RE: ISSUE-235 (Auditability requirement for security)

Justin,

I support its removal.  As we've discussed in the past a SHOULD is very close to a MUST and only for very specific technical arguments does one escape the necessity that term creates.  In this case, adding a blanket "all permitted use structures MUST be auditable" is VERY opened ended and therefore should be removed.  To what level is something considered "auditable"?  Do we have security standards in place today that lay out in a very objective manner what is and is not considered to be "auditable" (specific hooks? Reporting?)?  If we agree that anything that exists technically is therefore "auditable" to some degree, then what is the value of this clause anyway?

I'd be more comfortable with moving it to a MAY but it still lacks any objective substance so I'm still confused as to how I would say something is or is not auditable?  If we're suggesting "externally auditable" here then I'll double-down on my support for its removal as that particular issue is much more difficult to solve for in our current timeframe.

- Shane

-----Original Message-----
From: Justin Brookman [mailto:jbrookman@cdt.org] 
Sent: Wednesday, October 15, 2014 7:55 AM
To: public-tracking@w3.org (public-tracking@w3.org)
Subject: ISSUE-235 (Auditability requirement for security)

Before leaving NAI and the Working Group, Jack Hobaugh had proposed to delete from the general security requirement for data held for permitted uses the line:

Third parties SHOULD ensure that the access and use of data retained for permitted uses is auditable.

If anyone still supports this proposal and wants to discuss it, please advocate for it on the mailing list (or on the working group call today).

Received on Wednesday, 15 October 2014 15:50:59 UTC