- From: Thomas Roessler <tlr@w3.org>
- Date: Tue, 8 Aug 2006 12:25:04 +0200
- To: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
- Cc: public-usable-authentication@w3.org
On 2006-08-07 17:41:12 -0400, Mary Ellen Zurko wrote:
> I'm a bit worried about:
> "a minimal set of security context information "
> It seems to imply a single small set of items will be
> required of any user agent. I don't think it will work out
> that way, though I do think the alternatives will collapse
> to a small conceptual set, and that their presence or lack
> will be important to users. Things like user/web agent
> history, and strength and meaningfulness of
> identification/authentication.
Would you have a suggestion for wording that might address your
concern?
> A first public working draft implies to me that that version
> at least will target well known web agents (browsers as
> opposed to rich client) and core protocols (HTTPS as opposed
> to Web Services). Are these in fact very aggressive
> deadlines for a predominantly tactical WG?
A first public working draft may quite well have large holes
that are filled up as work goes on. The three-month heartbeat
really comes from the Process. The variable that can be tuned
more easily in a charter is the number of working drafts before
Last Call.
[[
It is important that a Working Group keep the Membership
and public informed of its activity and progress. To this
end, each Working Group SHOULD publish in the W3C technical
reports index a new draft of each active technical report
at least once every three months.
]] -- http://www.w3.org/2005/10/Process-20051014/groups.html#three-month-rule
--
Thomas Roessler, W3C <tlr@w3.org>
> Mez
>
>
>
> public-usable-authentication-request@w3.org wrote on 08/07/2006 12:39:11
> PM:
>
> >
> > Hello,
> >
> > I've taken another stab at the scope and deliverable sections
> > of the charter drafts, and added tentative time lines to these.
> >
> > http://www.w3.org/2005/Security/wsc-charter
> > http://www.w3.org/2005/Security/htmlauth-charter
> >
> > For the security context information baseline group, I've tried
> > to introduce a clearer partition between the question what to
> > display (and how to do it nicely), and techniques to make that
> > kind of display more robust against spoofing. (Thanks to Jeff
> > Nelson (Google) for his suggestions.)
> >
> > The form annotations project has seen some general clean-up.
> >
> > The time line (identical for both groups at this point) is
> > essentially the usual 3-month heartbeat requirement for public
> > working drafts, with two public WDs before last call. A call
> > for participation is assumed to go out in October, and an
> > initial face-to-face meeting (for both groups; hopefully, we
> > can find a way to co-locate these) is assumed for the week of
> > 13 November.
> >
> >
> > Caveat emptor: Please note that, at this
> > point, these dates are working hypotheses!
> >
> >
> > Comments would, as always, be useful,
> > --
> > Thomas Roessler, W3C <tlr@w3.org>
> >
Received on Tuesday, 8 August 2006 10:25:23 UTC