RE: Some new issues raised on the charter from Bill McCoy on 2017-04-11 (public-digipub-ig@w3.org from April 2017)

From: Bill McCoy <bmccoy@w3.org>
Date: Tue, 11 Apr 2017 06:35:12 -0700
To: "'Ivan Herman'" <ivan@w3.org>, "'W3C Digital Publishing IG'" <public-digipub-ig@w3.org>, "'W3C Publishing Business Group'" <public-publishingbg@w3.org>
Cc: "'Garth Conboy'" <garth@google.com>, "'Rick Johnson'" <rick.johnson@ingramcontent.com>
Message-ID: <013001d2b2c8$732cb9c0$59862d40$@w3.org>

In EPUB 3 the lack of explicit definition of the runtime security model had
been noted as an infelicity and IDPF folks had been following the work in
the W3C System Applications WG [1] in particular the draft of Web
Applications Runtime and Security Model [2], since there was felt to be
significant overlap between security issues in so-called "system
applications" (with client-side resources and potentially offline) and
portable publications.  However, the Systems Applications WG was disbanded
and its specs in my understanding aren't proceeding, which may be a
cautionary note with how much the new WG wants to tackle in this area.
Nevertheless, something in the proposed charter that notes more clearly that
addressing rigorously defining the security model is in scope  for the WG
could be useful and perhaps a better way to address Google's concern than
trying to precisely define things like origin in the WG charter itself
(since the charter is not the place to specify solutions).

--Bill

[1] https://www.w3.org/2012/sysapps/
[2] https://www.w3.org/TR/runtime/ 

-----Original Message-----
From: Ivan Herman [mailto:ivan@w3.org] 
Sent: Tuesday, April 11, 2017 4:56 AM
To: W3C Digital Publishing IG <public-digipub-ig@w3.org>; W3C Publishing
Business Group <public-publishingbg@w3.org>
Cc: Garth Conboy <garth@google.com>; Rick Johnson
<rick.johnson@ingramcontent.com>
Subject: Re: Some new issues raised on the charter
Importance: High

I have re-read issue 61, and I have put in a proposal for resolution to that
one, too.

Ivan

> On 11 Apr 2017, at 08:23, Ivan Herman <ivan@w3.org> wrote:
> 
> Three new issues have been raised on the charter last night (coming from
Google). We have to handle those ASAP.
> 
> I have commented and proposed a solution for two out of three, namely
> 
> https://github.com/w3c/dpubwg-charter/issues/62
> https://github.com/w3c/dpubwg-charter/issues/63
> 
> I have not commented on
> 
> https://github.com/w3c/dpubwg-charter/issues/61
> 
> because I would like a security expert to answer that question.
Unfortunately, Leonard is unavailable this week, we should try to settle
that without him around.
> 
> I do not think any of those issues are hugely complex, and can be handled
(I hope) with editorial changes, but they have to be treated nevertheless.
Please, look at these.
> 
> Thanks
> 
> Ivan
> 
> ----
> Ivan Herman, W3C
> Publishing@W3C Technical Lead
> Home: http://www.w3.org/People/Ivan/
> mobile: +31-641044153
> ORCID ID: http://orcid.org/0000-0003-0782-2704
> 
> 
> 
> 

----
Ivan Herman, W3C
Publishing@W3C Technical Lead
Home: http://www.w3.org/People/Ivan/
mobile: +31-641044153
ORCID ID: http://orcid.org/0000-0003-0782-2704

Received on Tuesday, 11 April 2017 13:35:30 UTC