2009/dap/policy-reqs Overview.html,1.49,1.50 from Dominique Hazael-Massieux via cvs-syncmail on 2010-09-10 (public-dap-commits@w3.org from September 2010)

From: Dominique Hazael-Massieux via cvs-syncmail <cvsmail@w3.org>
Date: Fri, 10 Sep 2010 12:58:18 +0000
To: public-dap-commits@w3.org
Message-Id: <E1Ou3BK-0006pw-58@lionel-hutz.w3.org>

Update of /sources/public/2009/dap/policy-reqs
In directory hutz:/tmp/cvs-serv26262

Modified Files:
	Overview.html 
Log Message:
a bit more intro


Index: Overview.html
===================================================================
RCS file: /sources/public/2009/dap/policy-reqs/Overview.html,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -d -r1.49 -r1.50
--- Overview.html	10 Sep 2010 12:55:33 -0000	1.49
+++ Overview.html	10 Sep 2010 12:58:16 -0000	1.50
@@ -62,17 +62,19 @@
       <p>
         Various groups have been defining APIs designed to enable
         Web sites and applications access to device resources, including geolocation, personal information such as calendar and contacts,
-        system information such as network information, etc. Much of this information is sensitive and can be misused. As part of its charter,  the Device API and Policy Working Group is developing a set of technologies to control access to
-        this information, including through the use of a policy framework.
-      </p>
+        system information such as network information, etc. Much of this information is sensitive and can be misused.</p>
+      <p>As part of its charter,  the Device API and Policy Working Group is developing a set of technologies to control access to this information, including through the use of a policy framework.</p>
+
+      <p>This document explores use cases for such a framework through user stories, and derives requirements both for APIs and the framework based on these use cases.</p>
+
       <section id="defs">
-	<h2>Definitions</h2>
+	<h2>Definition</h2>
         <p>A <dfn>non-safe API</dfn> is an API that shares sensitive user information or makes a commitment for the user to a third-party (e.g. paying a fee).</p>
       </section>
     </section>  <!-- introduction -->
     <section id="interactions" class="informative">
       <h2>Access Control Interactions</h2>
-      <p>Three main types of interactions haven been identified for this access control:</p>
+      <p>Three main types of interactions haven been identified for controling access to non-safe APIS:</p>
       <ul>
         <li>based on granular user consent, for every first call of a sensitive API,</li>
         <li>based on user consent for a set of APIs at once, packaged into a single interaction (e.g. at “installation” time),</li>

Received on Friday, 10 September 2010 12:58:19 UTC