- From: Jonathan Rees <jar@creativecommons.org>
- Date: Mon, 30 Nov 2009 08:48:37 -0500
- To: Larry Masinter <masinter@adobe.com>
- Cc: "noah_mendelsohn@us.ibm.com" <noah_mendelsohn@us.ibm.com>, "www-tag@w3.org" <www-tag@w3.org>
Just a minor comment on how to spin this. It seems to me that the difference between security architecture and policy architecture is that policy is about communication within and among system components that are already trusted (assumed to be well-intentioned), and its purpose is not to constrain them but to inform them. A security infrastructure is simply a way to implementat a given policy. So what's needed is to make sure that policy, as information, flows to all system components that need to be informed by it, and is "in your face" so that it's easier for a well-meaning programmer to cause it to be applied than to ignore it through ignorance or oversight. So instead of "the ability to use policy information to control access to user data, retention of user data and related concerns", how about "the ability to communicate policy information so that it can be used to determine correct access to and retention of user data and resources"? Of course you can't use it if you don't have it, so logically this goes without saying, but rhetorically speaking I think a shift of this kind might help. Putting it this way sidesteps the argument that David Baron cites. Even if policy is determined once by a standards body instead of differentially per site or per user, the communication channel (in that case, from the spec writer to the programmer) still has to be there; moving the locus of policy origin simply changes the endpoints and medium. Jonathan On Sun, Nov 29, 2009 at 8:19 PM, Larry Masinter <masinter@adobe.com> wrote: > ACTION-321 > > > > I dropped the ball on this, I’m afraid. Here’s my attempt at > > editing the note from Ashok[1] based on our discussion in > > October [2] I hope I captured the sense we wanted. > > > > [1] http://lists.w3.org/Archives/Public/www-tag/2009Sep/0073.html > > [2] http://www.w3.org/2001/tag/2009/10/08-minutes#item05 > > > > > > Larry > > > > > > =============================================================== > > > > The W3C Policy Languages Interest Group maintains a Wiki which contains > > real world cases where personal information has been compromised due to > > inadequate policy or poor/nonexistent enforcement: > > http://www.w3.org/Policy/pling/wiki/InterestingCases. One of these cases > > describes how Virgin Mobile used photos that it found on Flickr in a > > national advertising program. The photos appeared on large billboards, > > much to the surprise of the owner and the subject. > > > > In the public mind, issues related to the management and protection of > > user information in Web Applications, Device access over the Web and > > Services provided over the Web loom large and must be addressed. The > > TAG, therefore, urges WGs working in these areas to include in their > > architecture the ability to use policy information to control access > > to user data, retention of user data and related concerns. Addressing > > these concerns should be a requirement, although the details of how > > they are addressed may vary by application. For example, a working > > group might provide mechanisms for including policy information in API > > calls in a flexible manner. > > > > There has been some dialog in this area. The IETF GeoPriv WG has > > requested the W3C Geolocation WG to add additional support for user > > privacy. See: > > http://lists.w3.org/Archives/Public/public-geolocation/2009Aug/0006.html > > > > There is a discussion thread on this subject on the Geolocation Mailing > > list: > > http://lists.w3.org/Archives/Public/public-geolocation/2009Jun/thread.html#msg98 > >
Received on Monday, 30 November 2009 13:49:21 UTC