- From: Doyle, Bill <wdoyle@mitre.org>
- Date: Wed, 1 Aug 2007 13:58:11 -0400
- To: "Thomas Roessler" <tlr@w3.org>, "Mary Ellen Zurko" <Mary_Ellen_Zurko@notesdev.ibm.com>
- Cc: <public-wsc-wg@w3.org>
This looks good, is this a go for external review? Cheers Bill D. -----Original Message----- From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On Behalf Of Thomas Roessler Sent: Monday, July 30, 2007 5:58 PM To: Mary Ellen Zurko Cc: public-wsc-wg@w3.org Subject: Re: ISSUE-77: Reference threat work in wsc-usecases On 2007-07-30 15:32:05 -0400, Mary Ellen Zurko wrote: > Concensus at the Dublin meeting was to reference our threat tree > work. I'm going to take another stab at a proposal, against the > current text of the draft. Here's an alternative proposal to what your wording suggests, consistent with the consensus from Dublin: Let's instead publish the threat tree work as a separate note along with the use cases right away, clearly tagged as work in progress, and with an appropriate reference in the use case note. We can then update the threat tree note whenever it seems convenient, and with little effort. A first stab is here: http://www.w3.org/2006/WSC/drafts/threats/Overview.html I've set up some tools so changes can continue to be made to the wiki, and it will take a pretty small amount of manual intervention to publish an update of this note to track such edits. Some boilerplate material and the references are currently missing. As far as the use cases document is concerned, I'm a bit concerned that the material that is currently in there covers only part of the threat trees. I'd prefer to return to the "high level captions" approach that we had before. Language for the use case note: Threats which are in scope for the work described in this Note are further discussed below. A comprehensive threat tree is work in progress. [WSC-threats] Regards, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Wednesday, 1 August 2007 17:59:00 UTC