- From: Arthur Barstow <art.barstow@nokia.com>
- Date: Sat, 12 Jan 2008 15:55:53 -0500
- To: ext David Orchard <dorchard@bea.com>
- Cc: <public-appformats@w3.org>
David, All, Regarding, why is the WAF WG working on the AC [AC-spec] spec, I think some history is important - Our work began after the Team held a Project Review [AC-PR] in April 2006. The review was chaired by Thomas Roessler and the Chair of the AC task force (Brad Porter) presented slides [Brad] that identified a small set of Use Cases that would be in scope as well as the basic architecture of the proposed work that was based on a related WG Note by the VB WG [AC-Note]. A few weeks later Tim approved publication of the the first WD. Clearly the Team could have blocked that FPWD pending an AC review. I can't speak for them but based on the relatively small set of UCs we identified at the time and the desire not to have different competing specs (i.e. one for VB, one for XBL2, one for XHR), the task/spec envisioned didn't seem large enough to form a new WG. If we wanted to ignore other UCs and prior work and just solely address WAF's AC- related requirements i.e. XBL2, then we could have embedded something like the AC spec directly in the XBL2 spec. If we had done so, we wouldn't be discussing this issue (=is this work explicit in the Charter) but don't think such a short-sighted position would have been wise. Lastly, hindsight is always 20/20 and if we were able to predict the future in April 2006 e.g. we knew that new technologies such as JSONRequest could be potentially relevant, then perhaps a different choice would have been made. Regarding transparency i.e. the the implication this work was intentionally "flown low on the radar screen" - I'm surprised by this assertion because I've done what I believe is more than due diligence to publicize this spec. In particular, during the May 2006 AC meeting I made a presentation about this work [AC-PR]. The work was also discussed or mentioned in Domain reports or presentations at the May 2006, November 2007 and May 2007 AC meetings. Additionally, I included an overview of the spec in my WAF WG presentations at WWW2006 [WWW2006] and WWW2007 [WWW2007], in June 2007 we explicitly asked the TAG to review the spec [TAG-Request], we invited the WSC WG and XML Security Maintenance WG to our TPAC f2f meeting, we have directly engaged with the POWDER WG and this spec was also mentioned on several of the W3C's Newsletters and NewsWires. Thus, I would appreciate it if you would please send me the pointer (s) to the evidence that substantiates your claim: [[ I see considerable evidence that the specification has "flown low on the radar" ]] Regarding the need for UCs and Requirements - as you know, I agree with you (as I've stated on the WG's member and public mail lists) and I appreciate you volunteering to help with that task so thanks again. Regarding work item granularity for a WG - as Nokia's AC rep I have at times struggled with the related issues including: Team overhead, allocation of Nokia's resources, IPR concerns, etc. It's a interesting balancing act and surely a single spec (or spec family) per WG is appropriate at times but could also introduce unacceptable overhead if taken to the extreme. BTW, during last November's TPAC meeting, I encouraged Hal to join the WAF WG and explained to him that one reason we do not enforce the Good Standing requirement is to facilitate people like him that only want to participate on a specific spec. Regards, Art Barstow --- [AC-spec] <http://www.w3.org/TR/access-control/> [AC-PR] <http://www.w3.org/2006/04/27-access-control-minutes> [AC-Note] <http://www.w3.org/TR/2005/NOTE-access-control-20050613/> [Brad] <http://www.w3.org/2006/04/27-access-control/Overview.html> [WWW2006] <http://www.w3.org/2006/Talks/0524-www-WAF.pdf> [WWW2007] <http://www.w3.org/2007/Talks/WWW2007-WAF-May-09.pdf> [TAG-Request] <http://lists.w3.org/Archives/Public/www-tag/2007Jun/ 0114.html> On Jan 11, 2008, at 8:00 PM, ext David Orchard wrote: > I'm Bcc:ing the AC List because I believe that other AC members may be > interested in my comments, but I don't want WG members to accidentally > cc the AC list. > > My comments are mainly that the charter is too broad in scope and too > undefined in deliverables. The broadness of scope of the current WAF > charter has precluded our organization from significantly > participating > in the Working Group, and this rechartering exacerbates the problem > going forward. In our case, Hal Lockhart is a supremely qualified > person to work on Access Control but has spent little time on that > area > of work because the current WAF is so broad in scope. In another > example, we have other people who are qualified and interested in the > Widgets work but are unable to participate for the same reasons. > > The usual solution for the problem of a very broad scope in charter is > to refactor into more WGs with smaller charters. I prefer that but > I'm > also open to other solutions that increase the participation in > deliverying items under the W3C Process. I'm very uncomfortable with > the current charter scope and single WG process. > > As an example of the problems of broad and open scope, I am > disappointed > by the way that Access Control was added to the Working Groups > deliverables without AC review and the usual deliverables of > requirements and use cases. It seems that almost immediately after > WAF > was chartered [1] in November 2005, it immediately took over > editing the > "Authorizing Read Access to XML Content Using the <?access-control?> > Processing Instruction 1.0" document, as roughly described in [2]. I > realize that the charter says "Given that the rich Web client area > is in > a phase of rapid development, the Working Group may become aware of > the > urgent need for standardization of a technology not explicitly > listed in > this charter, but still in the scope of the Working Group", but I fail > to see why such urgency that an AC review and normal process can be > ignored. In the Access Control case, it was added almost immediately > after chartering in December 2005 and has been worked on sporadically > since then and we are now at January 2008. I see considerable > evidence > that the specification has "flown low on the radar" and there are > still > many differences of opinion about fundamental requirements. AC review > and publication of Requirements and Use Cases are good triggers for > early review and consensus building, and we did not see those. This > lack of process on Access Control has meant that we have not > tracked the > work nearly as closely as we would have liked, though we are now > trying > to rectify that. > > I would like the AC consulted whenever a deliverable is added. I'd > like > to see a more rigorous process that includes early publication of > requirements and use cases for each deliverable. > > Cheers, > Dave > > [1] http://www.w3.org/2006/appformats/admin/charter.html > [2] > http://lists.w3.org/Archives/Public/public-appformats/2005Dec/ > 0004.html
Received on Saturday, 12 January 2008 20:57:17 UTC