- From: Shadi Abou-Zahra <shadi@w3.org>
- Date: Wed, 18 Oct 2006 13:20:55 +0200
- To: public-wai-ert@w3.org
Hi, The recent discussions on test subject and local files brought a whole bunch of new issues. Here is an attempt to collect and summarize this issue to facilitate an overview: 1. static Web content - sufficiently addressed by WebContent class; 2. dynamic Web content - HTTP request/response header can be provided in the WebContent class, however the sequence of the client/server interaction still needs to be addressed; 3. confidential URIs - for example on an intranet or otherwise restricted content there are different degrees of confidentialit and not all URIs should be available to everyone; 4. confidential from data - for example password or other sensitive information may need to be protected (much alike confidential URIs); 5. local files - unique identifier is not always available (to hide internal file hierarchy) and the file source may be worth recording (noting potential confidentiality issues); Did I miss other points made? Also, it's important to note that we had agreed that security/privacy issues are out of our direct scope of EARL and hence did not make it into the requirements document. However, this does not mean we should not think about it and make sure we are not making it impossible to use EARL for restricted content. Is it as simple as saying "if you want to protect your EARL reports then sign or encrypt them"? Regards, Shadi -- Shadi Abou-Zahra Web Accessibility Specialist for Europe | Chair & Staff Contact for the Evaluation and Repair Tools WG | World Wide Web Consortium (W3C) http://www.w3.org/ | Web Accessibility Initiative (WAI), http://www.w3.org/WAI/ | WAI-TIES Project, http://www.w3.org/WAI/TIES/ | Evaluation and Repair Tools WG, http://www.w3.org/WAI/ER/ | 2004, Route des Lucioles - 06560, Sophia-Antipolis - France | Voice: +33(0)4 92 38 50 64 Fax: +33(0)4 92 38 78 22 |
Received on Wednesday, 18 October 2006 11:21:08 UTC