- From: Lynn, James (Fortify on Demand) <james.lynn@hp.com>
- Date: Wed, 5 Aug 2015 20:28:11 +0000
- To: Dave Raggett <dsr@w3.org>, Public Web of Things IG <public-wot-ig@w3.org>
- Message-ID: <B87EBCE245953F46842BEF54DE7B858E6973DD9F@G4W3204.americas.hpqcorp.net>
Dave, I do not think we should declare all security (or privacy) issues out of scope for the WG. As you noted in the draft, there is some uncertainty at the W3C level as to what should be done, but I do believe we can at least identify key areas of concern and known risks in deploying WoT solutions. So while we may not be able to specify recommendations for authorization and authentication mechanisms, we could, for example, we could point out that sufficient mechanisms should be in place. In such cases this may only entail a reference to some other W3C WG deliverable. I especially think we should focus on identifying security and privacy issues/concerns that are not typically treated in typical Web solutions. I assume Oliver will have already formed an opinion on this as well. Jim Lynn Hewlett Packard Enterprise From: Dave Raggett [mailto:dsr@w3.org] Sent: Wednesday, August 05, 2015 2:33 PM To: Public Web of Things IG Subject: draft WG charter for review Following the discussion in Sunnyvale, I have created a first draft for the charter for the proposed web of things framework working group and invite your comments, either as pull requests or email to this list with the prefix [WG Charter] https://github.com/w3c/wot/blob/master/WG/charter.md In particular, the current draft excludes work on encodings and APIs, but cites a dependency on the EXI WG. I have included an initial list of other relevant W3C groups and groups outside of W3C. When considering additional work items, please think about whether they would be a good for this working group or better suited to another working group. — Dave Raggett <dsr@w3.org<mailto:dsr@w3.org>>
Received on Wednesday, 5 August 2015 20:29:42 UTC