- From: Johnathan Nightingale <johnath@mozilla.com>
- Date: Mon, 25 Jun 2007 10:36:28 -0400
- To: "Close, Tyler J." <tyler.close@hp.com>
- Cc: W3C WSC W3C WSC Public <public-wsc-wg@w3.org>
On 22-Jun-07, at 6:10 PM, Close, Tyler J. wrote: > Looking at the draft Rec proposals, it's not clear to me that the > current use-cases are providing the needed basis for explanation and > evaluation. I think we need to figure out why before we put the > Note to > bed. Now seems like a good time to take a step back and judge how well > our use-cases have enabled the description and evaluation of our > recommendations. What issues did authors have in using the Note > use-cases to describe their recommendations? Would the threat trees > work > provide a better basis for explanation and evaluation? I think your instinct is right on, Tyler, I just wish I had more constructive feedback to offer. When I was writing up IdentitySignal, I had to resist my initial impulse to say "Applies to all use cases," and instead go through to identify the cases where it was particularly relevant. I don't object to doing that, but it was an after-thought, more than a motivating, explanatory phase of recommendation development. For some recommendations (particularly robustness recommendations) it is still more difficult to pretend they are motivated by particular use cases, when in reality they are motivated as responses to known threats (e.g. sites which attempt to spoof chrome by positioning legitimate chrome off-screen.) If the workgroup feels that, outside of what motivates us as members, the use cases are an important piece of motivation for the *document*, that they will help situate our recommendations for our readers/implementors, then I'm absolutely fine with continuing to back-trace recommendations in this way. Likewise, someone might argue that my own treatment of use cases as an afterthought just comes from my greater familiarity with them, and with use case modelling in general as a technique. I could believe that too, and once again, I'm happy to keep referencing them. But if your question is aimed to get at the impression that use cases are not driving our recommendations so much as following them, then I agree with that impression, and am sort of stuck on what a better approach might be. Cheers, Johnathan --- Johnathan Nightingale Human Shield johnath@mozilla.com
Received on Monday, 25 June 2007 14:36:49 UTC