W3C home > Mailing lists > Public > public-device-apis@w3.org > June 2010

Re: CfC: Policy Framework FPWD

From: James Salsman <jsalsman@talknicer.com>
Date: Wed, 16 Jun 2010 08:37:28 -0700
Message-ID: <AANLkTimhCRBzX7QxSSklv0QAcQh5CPIZyCY5DGKRoo7A@mail.gmail.com>
To: Dominique Hazael-Massieux <dom@w3.org>
Cc: public-device-apis@w3.org
On Tue, Jun 15, 2010 at 6:39 AM, Dominique Hazael-Massieux <dom@w3.org> wrote:
>...
> * there should be somewhere presumably a reference to the XACML profile doc

How do people feel about merging the XACML profile into a combined
Device API Policy Framework Profile document, adding examples to it,
and then extracting out the algorithms including the issues
surrounding modeless one-at-a-time prompting and other authorization
actions (e.g. camera shutter button -- are there any other examples?)
into a new Device API Policy Permissions and Provisioning document?
The former would focus on the data structures, and the latter on the
algorithms.  I think if we are going to try to define security
certificate-based remote permissions that would be a much better
approach.

Now I see that provisioning isn't in scope per charter, but I can't
figure out where it is in scope.  If we have to define privacy state
information but aren't allowed to say anything about how defaults are
set, then there are serious quality issues which will arise with the
specifications.

Do we need to get permission from someone who is allowed by their
charter to discuss initial and enterprise default provisioning?

> ** the document doesn't have a conformance section....

I agree there should be one, at least reiterating the "must"
statements elsewhere.
Received on Wednesday, 16 June 2010 15:37:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:14:10 GMT