- From: Device APIs and Policy Working Group Issue Tracker <sysbot+tracker@w3.org>
- Date: Tue, 6 Oct 2009 19:27:13 +0000 (GMT)
- To: public-device-apis@w3.org
ISSUE-27: [Policy] Is revocation in scope [Security Policy Framework — General] http://www.w3.org/2009/dap/track/issues/27 Raised by: Frederick Hirsch On product: Security Policy Framework — General Is revocation in scope of the DAP policy v1, or should it be deferred to v.next? Proposal: defer to v.next Rationale: More than one mechanism might be used to implement revocation, so it can be deployment specific. For example, one could consider 1. Associated X.509 certificate revocation, either by CRL or OCSP 2. Reputation/Community based revocation as suggested by Marcos in position paper http://www.w3.org/2008/security-ws/papers/marcos-policy-widgets.txt 3. Non-X.509 directory listing If this is not deferred we probably would need to define a "Revocation decision point" by URI and not define the details of that point.
Received on Tuesday, 6 October 2009 19:27:15 UTC