W3C home > Mailing lists > Public > public-identity@w3.org > October 2011

Charter Text Confusion

From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Date: Tue, 25 Oct 2011 13:33:31 +0300
Message-Id: <55117C30-E149-448E-BEEA-5B7C720A2577@gmx.net>
Cc: Hannes Tschofenig <hannes.tschofenig@gmx.net>
To: public-identity@w3.org
Hi all, 

I again read through the charter text and noticed that only the JavaScript CryptoAPI work is roughly understandable for me (since I had been at the W3C Identity in the Browser workshop). Even with this item there was some amount of discussion at the workshop about would exactly be done as part of this activity. While the workshop took place many months ago I have not seen the scope clarified anywhere. 

The only requirements alike writeup I am aware of is http://www.w3.org/2011/identity-ws/papers/idbrowser2011_submission_28.pdf

Wouldn't it make sense to have at least the scope clarified before going into the details of the work as part of the chartering process? For example, I would be interested whether the access to key storage and smart cards is considered within the scope of the group. 

Then, the subsequent items in the charter are in my view badly described. Hence, it is not surprising that most of the messages exchanged on this list are actually off-topic. 

Is there a problem description of what Web Identity Sync should do? Is Mozilla's implementation sufficient to do standardization work in that area? Isn't the purpose of standardization to let various different implementations to interwork? Given that the term "identity" is very weak defined (in general, not only in the W3C) this item could essentially be anything. 

For the Identity API has anyone bothered to write down a list of requirements about what API functionality is generic among different identity protocols and should therefore be standardized? Given that JavaScript can do almost anything I fear that some folks on this list try to standardize their favorite protocol as part of this "API" work. 

Finally, I do not understand why a single charter needs to contain all these items? Why isn't it possible to have a more focused charter and get some work done in a proper way rather than establishing an open-ended group?

Everyone who had even done some work in the identity management area knows that the term "identity" has to be avoided at all cost.

Ciao
Hannes
Received on Tuesday, 25 October 2011 10:34:02 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 25 October 2011 10:34:02 GMT