- From: Frederick Hirsch via cvs-syncmail <cvsmail@w3.org>
- Date: Wed, 16 Jun 2010 18:47:12 +0000
- To: public-dap-commits@w3.org
Update of /sources/public/2009/dap/policy-reqs In directory hutz:/tmp/cvs-serv9438 Modified Files: Overview.html Log Message: fix valiation issue Index: Overview.html =================================================================== RCS file: /sources/public/2009/dap/policy-reqs/Overview.html,v retrieving revision 1.36 retrieving revision 1.37 diff -u -d -r1.36 -r1.37 --- Overview.html 10 Jun 2010 04:34:41 -0000 1.36 +++ Overview.html 16 Jun 2010 18:47:10 -0000 1.37 @@ -81,7 +81,6 @@ supported by the API framework and is supported by applications declaring needed access. </p> -</li> </dd> <dt>Application</dt> <dd><p>An application is code that may make use of DAP Device @@ -166,7 +165,7 @@ <h2>User Managed Access</h2> <p>This section outlines use cases and requirements to support user controlled access control.</p> -<section> + <section> <h4>Use case PM1: user-controlled configuration</h4> <p> In this use-case: @@ -200,8 +199,8 @@ The configured policy, at any given time, may be stored locally on the device or may be stored remotely and be accessible via a network service, or both. </p> -</section> -<section> + </section> + <section> <h4>Use case PM2: user-delegated configuration</h4> <p> In this use-case: @@ -235,8 +234,8 @@ This use-case mirrors current practice with products such as virus scanners or other malware detectors. </p> -</section> -<section> + </section> + <section> <h4>Use case PI2: portability of user settings</h4> <p> A user may establish a policy configuration (through explicit configuration of @@ -252,8 +251,8 @@ an old device to a new device. This is relevant to Policy Management use cases PM1, PM2, PM3. </p> -</section> -<section> + </section> + <section> <h4>Prompts</h4> <p> Prompts should be eliminated whenever possible. Many prompts do not provide @@ -356,44 +355,43 @@ </li> </ul> </div> -</section> - <section id='user-control-rqmts'> - <h3>User Control Requirements</h3> - <ul> - <li>The security framework MUST NOT require User Agents to present modal dialogs to prompt users for security - decisions, while the application is running. -<ul><li>Note: modal dialogs may be required - for security prompts provided during application - installation or invocation.</li></ul> -</li> - <li>The security framework SHOULD allow users to have control over general configuration of security - decisions</li> - <li>The security policy framework SHOULD make it possible to record - security configuration choices and interactive policy - decisions using the policy markup language format.</li> - </ul> + </section> + <section id='user-control-rqmts'> + <h3>User Control Requirements</h3> + <ul> + <li>The security framework MUST NOT require User Agents to present modal dialogs to prompt users for security + decisions, while the application is running. + <ul><li>Note: modal dialogs may be required + for security prompts provided during application + installation or invocation.</li></ul> + </li> + <li>The security framework SHOULD allow users to have control over general configuration of security + decisions</li> + <li>The security policy framework SHOULD make it possible to record + security configuration choices and interactive policy + decisions using the policy markup language format.</li> + </ul> <section id="portable-policy"> <h2>Portable Policy</h2> <p> -It should be possible for policy to be defined in a portable -device-independent manner. -</p> -<ul> + It should be possible for policy to be defined in a portable + device-independent manner. + </p> + <ul> <li>Security Framework MUST be separable from policy statements. Note that this may be a consequence of declarative policy statements.</li> - <li>Access control policy MUST be stated in declarative manner.</li> + <li>Access control policy MUST be stated in declarative manner.</li> <li>The DAP policy language MUST define an XML syntax for that language.</li> - </ul> + </ul> <p> -</p> -</section> - + </p> + </section> </section> <!-- user control rqmts --> </section> <!-- user control --> - <section> + <section> <h2>Enterprise Managed Access</h2> <p>This section outlines use cases and requirements to support enterprise or network operator managed access control.</p> @@ -508,7 +506,7 @@ </p> </section> <!-- phishing --> </section> <!-- Abuse --> - </section> <!-- policy use cases --> +</section> <!-- policy use cases --> <section> <h2>Capabilities</h2> <p>
Received on Wednesday, 16 June 2010 18:47:17 UTC