RE: Follow-up to TAG meeting on Powerful Features

+1 to that!

Security suffers from the same problem, using terms in ways that are totally different from common parlance, e.g. the word “trusted”:

·         Normal humans think it means “trust-worthy, e.g. my good friend.”

·         Security people think it means “the condition required for betrayal” ☺

A debate about what “powerful” means seems hopeless. Instead, let’s look at where we want to use “powerful” to distinguish a feature from some other features. What’s the point of the distinction? Make up a term for that distinction, but please don’t re-define “powerful”.

From: Mark Watson [mailto:watsonm@netflix.com]
Sent: Tuesday, February 17, 2015 7:56 AM
To: Wendy Seltzer
Cc: Daniel Appelquist; www-tag@w3.org; public-webappsec@w3.org
Subject: Re: Follow-up to TAG meeting on Powerful Features



On Mon, Feb 16, 2015 at 9:07 AM, Wendy Seltzer <wseltzer@w3.org<mailto:wseltzer@w3.org>> wrote:
Hi Dan and TAG, cc WebAppSec,

Thanks for inviting discussion on "Requirements for Powerful Features"
at the recent TAG meeting.

As a proposed way forward, I heard TAG express interest in working with
WebAppSec on the specification, to edit a joint product in which the
requirements for "Is [insert feature here] powerful?" could be
normative. That way, we'd combine the TAG's insight on architectural
considerations with WebAppSec's security expertise.

​I'd like to re-iterate here a point I tried to make earlier to the WebAppSec group. I think the use of language here is setting us up for unnecessary and potentially prolonged debates about the meaning of "powerful".

"Powerful" is a very broad term. One can imagine protracted discussions about whether any given feature fits the English-language definition of "powerful". But the current approach tries to make "powerful" isomorphic with "not safe for HTTP websites". A more typical approach in such circumstances is to coin a new or at least uncommon term so that one can create and own a specific technical definition of that term.

Put another way, it seems at least plausible that there will be features that fit the English-language definition of "powerful" but which are perfectly safe to be used by HTTP sites. Conversely, there may be features which are not very powerful at all, but which do need to be restricted to HTTPS. Using the term "powerful" sets up up for pointless debates in such cases.

In mathematics, it is common practice to re-purpose general english terms for very specific means, for example "simple" groups have little to do with the english-langage meaning of "simple". I don't think we have that luxury here,

Could I suggest that we coin and define our own term ? I don't have a great suggestion, perhaps "HTTP-unsafe" ?

…Mark







If that's a correct recollection, who from the TAG would be interested
in working with WebAppSec, and how can I help to bring you on-board?

Best,
--Wendy

--
Wendy Seltzer -- wseltzer@w3.org<mailto:wseltzer@w3.org> +1.617.715.4883<tel:%2B1.617.715.4883> (office)
Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
http://wendy.seltzer.org/        +1.617.863.0613<tel:%2B1.617.863.0613> (mobile)