- From: Web Security Context Issue Tracker <dean+cgi@w3.org>
- Date: Sun, 15 Apr 2007 15:03:22 +0000 (GMT)
- To: public-wsc-wg@w3.org
ISSUE-45: full legal entity identification (is a must) (pubic comment) http://www.w3.org/2006/WSC/Group/track/issues/45 Raised by: Bill Doyle On product: Note: use cases etc. >From public comments raised by: Al Gilman Alfred.S.Gilman@ieee.org http://lists.w3.org/Archives/Public/public-usable- authentication/2007Apr/0000.html widely deployed baseline, yes; usage and presentation, yes where it says, in 5.4 New security information Recommendations will only be made for the presentation of currently deployed security information. please consider You will, per goal 2.6, be making recommendations as to how to use the identified, widely deployed technologies; as well as how to present the information that results. You address this in the stated goal, but this statement appears to contradict that one. Don't leave the reader confused; assert both usage and presentation here. Why? The security information that is available will depend on appropriate use of the tech base. Your recommendations need to spell out the technology utilization that will make necessary information available and not just how to present it when it's there. please consider We need your expertise applied to identifying "areas for future work" in addition to this scope. I understand that you do not plan to design presentation innovations predicated on model innovations. That's appropriate risk management. But you need to publish the gaps in the "currently deployed techbase" as well to foster migration to a higher and better state of de_jure as well as de_facto Web security.
Received on Sunday, 15 April 2007 15:03:32 UTC