W3C home > Mailing lists > Public > w3c-wai-gl@w3.org > October to December 2002

Re: WCAG conformance profiles (claims vs. certificates)

From: Al Gilman <asgilman@iamdigex.net>
Date: Sun, 17 Nov 2002 09:38:56 -0500
Message-Id: <>
To: "Roberto Scano - IWA/HWG" <rscano@iwa-italy.org>, <jasonw@ariel.ucs.unimelb.EDU.AU>
Cc: "WCAG List" <w3c-wai-gl@w3.org>

At 05:08 AM 2002-11-17, Roberto Scano - IWA/HWG wrote:

>----- Original Message -----
>From: "Jason White" <jasonw@ariel.ucs.unimelb.edu.au>
>To: "Roberto Scano - IWA/HWG" <rscano@iwa-italy.org>
>Cc: "WCAG List" <w3c-wai-gl@w3.org>
>Sent: Sunday, November 17, 2002 10:58 AM
>Subject: Re: WCAG conformance profiles
> > Two comments:
> >
> > 1. This has been superseded by RDF/EARL: http://www.w3.org/WAI/ER/
>Ok... so we need to define using these...
> > 2. The proposed PICS ratings for levels 1+ and 2+ don't specify which
> >    checkpoints have been met beyond level 1 in the first case and
> >    beyond level 2 in the second. Thus they don't constitute a
> >    complete or accurate conformance claim, because someone reading
> >    this claim wouldn't know which checkpoints were involved. That is
> >    why I specified in my proposal that at levels 1+ and 2+ the
> >    relevant checkpoints have to be identified in the profile.
>Hum... at this point this could cause confusion... The real claim could be
>done only if every web site that requires the claim submit a form in the W3C
>web sites where declare the point that are soddisfed so at the end of the
>form will be assigned a UIN (unique identification number) for the claim for
>this web site. This will guarantee that the web site owner by himself check
>the points and claim that his web site pass these points.
>So, when from his web page he link to the W3C conformance page, he could do
>this like:
>So will be shown the claim reached by this web site (1, 1+, 2, 2+, 3) and -
>if intemediate level, will be shown the checkpoint of intermediate level.
>This could be the unique guarantee for don't make confusion for the
>intemediate levels.

[Al, here]

You are assuming that W3C is certifying the claims, when you say "the real
claim."  The way one encodes the substance of the claim (EARL) is
independent of who says it is true, and how one says that they really say it
is true (XMLDSIG).

We should separate certification issues from representation language issues.

Yes, if the W3C has signed a copy of the conformance report either as 'seen' or
as 'corroborated' that signature will serve as a sufficient key to retrieve the
report if you query the W3C authority as to "What was in the document that you
signed thus: (publicKey, digiSig)?"  Assuming that W3C has agreed to serve 
as such a repository.

But this would be done using standard signature techniques which leave us free
to use what language we wish for the expression of the claims being signed.

And the architecture of the Semantic Web is such that one doesn't need a
central authority compiling a registry.  The entire URI namespace is the
index space of Web storage, and the claim as seen and signed (by whoever, no
matter who) can be served from anywhere and the signatures will confirm the
authority of the assertions with high confidence.

The issue as to whether or not W3C would take on the role of a certifying
authority is a matter that I should perhaps defer to the Director of the
International Program Office (Judy).  However, the WCAG group can and should
create the expressive language so as to be completely independent from any
certification process assumptions.

EARL (check me here, Wendy) has been designed to be usable in the absence of
any certification process and pre-existing trust relationship with an audit
and certification activity.  It links the claims with a description of the
actual conformance checks performed so that a third party receiving the
claim can readily confirm or deny the claims for themselves.

Received on Sunday, 17 November 2002 09:39:15 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:32:10 UTC