RE: ISSUE-40: Drill-down access to all security information is not \'nice,\' it\'s required (by UAAG 1.0). (public comment) from Doyle, Bill on 2007-04-19 (public-wsc-wg@w3.org from April 2007)

From: Doyle, Bill <wdoyle@mitre.org>
Date: Wed, 18 Apr 2007 23:39:45 -0400
To: "Mary Ellen Zurko" <Mary_Ellen_Zurko@notesdev.ibm.com>, "Web Security Context WG" <public-wsc-wg@w3.org>
Message-ID: <518C60F36D5DBC489E91563736BA4B5801691EB5@IMCSRV5.MITRE.ORG>

Access to information is required by UAAG 1.0, Guideline 2.



________________________________

	From: public-wsc-wg-request@w3.org
[mailto:public-wsc-wg-request@w3.org] On Behalf Of Mary Ellen Zurko
	Sent: Wednesday, April 18, 2007 10:22 AM
	To: Web Security Context WG
	Subject: Re: ISSUE-40: Drill-down access to all security
information is not \'nice,\' it\'s required (by UAAG 1.0). (public
comment)
	
	

	We should certainly not be reinventing any requirements wrong.
In wsc-usecases, we shouldn't be putting forward any requirements or
recommendations at all. And we should not at any stage re-state
requirements from another WG (since they, not we, are the cannonical
source of them). 
	
	I propose we remove this text:
	
	  Access to security information beyond what is available
through the
	  recommended presentation may be desireable in many scenarios,
such
	  as debugging. User agents are encouraged to provide this
access, but
	  in a way that does not interfere with the recommended
presentation.
	
	I think I was one of the few people really hot on keeping
debugging scenarios in mind. From a product perspective, they're
incredibly important from a Total Cost of Ownership point of view. I'll
syphon my energy on this point to 
	http://www.w3.org/2006/WSC/wiki/FuturesAndOnePluses
	
	          Mez
	
	Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l
333-6389)
	Lotus/WPLC Security Strategy and Patent Innovation Architect
	
	
	
	
Web Security Context Issue Tracker <dean+cgi@w3.org> 
Sent by: public-wsc-wg-request@w3.org 

04/15/2007 10:54 AM 
Please respond to
Web Security Context WG <public-wsc-wg@w3.org>


To
public-wsc-wg@w3.org 
cc
Subject
ISSUE-40: Drill-down access to all security information is not
\'nice,\' it\'s required (by UAAG 1.0).  (public comment)

	




	
	
	ISSUE-40: Drill-down access to all security information is not
'nice,' it's required (by UAAG 1.0).  (public comment)
	
	http://www.w3.org/2006/WSC/Group/track/issues/40
	
	Raised by: Bill Doyle
	On product: Note: use cases etc.
	
	>From public comments
	raised by: Al Gilman Alfred.S.Gilman@ieee.org
	
	http://lists.w3.org/Archives/Public/public-usable-
	authentication/2007Apr/0000.html
	
	
	Drill-down access to all security information is not 'nice,'
it's required (by 
	UAAG 1.0). 
	where it says, in (non-goals) 3.1 Presentation of all security
information
	
	  Access to security information beyond what is available
through the
	  recommended presentation may be desireable in many scenarios,
such
	  as debugging. User agents are encouraged to provide this
access, but
	  in a way that does not interfere with the recommended
presentation.
	you must change
	This statement is too weak.  Mention and link the fact that
access to all this 
	information is required by UAAG 1.0, Guideline 2.
	Why? 
	The User Agent Accessibility Guidelines 1.0 is already a
Recommendation.  The 
	current work is not chartered to undercut its requirements.
Don't re-invent 
	this requirement wrong; just pass through the relevent
authoritatve 
	requirement.

Received on Thursday, 19 April 2007 03:39:54 UTC