Re: ISSUE-70: Scope should be defined in terms of concepts, not in terms of use cases from Mary Ellen Zurko on 2007-05-23 (public-wsc-wg@w3.org from May 2007)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Wed, 23 May 2007 09:14:07 -0400
To: Web Security Context WG <public-wsc-wg@w3.org>
Message-ID: <OFC6570250.6F79BB8B-ON852572E4.00487283-852572E4.0048B40D@LocalDomain>

The in/ out of scope section contents and their  introductory text is not 
in terms of use cases. Though it does remain sparse even after the round 
of clarifications in response to other review comments. 

Scope are hard constraints; goals are where we spend our time. So I would 
say that exceptional cases and expert use cases are in fact in scope, but 
not our goals. 

Stuart, do you want to take another crack at what this issue proposes to 
change, now that I've (attempted to) clarify it a bit? 

          Mez

Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect




Web Security Context Issue Tracker <dean+cgi@w3.org> 
Sent by: public-wsc-wg-request@w3.org
04/25/2007 10:39 AM
Please respond to
Web Security Context WG <public-wsc-wg@w3.org>


To
public-wsc-wg@w3.org
cc

Subject
ISSUE-70: Scope should be defined in terms of concepts, not in terms of 
use cases








ISSUE-70: Scope should be defined in terms of concepts, not in terms of 
use cases

http://www.w3.org/2006/WSC/Group/track/issues/70

Raised by: Stuart Schechter
On product: Note: use cases etc.

With regard to section 3.1 (Goals), I think it's very hard to make sense 
of
what's in scope and out of scope given that there are 20 use cases.  It
sounds like consensus is that average user's everyday activities in are in
scope, and that exceptional cases and expert use cases are out of scope 
(so
long as they attacker can not cause and exploit exceptional cases.)  Why
don't we just say something to that effect?

Received on Wednesday, 23 May 2007 13:14:26 UTC