- From: James Salsman <jsalsman@talknicer.com>
- Date: Wed, 16 Jun 2010 08:37:28 -0700
- To: Dominique Hazael-Massieux <dom@w3.org>
- Cc: public-device-apis@w3.org
On Tue, Jun 15, 2010 at 6:39 AM, Dominique Hazael-Massieux <dom@w3.org> wrote: >... > * there should be somewhere presumably a reference to the XACML profile doc How do people feel about merging the XACML profile into a combined Device API Policy Framework Profile document, adding examples to it, and then extracting out the algorithms including the issues surrounding modeless one-at-a-time prompting and other authorization actions (e.g. camera shutter button -- are there any other examples?) into a new Device API Policy Permissions and Provisioning document? The former would focus on the data structures, and the latter on the algorithms. I think if we are going to try to define security certificate-based remote permissions that would be a much better approach. Now I see that provisioning isn't in scope per charter, but I can't figure out where it is in scope. If we have to define privacy state information but aren't allowed to say anything about how defaults are set, then there are serious quality issues which will arise with the specifications. Do we need to get permission from someone who is allowed by their charter to discuss initial and enterprise default provisioning? > ** the document doesn't have a conformance section.... I agree there should be one, at least reiterating the "must" statements elsewhere.
Received on Wednesday, 16 June 2010 15:37:55 UTC