This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the <a href="http://www.w3.org/TR/">W3C technical reports index</a> at http://www.w3.org/TR/.</em></p>
This document is not normative. The Working Group expects to evolve
this document further and will eventually publish a stable
- version as a Working Group Note.
+ version as a Working Group Note. This version is an update of
+ the previous version of his note, modified to present the material
+ using "user
+ stories" and associating requirements with those use cases. This
+ version also adds informative references and is revised to not
+ assume a specific mechanism to meet the requirements.
<p>This document was published by the <a href="http://www.w3.org/2009/dap/">Device APIs and Policy Working Group</a> as a Note. If you wish to make comments regarding this document, please send them to <a href="mailto:public-device-apis@w3.org">public-device-apis@w3.org</a> (<a href="mailto:public-device-apis-request@w3.org?subject=subscribe">subscribe</a>, <a href="http://lists.w3.org/Archives/Public/public-device-apis/">archives</a>). All feedback is welcome.</p><p>Publication as a Note does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.</p><p>This document was produced by a group operating under the <a href="http://www.w3.org/Consortium/Patent-Policy-20040205/">5 February 2004 W3C Patent Policy</a>. W3C maintains a <a href="http://www.w3.org/2004/01/pp-impl/43696/status" rel="disclosure">public list of any patent disclosures</a> mae in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains <a href="http://www.w3.org/Consortium/Patent-Policy-20040205/#def-essential">Essential Claim(s)</a> must disclose the information in accordance with <a href="http://www.w3.org/Consortium/Patent-Policy-20040205/#sec-Disclosure">section 6 of the W3C Patent Policy</a>.</p></div><div id="toc" class="section"><h2 class="introductory">Table of Contents</h2><ul class="toc"><li class="tocline"><a href="#introduction" class="tocxref"><span class="secno">1. </span>Introduction</a><ul class="toc"><li class="tocline"><a href="#defs" class="tocxref"><span class="secno">1.1 </span>Definition</a></li></ul></li><li class="tocline"><a href="#interactions" class="tocxref"><span class="secno">2. </span>Access Control Interactions</a><ul class="toc"><li class="tocline"><a href="#userconsent" class="tocxref"><span class="secno"2.1 </span>Granular User Consent</a><ul class="toc"><li class="tocline"><a href="#userconsent-story-1" class="tocxref"><span class="secno">2.1.1 </span>User Story: Unknown restaurant Web site</a></li><li class="tocline"><a href="#userconsent-story-2" class="tocxref"><span class="secno">2.1.2 </span>User Story: Widget of unknown source using the camera</a></li><li class="tocline"><a href="#userconsent-rqmts" class="tocxref"><span class="secno">2.1.3 </span>Requirements</a></li></ul></li><li class="tocline"><a href="#grouped-permissions" class="tocxref"><span class="secno">2.2 </span>Grouped permissions</a><ul class="toc"><li class="tocline"><a href="#grouped-permissions-story1" class="tocxref"><span class="secno">2.2.1 </span>User Story: Web application for email</a></li><li class="tocline"><a href="#grouped-permissions-rqmts" class="tocxref"><span class="secno">2.2.2 </span>Requirements</a></li></ul></li><li class="tocline"><a href="#delegated-authority-case" class="tocxref"><span class="secno">2.3 </span>Dlegated Authority</a><ul class="toc"><li class="tocline"><a href="#delegated-authority-story1" class="tocxref"><span class="secno">2.3.1 </span>User Story: Enterprise-level ban on geolocation</a><ul class="toc"><li class="tocline"><a href="#delgated-authority-story1-rqmts" class="tocxref"><span class="secno">2.3.1.1 </span>Requirements</a></li></ul></li><li class="tocline"><a href="#delegated-authority-story2" class="tocxref"><span class="secno">2.3.2 </span>User Story: Third-party protection against malware</a><ul class="toc"><li class="tocline"><a href="#delgated-authority-story2-rqmts" class="tocxref"><span class="secno">2.3.2.1 </span>Requirements</a></li></ul></li><li class="tocline"><a href="#delegated-authority-story2a" class="tocxref"><span class="secno">2.3.3 </span>User Story: Transfering remembered choices to another device</a><ul class="toc"><li class="tocline"><a href="#delgated-authority-story3-rqmts" class="tocxref"><span class="secno">2.3.3.1 </span>Requirements</a></li></ul></li><li class="ocline"><a href="#delegated-authority-story3" class="tocxref"><span class="secno">2.3.4 </span>User Story: Operator-enforced usage limitations</a><ul class="toc"><li class="tocline"><a href="#delegated-authority-case-rqmts" class="tocxref"><span class="secno">2.3.4.1 </span>Requirements</a></li></ul></li></ul></li></ul></li><li class="tocline"><a href="#threats" class="tocxref"><span class="secno">A. </span>Security and Privacy Threats</a><ul class="toc"><li class="tocline"><a href="#premium-rate-abuse" class="tocxref"><span class="secno">A.1 </span>Premium Rate Abuse</a></li><li class="tocline"><a href="#privacy-breach" class="tocxref"><span class="secno">A.2 </span>Privacy Breach</a></li><li class="tocline"><a href="#integrity-breach" class="tocxref"><span class="secno">A.3 </span>Integrity Breach</a></li><li class="tocline"><a href="#phishing" class="tocxref"><span class="secno">A.4 </span>Phishing</a></li></ul></li><li class="tocline"><a href="#acknowledgements" class="tocxref"><span class="secno">B. </pan>Acknowledgements</a></li><li class="tocline"><a href="#references" class="tocxref"><span class="secno">C. </span>References</a><ul class="toc"><li class="tocline"><a href="#normative-references" class="tocxref"><span class="secno">C.1 </span>Normative references</a></li><li class="tocline"><a href="#informative-references" class="tocxref"><span class="secno">C.2 </span>Informative references</a></li></ul></li></ul></div> <!-- abstract -->
Index: WD-src.html
===================================================================
RCS file: /sources/public/2009/dap/policy-reqs/WD-src.html,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- WD-src.html 13 Jan 2011 17:50:38 -0000 1.5
+++ WD-src.html 13 Jan 2011 17:58:50 -0000 1.6
@@ -49,13 +49,22 @@
</head>
<body>
<section id='abstract'>
- With the emergence of numerous new APIs in Web browsers and runtime engines, the need to control which Web sites and applications can make use of these APIs increases. This document describes use cases and requirements for controlling access to these APIs.
+ With the emergence of numerous new APIs in Web browsers and
+ runtime engines, the need to control which Web sites and
+ applications can make use of these APIs increases. This document
+ describes use cases and requirements for controlling access to
+ these APIs.
</section> <!-- abstract -->
<section id='sotd'>
This document is not normative. The Working Group expects to evolve
this document further and will eventually publish a stable
- version as a Working Group Note.
+ version as a Working Group Note. This version is an update of
+ the previous version of his note, modified to present the material
+ using "user
+ stories" and associating requirements with those use cases. This
+ version also adds informative references and is revised to not
+ assume a specific mechanism to meet the requirements.
</section>
<section id='introduction' class='informative'>
Received on Thursday, 13 January 2011 17:58:53 UTC