- From: Nilsson, Claes1 <Claes1.Nilsson@sonymobile.com>
- Date: Mon, 10 Aug 2015 16:49:18 +0200
- To: "'Pfaff, Oliver'" <oliver.pfaff@siemens.com>, "public-wot-ig@w3.org" <public-wot-ig@w3.org>
- Message-ID: <6DFA1B20D858A14488A66D6EEDF26AA303989B814B33@seldmbx03.corpusers.net>
Hi Oliver and others, Thanks for compiling this catalogue. I have some initial comments: 1. Maybe each requirements should have a number or any other id. That would make it easier in discussions and follow-up of requirements. 2. The list does more look like a the Security&Privacy Glossary in more detail than a list of requirements. That might be ok depending what we want to achieve. Do we want this or do we want? a. A total and tangible list of the security&privacy features applicable for WoT that needs to be covered by W3C standards (existing and new), using MUST, SHOULD and MAY vocabulary? b. A tangible list of the security&privacy features applicable for WoT that needs to be standardized by W3C in addition to what exists today (or what is in progress being standardized), i.e. a gap list, using MUST, SHOULD and MAY vocabulary? WDYT? BR Claes Claes Nilsson Master Engineer - Web Research Research&Incubation Sony Mobile Communications Tel: +46 70 55 66 878 claes1.nilsson@sonymobile.com<mailto:Firstname.Lastname@sonymobile.com> sonymobile.com<http://sonymobile.com/> [cid:image003.png@01D0D38C.7F81A770] From: Pfaff, Oliver [mailto:oliver.pfaff@siemens.com] Sent: den 5 augusti 2015 13:48 To: public-wot-ig@w3.org<mailto:public-wot-ig@w3.org> Subject: [IG-SP] Review of Security&Privacy Requirements Catalogue Dear colleagues, until now the Security&Privacy Requirements Catalogue<https://www.w3.org/WoT/IG/wiki/Security%26Privacy_Requirements_Catalogue> used to be a bit of a laundry list. That changed and now there is a first draft version for review. Formally the Wiki page is public (as well as this mail) and we'd accept comments from anybody in WoT IG. However I would like to ask for review and feedback from [IG-SP] before sending heads-up notices to the TFs. When reviewing, please check for: * Completeness: does the catalogue cover all requirements that we want to highlight (caveat: it should not become too lengthy, special interest items may have to be dropped to avoid the 'TL;NR' syndrome)? * Correctness: are the contents of the catalogue sufficiently sound (caveat: it should not become academic, becoming too nitty-gritty should be avoided)? * Comprehension: do the contents compile when reading through the catalogue with common sense, are the contents intuitively accessible? * Wording: which improvements are needed to pass the 'native speaker check'? I suggest a review/feedback period (within SP) until Aug, 12. Please provide suggestion and addition/change requests on the public mailing list or in a personal exchange (suggestions and addition/change requests that arrive thereafter will also be accommodated - this is not meant as a final call) Please note that I will do a round of double-checking against the IIC reference architecture during this review/feedback period (=> there might be some [hopefully minor] updates) Please also note that there will be some derivative work that will reflect the structure of the security&privacy requirements catalogue => adding (new) catalogue items later on will be easy, tweaking the structure will be tedious. So let's put a priority on establishing a structure that has a good chance of staying stable Kind regards, Oliver
Attachments
- image/png attachment: image003.png
Received on Monday, 10 August 2015 14:49:49 UTC