W3C home > Mailing lists > Public > www-ws-arch@w3.org > May 2002

RE: What to make of D-AC020.1?

From: Joseph Hui <Joseph.Hui@exodus.net>
Date: Tue, 7 May 2002 14:58:50 -0400 (EDT)
Message-ID: <45258A4365C6B24A9832BFE224837D5523BB2A@SJDCEX01.int.exodus.net>
To: "Cutler, Roger (RogerCutler)" <RogerCutler@chevrontexaco.com>, "Hugo Haas" <hugo@w3.org>, <www-ws-arch@w3.org>
The MUST and SHOULD in the proposed re-wording do not contradict
each other.  They were IMO properly used in ways meant to be
used, per RFC 2119.

If the first MUST were changed to SHOULD as Roger suggested,
then the second sentence would be meaningless, because the
consumer wouldn't be able to assume anything, let alone
decide whether to opt out or not.

Joe Hui
Exodus, a Cable & Wireless service
================================================
> -----Original Message-----
> From: Cutler, Roger (RogerCutler) 
> [mailto:RogerCutler@chevrontexaco.com]
> Sent: Monday, May 06, 2002 10:51 AM
> To: Joseph Hui; Hugo Haas; www-ws-arch@w3.org
> Subject: RE: What to make of D-AC020.1?
> 
> 
> It seems to me that a number of the proposals have been suffering from
> "MUST" inflation (and do we really have to keep SHOUTING the 
> word?)  In the
> example below, first you say that a provide MUST do 
> something, then in the
> very next statement start discussing what happens if the 
> provider does not.
> It seems to me that the logic, then, implies that this is a 
> "should" not a
> "must".
> 
> -----Original Message-----
> From: Joseph Hui [mailto:jhui@digisle.net] 
> Sent: Friday, May 03, 2002 6:11 PM
> To: Hugo Haas; www-ws-arch@w3.org
> Subject: RE: What to make of D-AC020.1?
> 
> 
> Hi Hugo,
> 
> >   D-AC020.1
> > 
> >     A service consumer must be able to know the privacy 
> >     policies of the
> >     service provider(s) that it is going to interact with.
> 
> This sounds good, except the "service consumer must be able 
> to" part seems
> to place the burden (of privacy policies) more on the 
> consumer than on the
> provider.  If it's agreeable that the burden should be mostly (or even
> solely?) on the provider, then it may help to invert the statement to
> something like:
> 
>       A service provider MUST disclose its privacy policies in manners
>       that can be easily understood by the consumers.  In the absence
>       of such disclosure, a consumer (of the service) SHOULD assume
>       that neither the service nor its provider furnishes any privacy
>       policy.
> 
> Cheers,
> 
> Joe Hui
> Exodus, a Cable & Wireless service
> ============================================
> 
> > -----Original Message-----
> > From: Hugo Haas [mailto:hugo@w3.org]
> > Sent: Friday, May 03, 2002 1:13 PM
> > To: www-ws-arch@w3.org
> > Subject: Re: What to make of D-AC020.1?
> > 
> > 
> > Hi Joe.
> > 
> > * Joseph Hui <jhui@digisle.net> [2002-05-02 15:43-0700]
> > > D-AC020.1 is in the form of a question (as opposed to a 
> statement). 
> > > What are we supposed to make of it as a CSF?
> > 
> > Would the following rewording, carrying the same ideas, address your
> > concerns:
> > 
> >   D-AC020.1
> > 
> >     A service consumer must be able to know the privacy
> > policies of the
> >     service provider(s) that it is going to interact with.
> > 
> > Regards,
> > 
> > Hugo
> > 
> > --
> > Hugo Haas - W3C
> > mailto:hugo@w3.org - http://www.w3.org/People/Hugo/ - 
> > tel:+1-617-452-2092
> > 
> > 
> 
> 
> 
Received on Tuesday, 7 May 2002 16:40:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:24:59 GMT