- From: Joseph Reagle <reagle@w3.org>
- Date: Thu, 2 May 2002 11:42:03 -0400
- To: <austin.d@ic.grainger.com>, <abbieb@nortelnetworks.com>, <sharad.garg@intel.com>
- Cc: www-wsa-comments@w3.org
Some brief comments on [1], which is very well organized and clear! [1] http://www.w3.org/TR/2002/WD-wsa-reqs-20020429 Section: comment. 1.1: What is an "XML artificat." 3.2.1: "provide a reference platform". What does "provide" and "include" mean in this specification? In the case, does it mean provide reference code? D-AC001.1.1: "Ensure that no individual implementor is favored over others." I appreciate the sentiment, but this sounds like everyone is forced to the lowest common denominator. What happens if an implementor has a great development platform and library? How will you ensure he isn't favored? (Or maybe the question should be, favored in what way?) AC006.2: What is a Security Policy? What does establishment, construction, and realization mean? (A potential way to anchor requirements is to specify them over actual deliverables of the Activity.) D-AR0062.2: What does the "include" mean here. Will it be sufficient to say, "authentication mechanism are application specific, and we specify SSL as a minimum to interoperate?" D-AR006.7 "The security framework must include Key Management, pertaining to Public Key Encryption (PKE) and Key Distribution Center (KDC)." What is a KDC? References? 5 : It is atypical in the Acknowledgement section to represent affiliation as the primary sorted key. We don't do it for authors/editors and I don't think the W3C should do it for other contributors. -- *Note: I will be attending the W3C AC and WWW2002 meetings from May 5-10, and taking holiday from 13-16. I will not be as responsive during the former period, and off-line during the latter. I will fully respond to any email as soon as possible after my return.
Received on Thursday, 2 May 2002 11:42:14 UTC