- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Tue, 10 Nov 2009 12:06:02 -0500
- To: W3C Device APIs and Policy WG <public-device-apis@w3.org>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
I have updated the Policy Requirements Editors Draft based on our discussion at the F2F: http://dev.w3.org/2009/dap/policy-reqs/ This should complete ACTION-49 Please review and indicate any additional changes needed. regards, Frederick Frederick Hirsch Nokia Changes: (1) Introduction Added paragraph that applicable to both widgets and web applications (2) Definitions Changed names of definitions, added Implicit Consent definition. Removed material from definitions to focus, updated Feature definition using BONDI definition. (3) Added new section 3, use cases based on Paddy's examples (used example.com) (4) 6.1 User Control over Decisions added requirement and corresponding discussion in rationale section: "The security policy framework SHOULD be able to record security configuration choices and interactive policy decisions using the policy markup language format." (5) 6.2 Rationale made normative since it has normative statements integrated implicit consent material into discussion Added "Modal security prompts SHOULD be avoided." removed paragraph re DAP being minimally prescriptive since text talks about different API approaches. (6) 6.3 Issues Removed "Application control vs user agent control" since implicit consent integrated into 6.2 (7) 7 Identification removed requirement that Capabilities be defined using IRIs, added requirement: "Capabilities MUST be identified by strings associated with API definitions produced by the DAP WG." added requirement: Features MUST be identified by IRI. (removed associated issue, since we discussed at F2F) (8) 8 Access Control. Added new section. (9) moved out of scope section to the end.
Received on Tuesday, 10 November 2009 17:06:46 UTC