RE: referencing W3C or WhatWG specs (was: [webauthn] new commits pushed by equalsJeffH from Vijay Bharadwaj on 2016-09-14 (public-webauthn@w3.org from September 2016)

From: Vijay Bharadwaj <vijaybh@microsoft.com>
Date: Wed, 14 Sep 2016 16:07:19 +0000
To: "Hodges, Jeff" <jeff.hodges@paypal.com>, Wendy Seltzer <wseltzer@w3.org>
CC: "public-webauthn@w3.org" <public-webauthn@w3.org>
Message-ID: <a3952c97311b47df9859312b65df2615@microsoft.com>

In the PR I sent out last night (https://github.com/w3c/webauthn/pull/198) I took the second approach by pointing to HTML 5.1 which is in CR. This seems like a best-of-both-worlds compromise since HTML 5.1 appears to address all the things we care about (in many cases by pointing through to WHATWG specs, but that's not an issue for us to worry about).

From: Hodges, Jeff [mailto:jeff.hodges@paypal.com]
Sent: Wednesday, September 14, 2016 8:52 AM
To: Wendy Seltzer <wseltzer@w3.org>
Cc: public-webauthn@w3.org
Subject: Re: referencing W3C or WhatWG specs (was: [webauthn] new commits pushed by equalsJeffH

On 9/14/16, 7:39 AM, "Wendy Seltzer" <wseltzer@w3.org<mailto:wseltzer@w3.org>> wrote:
On 09/13/2016 10:45 PM, =JeffH via GitHub wrote:
The following commits were just pushed by equalsJeffH to
https://github.com/w3c/webauthn:
* ref whatwg HTML spec for origin & Navigator. Fixes #160.

Are these references not available in W3C HTML? I didn't read that into
#160.

https://w3c.github.io/html/browsers.html#section-origin
https://w3c.github.io/html/webappapis.html#the-navigator-object

We'll face normative reference[1] and consistency questions if we use
the WHATWG reference.

yep, tho the W3C and WhatWG need to actually address this overall spec dichotomy mess. Left unresolved it puts all of us in tough spot.  See..
Figure out how to manage normative dependencies to WHATWG HTML for features not in W3C HTML for CR/REC https://github.com/w3c/webappsec-secure-contexts/issues/9
..especially..

[0] https://github.com/w3c/webappsec-secure-contexts/issues/9#issuecomment-233633338

So it seem that editors of W3C specs depedendent on HTML/URL/DOM/FETCH/ENCODING/etc can take one of two approaches at this iterating-on-working-draft time:

1.  use all whatwg references  (eg for things in HTML/URL/DOM/FETCH/ENCODING), then at "transition to CR" time, assess all such refs and for those which correctly exist in extant W3C specs, update them to point to the W3C specs.

2. attempt to use all W3C references as we go along, but for those that do not exist or are no longer accurate (eg the W3C spec is stale relative to current implementations), use the appropriate WhatWG reference (those specs are claimed to be the implemented bleeding edge (?)).  At "transition to CR" time, assess all refs and update as appropriate.

the commit you're pointing to is taking approach (1); for me, it seems the easier path for the time being while we're iterating on a working draft.   i.e. in trying to discuss Anne's feedback with him, he's only referring to whatwg specs.

Though, we as a working group can decide which approach ( (1) or (2) ) we wish to take, and I'll update it per the decision.  Perhaps we should add this to our discussion topics next week in Lisbon.  In any case, we should certainly be having Lisbon side-discussions wrt @mikewest's observations in [0].

hth,

=JeffH

--Wendy
[1] https://www.w3.org/2013/09/normative-references

   by JeffH
https://github.com/w3c/webauthn/commit/e8172c4d2eea64bf60e0f53d82cb96fa081db22e

Received on Wednesday, 14 September 2016 16:08:28 UTC