W3C home > Mailing lists > Public > public-web-and-tv@w3.org > December 2013

[api] REQ 5.2, REQ 5.3 and REQ 6 v.s. HTML5

From: HU, BIN <bh526r@att.com>
Date: Tue, 10 Dec 2013 05:27:16 +0000
To: public-web-and-tv <public-web-and-tv@w3.org>
Message-ID: <179FD336116F754C876A9347238FE29A0111A78F@WABOTH9MSGUSR8L.ITServices.sbc.com>

This is trying to close the loop of 3 yellow "?"s of REQ 5.2, REQ 5.3 and REQ 6 v.s. HTML5.

REQ 5.2: Application Authentication
REQ 5.3: Subscriber Authentication
REQ 6: Device Authentication

I suggest that we leave those 3 "?"s blank, i.e. N/A, because from HTML5 Spec perspective (not the suite of Specs of HTML5 Family), although there are descriptions of security related issues (primarily cross origin) and guidance in related sections, and dedicated section 1.9.1 and 1.9.2 to describe the guidance of writing secure web apps and common pitfalls to avoid when using the scripting APIs, however, the HTML5 Spec itself doesn't address the area of application authentication, subscriber authentication and device authentication. It relies on other specs and techniques to cover those authentication requirements.

Thus I suggest to leave them blank.


Bin Hu | Service Standards | AT&T
Received on Tuesday, 10 December 2013 05:28:10 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:57:20 UTC