Re: [IG-SP] Review of Security&Privacy Requirements Catalogue from Kazuyuki Ashimura on 2015-08-19 (public-auto-privacy-security@w3.org from August 2015)

From: Kazuyuki Ashimura <ashimura@w3.org>
Date: Thu, 20 Aug 2015 02:15:29 +0900
To: Paul Boyes <pb@opencar.com>
Cc: public-automotive <public-automotive@w3.org>, "public-auto-privacy-security@w3.org" <public-auto-privacy-security@w3.org>
Message-ID: <CAJ8iq9VUOy3Wwi6b9LfpBxH9tP2CtTdoC_4gQSqfsz27UPP3uw@mail.gmail.com>

Thanks for forwarding this to the public-automotive list, Paul!

During the WoT IG meeting in Sunnyvale, I mentioned our
security&privacy discussion within the Automotive BG/WG
and suggested the WoT IG should work with the Automotive
group.

And Oliver, the moderator of the WoT IG's security&privacy
TF, said:
- They are interested in the possible collaboration.
- However, they would concentrate on their own formalization first.
- TPAC 2015 in Sapporo would be a good opportunity to start actual
  collaboration.

Kazuyuki


On Thu, Aug 20, 2015 at 12:18 AM, Paul Boyes <pb@opencar.com> wrote:

> >From the WOT group.  Is of interest.
>
> Paul J. Boyes
> --------------------------------
> Mobile:   206-276-9675
> Skype:  pauljboyes
>
>
>
>
> Begin forwarded message:
>
> *Resent-From: * <public-wot-ig@w3.org>
> *From: *"Nilsson, Claes1" <Claes1.Nilsson@sonymobile.com>
> *Subject: * *RE: [IG-SP] Review of Security&Privacy Requirements
> Catalogue*
> *Date: *August 10, 2015 at 7:49:18 AM PDT
> *To: *"'Pfaff, Oliver'" <oliver.pfaff@siemens.com>, "public-wot-ig@w3.org"
> <public-wot-ig@w3.org>
>
> Hi Oliver and others,
>
> Thanks for compiling this catalogue. I have some initial comments:
>
> 1.      Maybe each requirements should have a number or any other id.
> That would make it easier in discussions and follow-up of requirements.
> 2.      The list does more look like a the Security&Privacy Glossary in
> more detail than a list of requirements. That might be ok depending what we
> want to achieve. Do we want this or do we want?
> a.       A total and tangible list of the security&privacy features
> applicable for WoT that needs to be covered by W3C standards (existing and
> new), using MUST, SHOULD and MAY vocabulary?
> b.      A tangible list of the security&privacy features applicable for
> WoT that needs to be standardized by W3C in addition to what exists today
> (or what is in progress being standardized), i.e. a gap list, using MUST,
> SHOULD and MAY vocabulary?
> WDYT?
>
> BR
>   Claes
>
>
>
> *Claes Nilsson*
> Master Engineer - Web Research
> Research&Incubation
>
> *Sony Mobile Communications*
> Tel: +46 70 55 66 878
> claes1.nilsson@sonymobile.com <Firstname.Lastname@sonymobile.com>
>
> sonymobile.com
>
>
> *From:* Pfaff, Oliver [mailto:oliver.pfaff@siemens.com
> <oliver.pfaff@siemens.com>]
> *Sent:* den 5 augusti 2015 13:48
> *To:* public-wot-ig@w3.org
> *Subject:* [IG-SP] Review of Security&Privacy Requirements Catalogue
>
> Dear colleagues,
> until now the Security&Privacy Requirements Catalogue
> <https://www.w3.org/WoT/IG/wiki/Security%26Privacy_Requirements_Catalogue>
>  used to be a bit of a laundry list. That changed and now there is a
> first draft version for review.
>
> Formally the Wiki page is public (as well as this mail) and we’d accept
> comments from anybody in WoT IG. However I would like to ask for review and
> feedback from [IG-SP] before sending heads-up notices to the TFs.
>
> When reviewing, please check for:
> ·        *Completeness*: does the catalogue cover all requirements that
> we want to highlight (caveat: it should not become too lengthy, special
> interest items may have to be dropped to avoid the ‘TL;NR’ syndrome)?
> ·        *Correctness*: are the contents of the catalogue sufficiently
> sound (caveat: it should not become academic, becoming too nitty-gritty
> should be avoided)?
> ·        *Comprehension*: do the contents compile when reading through
> the catalogue with common sense, are the contents intuitively accessible?
> ·        *Wording*: which improvements are needed to pass the ‘native
> speaker check’?
>
> I suggest a review/feedback period (within SP) until Aug, 12. Please
> provide suggestion and addition/change requests on the public mailing list
> or in a personal exchange (suggestions and addition/change requests that
> arrive thereafter will also be accommodated – this is not meant as a final
> call)
>
> Please note that I will do a round of double-checking against the IIC
> reference architecture during this review/feedback period (=> there might
> be some [hopefully minor] updates)
>
> Please also note that there will be some derivative work that will reflect
> the structure of the security&privacy requirements catalogue => adding
> (new) catalogue items later on will be easy, tweaking the structure will be
> tedious. So let’s put a priority on establishing a structure that has a
> good chance of staying stable
>
> Kind regards,
> Oliver
>
>
>


-- 
Kaz Ashimura, W3C Staff Contact for Auto, TV, MMI, Voice and Geo
Tel: +81 3 3516 2504

Attachments

image/png attachment: image003.png

Received on Wednesday, 19 August 2015 17:16:42 UTC