W3C home > Mailing lists > Public > public-appformats@w3.org > January 2008

Comments on requirements document

From: Thomas Roessler <tlr@w3.org>
Date: Sat, 12 Jan 2008 18:33:35 +0100
To: Arthur Barstow <art.barstow@nokia.com>
Cc: public-appformats@w3.org
Message-ID: <20080112173335.GJ262@iCoaster.does-not-exist.org>

Some people had asked me to extract my comments about the
requirements document and put them on the public list.

Here we go... Based on the minutes, but without anybody's words but
mine.

>    TLR: requirement 3.3 - some people don't agree with this requirement
>    ... req 3.4 - I agree with the Ed Note; not clear what this is and
>    we need clarification

>    ... as currently written its too fuzzy
>    ... req 3.6 - also needs some clarification about what is meant by admin
>    ... req 3.7 and 3.8 - I think these should be CSRF and not XSS
>    ... also need to define the baseline for these reqs
>    ... need to understand the real protection goal and needs more
>    discussion
>
>    TLR: req 3.9 - the model must be able to deal with caching as
>    deployed today
>    ... must be very careful with HTTP caching

Regards,
-- 
Thomas Roessler, W3C  <tlr@w3.org>
Received on Saturday, 12 January 2008 18:38:25 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:56:21 UTC