Principles for requirements document

During the F2F we discussed principles from the original XML  
Signature requirements document and in my presentation I outlined  
possible principles for the requirements document going forward.

At the F2F we agreed that we should have a  list of principles that  
should be followed.

http://www.w3.org/2008/07/16-xmlsec-minutes.html#item10

Do we agree on these principles, do we need changes or additions? I  
updated #6 to reflect our desire to minimize dependencies.

1. Be Consistent with the Web Architecture
http://www.w3.org/TR/webarch/

2. Be XML and XML Namespace compatible

3. XML Signatures are 1st class objects

4. Design for security and mitigating attacks

5. Enable extensibility where necessary but simplicity and reduced  
optionality by default

6. Re-use existing standards where possible but minimize dependencies  
on other standards as much as possible.

7. Don’t break backward compatibility unnecessarily

8.  Manage versioning and interoperability - clearly call out  
compatibility issues

9. Acknowledge processing models with different software components/ 
layers.

If someone would like to propose text to describe these further that  
would be useful.

Thanks

regards, Frederick

Frederick Hirsch
Nokia

Received on Monday, 11 August 2008 15:13:34 UTC