- From: Dominique Hazael-Massieux <dom@w3.org>
- Date: Thu, 09 Sep 2010 10:12:01 +0200
- To: Frederick.Hirsch@nokia.com
- Cc: public-device-apis@w3.org
Hi, As discussed previously, I've taken a (big) stab at reworking the policy requirements document; you can see the new version at: http://dev.w3.org/2009/dap/policy-reqs/ In summary, I have: * reorganized it around the access control interactions (granular user consent, grouped permissions, delegated authority) rather than their target (web site/widgets, trusted/non-trusted) * I've rewritten the use cases as user stories to make them more concrete and more consistent; they are completed with a short analysis that explains what the story implies technically * I've reorganized the requirements to make them match the user stories they are bound with * I've moved the security and privacy threats into an appendix I think the document could use some illustrations (e.g. screenshots of possible interactions mechanisms, or diagrams showing the links between the various players in the stories), but this would require more energy than I have left :) These are rather big and thorough changes; if the result is not up to what the group wants, this can easily be reverted to the previous version. Dom
Received on Thursday, 9 September 2010 08:12:16 UTC