W3C home > Mailing lists > Public > public-privacy@w3.org > July to September 2020

Re: Process CG conversations about horizontal review

From: Chris Wilson <cwilso@google.com>
Date: Wed, 8 Jul 2020 09:37:30 -0700
Message-ID: <CAJK2wqUv9AppcHCpObur_WkF3vTUYwPLTovciv7FaAahLcmDMA@mail.gmail.com>
To: David Singer <singer@apple.com>
Cc: Samuel Weiler <weiler@w3.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>, "public-web-security@w3.org" <public-web-security@w3.org>
And as a manager of process in one of my different roles, I'd like to point
out the inherent fallacy in the statement "which may make it harder for us
to introduce improvements."  To be blunt - if it's not part of the Process,
it's not required.  You can ask all you want for other groups to follow the
PING's improvements as they develop standards, but they just don't need to
- unless it's part of the Process.  Will the Process need to continue to be
improved and refined?  Sure - but it *is* the Process by which the W3C
community builds standards.  As David says, If you see limitations or
mistakes in the Process discussions, please, please participate; that's the
whole point.

On Wed, Jul 8, 2020 at 9:25 AM David Singer <singer@apple.com> wrote:

> Hi Sam, thanks for the note…
>
> one observation and a correction below:
>
> * we get a lot of complaints, even from experienced W3Cers, that they
> don’t know what is required, or how to get it done. We need much better
> guidance.
>
> > On Jul 8, 2020, at 8:34 , Samuel Weiler <weiler@w3.org> wrote:
> >
> > FYI, the W3C Process Community Group (CG) is discussing Process changes
> around horizontal review (HR), including:
> >
> > -- automatic triggering events, like publishing a FPWD, and
> > -- making (asking for) review mandatory.
> >
> > While this has some obvious charms, I have some concerns.
> >
> > -- Automatic triggers won't indicate if a group has done the
> prerequisite work HR groups expect of them (in our case, going though the
> Questionnaire and fingerprinting guidance docs and writing Privacy and
> Security considerations sections in their docs).
> >
> > -- They're nailing down too much in Process, which may make it harder
> for us to introduce improvements.
>
> I don’t think we have decided anything yet, in the process CG, beyond that
> Leonie’s text is an improvement on the status quo, and that we’d like to
> separate out the requirements (in the process) from the guidance (somewhere
> else)
>
> But yes, please help. There is a real tension between the continuous model
> (make sure you’re on the radar of the HR groups early, flag things that
> might need their attention, and so on) and the periodic model (you have to
> get sign-off at some points, or show you’ve tried to get it and given
> enough time, and so on). Balancing these is hard.
>
> >
> >
> > If you're interested, the Process CG discussion can be found in:
> > https://github.com/w3c/w3process/issues/130
> > https://github.com/w3c/w3process/pull/401
> >
> > Additionally, the guidance we're publishing for how to ask for reviews
> is at:
> > https://www.w3.org/wiki/DocumentReview#How_to_get_horizontal_review
> >
> > -- Sam
> >
> >
> > [This note is being CC'ed to the Web Security IG.  While the WebSec IG
> is closed, its list is still active, and WGs are directed to request
> reviews on this list.  W3C Team (me!) is coordinating getting reviews from
> individual volunteer reviewers.  If you would like to join that pool and do
> the occasional doc review, drop me a note.]
> >
> >
>
> David Singer
> Manager, Software Standards, Apple Inc.
>
>
>
Received on Wednesday, 8 July 2020 16:37:56 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 8 July 2020 16:37:57 UTC