W3C home > Mailing lists > Public > public-web-security@w3.org > September 2015

Re: Removing trolls and off-topic conversation from Web Security IG? [was Re: A Somewhat Critical View of SOP (Same Origin Policy)]

From: Siva Narendra <siva@tyfone.com>
Date: Wed, 23 Sep 2015 10:51:54 -0700
Message-ID: <CAJhTYQxkWzncL1tRpCO4JCAEf56293FbyqWgTnnpipJ2XnG8Pw@mail.gmail.com>
To: Harry Halpin <hhalpin@w3.org>
Cc: Anders Rundgren <anders.rundgren.net@gmail.com>, Alex Russell <slightlyoff@google.com>, "public-web-security@w3.org" <public-web-security@w3.org>, Tony Arcieri <bascule@gmail.com>, Brad Hill <hillbrad@gmail.com>, Rigo Wenning <rigo@w3.org>, GALINDO Virginie <Virginie.GALINDO@gemalto.com>
Harry et al -- I am all for keeping it open but also keeping the discussion
in a relevant working group setting. A setting where we can start
implementing what will be good for the community at large. It is time for
us to focus on implementations that support a general framework. There is
clearly fatigue in rehashing discussions over and over. I haven't seen any
new points coming from either side (if there are just two sides).

I am hoping that the newly formed
http://www.w3.org/2015/hasec/2015-hasec-charter.html can take this up to
get us moving forward. FIDO and all!



*Siva G. Narendra Ph.D. CEO - Tyfone, Inc.Portland | Bangalore |
Taipeiwww.tyfone.com <http://www.tyfone.com>*
*Voice: +1.661.412.2233*

On Wed, Sep 23, 2015 at 8:45 AM, Harry Halpin <hhalpin@w3.org> wrote:

> [removing WebAppSec WG, since obviously this doesn't concern their
> chartered work]
> At this point, I think it would be a useful discussion for the Chair of
> the IG to move the IG to member-only in a re-chartering, as it may be
> the only way to keep the discussion on-topic.
> In particular, it would also be a good idea for members who are finding
> these conversations wasting their time to bring up with the Advisory
> Committee and the Advisory Board the persistence of people who either do
> not have a basic background in Web Security, people who are consistently
> off-topic, and 'trolls' on W3C lists, and find a suitable process for
> removing or excluding them (I personally try to use a 'spam' filter, but
> new W3C members may not know). If the W3C cannot control the problem of
> having a few people overwhelming mailing lists with what is effectively
> viewed as spam, then the W3C may even run the risk of being an
> unsuitable place for doing standards work due to the high noise-signal
> ratio on lists such as the Web Security IG.
>     cheers,
>          harry
> On 09/23/2015 11:18 AM, Anders Rundgren wrote:
> > On 2015-09-23 15:57, Harry Halpin wrote:
> >> On 09/23/2015 03:42 AM, Anders Rundgren wrote:
> >>> In my opinion the #1 problem with this discussion is that when you
> >>> mention things that doesn't match the SOP vision like the fact that
> >>> Android-,
> >>> Apple-, and Samsung-Pay doesn't work on the Web, dead silence is all
> >>> you get.
> >
> >> <ad hominem attacks>
> > > </ad hominem attacks>
> >
> >> In particular, it is likely more productive for various non-SOP schemes
> >> to find a way to adopt to SOP in a principled manner and so maintain
> >> security and privacy properties. Payment schemes, identity schemes, and
> >> the rest should and can do this.
> >
> > This topic has never been discussed in for example:
> > http://www.w3.org/Payments/IG/
> >
> > Maybe Jeff should take down the flag
> > http://www.w3.org/2015/01/banker_payments.pdf
> > before it gets too embarrassing?
> >
> > Anders
> >
> >
Received on Wednesday, 23 September 2015 17:52:44 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:09:38 UTC