W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2014

Re: Call for consensus to move forward with proposed rechartering of WebAppSec WG

From: Brad Hill <hillbrad@fb.com>
Date: Wed, 19 Nov 2014 19:10:32 +0000
To: Brad Hill <hillbrad@fb.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <D092287E.133D%hillbrad@fb.com>
<Hat = WG Participant>

I spoke with my legal team, and they are concerned about the Permissions
API.  It is somewhat out of character with the rest of the work this group
is doing.  Everything else is roughly about setting security policies and
hints from the server to be implemented by the client. In contrast, the
Permissions API is adding new app-focused APIs in the client.  While it is
simple now, it may become a hook on which more complex work will be hung,
around schemes for prompting users, managing permissions, etc. and this
may enter into areas where members have IPR concerns.

As a member, I'd like to request that we remove this out of the draft
charter as it more properly belongs in WebApps or Device API by virtue of
its IPR penumbra.  I could probably live with adding language tightly
scoping it to its current functionality, but it might be better for
everyone if it went somewhere else it didn't have to be "dead-ended" in
this way.

Dan, I'd like to ask you to manage the consensus on this topic going
forward, given my need to take a position as a participant.

Thank you,

Brad Hill


On 11/18/14, 11:31 AM, "Brad Hill" <hillbrad@fb.com> wrote:

>After discussion on yesterday's teleconference, I have added the
>Permissions API (unofficial draft at: https://w3c.github.io/permissions/)
>to our proposed rechartering.
>
>The full proposal is available at:
>
>https://w3c.github.io/webappsec/admin/webappsec-charter-2015.html

>
>
>This is a call for Consensus on this draft charter.  Please respond as a
>current member of the WG if you support or oppose proceeding with this
>draft charter.  Note that after our consensus is ratified, the charter
>will still need to go for AC review and members will need to re-join after
>rechartering.  The charter sets out the scope of commitments your
>organization will have to make to participate in this WG, as outlined by
>the W3C Patent Policy
>(http://www.w3.org/Consortium/Patent-Policy-20040205/) so please consider
>carefully now if your participation may be impacted.
>
>Positive feedback is encouraged, but a lack of response will be considered
>approval of this course of action.
>
>This call for consensus will end at our next regular call on Monday, 1
>December 2014.
>
>Thank you,
>
>Brad Hill
>Co-Chair, WebAppSec WG
>
>

Received on Wednesday, 19 November 2014 19:11:01 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:08 UTC