This seems satisfactory to me. On Thu, Jan 29, 2015 at 10:32 PM, L. David Baron <dba...@dbaron.org> wrote:
> Here are the comments I have so far on this charter, based on the > thread. I'd note that this is a relatively large set of demands to make > in the charter review stage at the AC, especially for a recharter of a > WG that we're involved in. So it may come across to W3C staff as > somewhat demanding. > > I'm particularly interested in review of point (3) in what I've written; > I feel that the argument I've written so far is weak, I think because I > don't particularly understand the concerns about the powerfulfeatures > draft. > > I also haven't included anything about Brian's objection to the > suborigin namespaces work because I don't understand the objection, and > I don't see how to extract any actionable charter feedback directly from > Brian's message. (Or is it that the deliverable should be removed from > the charter? If so, I could use an explanation as to why.) > > In any case, here's the feedback I have so far. Comments are > welcome through roughly 5pm California time on Friday -- > particularly actionable ones that suggest how to revise this > feedback or at least say how the charter should be different! > > (Sorry for not getting this gathered together sooner.) > > -David > > > There are a number of problematic aspects to this charter to which > we object: > > (1) The "Confinement with Origin Web Labels" deliverable is described > in a way that makes it unclear what the deliverable would do. It > should be clearer. Furthermore, the lack of clarity means we > couldn't evaluate whether we are comfortable with it being in the > charter. > > (2) The "Entry Point Regulation for Web Applications" deliverable seems > to have serious risks of breaking the ability to link. It's not > clear that the security benefits of this specification outweigh the > risks to the abilities of Web users. > > (3) In the scope section, the item "Application awareness of powerful > features which may require explicit user permission to enable." > It's not clear whether this part of the scope is intended to > allow https://w3c.github.io/permissions/ to be a document in the > working group (which may be comfortable with, although some of us > have serious concerns about whether it is actually workable), or > whether it's intended to put > https://w3c.github.io/webappsec/specs/powerfulfeatures/ in the scope > of the working group, which we believe should not be, because we > don't believe the WebAppSec WG should be in the role of policing the > specifications of other groups (which is not the role it has > historically held), and we believe that in general specifications > about how to write other specifications have not been successful, > particularly if they attempt to have any mandatory status. > > At a minimum, it would be good to rephrase this item so that it > doesn't use the term "powerful features". It would probably be > preferable to explicitly state that work like the powerfulfeatures > draft is not in the scope of the working group. > > (4) We believe the charter should have provision for asynchronous > decision making, perhaps as in > http://www.w3.org/2012/webapps/charter/#decisions . > > -- > 𝄞 L. David Baron http://dbaron.org/ 𝄂 > 𝄢 Mozilla https://www.mozilla.org/ 𝄂 > Before I built a wall I'd ask to know > What I was walling in or walling out, > And to whom I was like to give offense. > - Robert Frost, Mending Wall (1914) > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
