- From: Nick Doty <ndoty@cdt.org>
- Date: Fri, 3 Jun 2022 14:31:52 -0400
- To: Ivan Herman <ivan@w3.org>
- Cc: Matt Garrish <matt.garrish@gmail.com>, W3C EPUB 3 Working Group <public-epub-wg@w3.org>, public-privacy@w3.org
- Message-ID: <CA+tYtvGgT7mAD6yuLkZQZuvyJfOWQQmsboCiB6aZTP4jmWFnzg@mail.gmail.com>
On Thu, May 12, 2022 at 8:12 AM Ivan Herman <ivan@w3.org> wrote: > On the issue of the normative statements vs. the current status as well as > what we can control: I wonder whether the following compromise approach is > acceptable: > > - the relevant sections are NOT marked as informative > - we only use SHOULD statements and no MUST statements for what we choose > to emphasize in those sections > > This approach would give, hopefully, a significantly more weight to our > statements than they have today and, for the cases where this is feasible, > we can also create tests and add it to our test suite (it already includes > tests for SHOULD statements, ie, it is well prepared for that). On the > other hand, we avoid the sticky question on what should we do if we declare > a feature a MUST but we cannot fulfill the exit criteria (per the usual > approach those features should be removed from the spec or marked as > explicitly under-implemented per our own agreement, neither of the two > sound like a good idea). > > Nick, what do you think? > > Ivan > Thanks, Ivan. I think this is a reasonable approach. Where we can make requirements normative and testable, I am hopeful that can improve compliance and support for privacy. And where requirements can't be easily made normative and testable, it's still useful to document where responsibility for supporting privacy lies in the larger system. In the longer term, I hope we can make designs where privacy is directly supported through UA/RS implementation and create capabilities for even more privacy preserving implementations where feasible. Cheers, Nick
Received on Friday, 3 June 2022 18:32:15 UTC