Updates to access control use cases and requirements editors draft, publish an update? from Frederick.Hirsch@nokia.com on 2011-01-07 (public-device-apis@w3.org from January 2011)

From: <Frederick.Hirsch@nokia.com>
Date: Fri, 7 Jan 2011 21:29:55 +0100
To: <public-device-apis@w3.org>
CC: <Frederick.Hirsch@nokia.com>
Message-ID: <7F34F9FE-D0CB-46C3-8B10-22C2312E9B61@nokia.com>

I've made the following editorial updates to the "Device API Access Control Use Cases and Requirements" editors draft [1]:

+ Updated introduction to remove explicit references to framework and charter, add mention and reference to privacy requirements.

+ Revise by moving some requirements from "Operator-enforced" user story section to other sections where appropriate and reframing not in terms of policy-framework implementation.

+ Update 2.1.1 to remove "glances at privacy policy" since we know this has issues, and added note about possible lack of "informed consent" in this privacy model.

+ clarify 2.1.3 last two bullets, mention cert revocation in 2.2.2

+ Revise introduction in security threats section, add media privacy threat, rename headings

+ fix various spelling errors,  typos, validation errors and some minor formatting update

It is not clear to me that the user story "2.3.3 User Story: Transfering remembered choices to another device" has to be a case of delegated authority - for example a user might wish to transfer settings across devices via  a web service or other mechanism without delegation...

Shall we publish an update to this document? 

regards, Frederick

Frederick Hirsch
Nokia

[1] http://dev.w3.org/2009/dap/policy-reqs/

Received on Friday, 7 January 2011 20:30:37 UTC