- From: Siva Narendra <siva@tyfone.com>
- Date: Wed, 23 Sep 2015 10:51:54 -0700
- To: Harry Halpin <hhalpin@w3.org>
- Cc: Anders Rundgren <anders.rundgren.net@gmail.com>, Alex Russell <slightlyoff@google.com>, "public-web-security@w3.org" <public-web-security@w3.org>, Tony Arcieri <bascule@gmail.com>, Brad Hill <hillbrad@gmail.com>, Rigo Wenning <rigo@w3.org>, GALINDO Virginie <Virginie.GALINDO@gemalto.com>
- Message-ID: <CAJhTYQxkWzncL1tRpCO4JCAEf56293FbyqWgTnnpipJ2XnG8Pw@mail.gmail.com>
Harry et al -- I am all for keeping it open but also keeping the discussion in a relevant working group setting. A setting where we can start implementing what will be good for the community at large. It is time for us to focus on implementations that support a general framework. There is clearly fatigue in rehashing discussions over and over. I haven't seen any new points coming from either side (if there are just two sides). I am hoping that the newly formed http://www.w3.org/2015/hasec/2015-hasec-charter.html can take this up to get us moving forward. FIDO and all! Siva *--* *Siva G. Narendra Ph.D. CEO - Tyfone, Inc.Portland | Bangalore | Taipeiwww.tyfone.com <http://www.tyfone.com>* *Voice: +1.661.412.2233* On Wed, Sep 23, 2015 at 8:45 AM, Harry Halpin <hhalpin@w3.org> wrote: > [removing WebAppSec WG, since obviously this doesn't concern their > chartered work] > > At this point, I think it would be a useful discussion for the Chair of > the IG to move the IG to member-only in a re-chartering, as it may be > the only way to keep the discussion on-topic. > > In particular, it would also be a good idea for members who are finding > these conversations wasting their time to bring up with the Advisory > Committee and the Advisory Board the persistence of people who either do > not have a basic background in Web Security, people who are consistently > off-topic, and 'trolls' on W3C lists, and find a suitable process for > removing or excluding them (I personally try to use a 'spam' filter, but > new W3C members may not know). If the W3C cannot control the problem of > having a few people overwhelming mailing lists with what is effectively > viewed as spam, then the W3C may even run the risk of being an > unsuitable place for doing standards work due to the high noise-signal > ratio on lists such as the Web Security IG. > > cheers, > harry > > > On 09/23/2015 11:18 AM, Anders Rundgren wrote: > > On 2015-09-23 15:57, Harry Halpin wrote: > >> On 09/23/2015 03:42 AM, Anders Rundgren wrote: > >>> In my opinion the #1 problem with this discussion is that when you > >>> mention things that doesn't match the SOP vision like the fact that > >>> Android-, > >>> Apple-, and Samsung-Pay doesn't work on the Web, dead silence is all > >>> you get. > > > >> <ad hominem attacks> > > > </ad hominem attacks> > > > >> In particular, it is likely more productive for various non-SOP schemes > >> to find a way to adopt to SOP in a principled manner and so maintain > >> security and privacy properties. Payment schemes, identity schemes, and > >> the rest should and can do this. > > > > This topic has never been discussed in for example: > > http://www.w3.org/Payments/IG/ > > > > Maybe Jeff should take down the flag > > http://www.w3.org/2015/01/banker_payments.pdf > > before it gets too embarrassing? > > > > Anders > > > > > > > >
Received on Wednesday, 23 September 2015 17:52:44 UTC