OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pbd-se message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: comments on draft/questions

I have some comments and questions on the latest draft based on a quick read, apologies if I’ve missed topics discussed elsewhere or in the other comments.

I’ve edited the attached draft with some minor editorial updates and some Word comments.

Overall I agree with Kim that it might be helpful to clearly delineate the core normative material from tutorial and explanatory material, either in one document or elsewhere. This should make it easier to review what is required for compliance. In some places I lower-cased non-RFC words in the attached draft, or removed upper case may where it was more the English usage.

 I also believe it is important to be clear on the target audience, which appears to be ‘enterprise software development projects’ or system integrators.

The reason I mention this is that  it might help to mention how this specification could fit with light-weight, lean, incremental projects not under the control of a single organization. I’m thinking of internet/web projects where a platform is created by one or more groups, and used by others to create a system.  In this case, I would suggest that the platform team(s) should be aware of privacy concerns, but that the system integrator is responsible for the overall analysis as in this document (but may not be able to analyze or document the platform itself). 
This case is difficult because the assumed organizational structure is not in place, nor is there full information for any party. I’d argue that this specification could then be used to measure the degree of compliance and then identify gaps, possibly enabling changes to achieve fuller compliance.

Based on this concern,  I suggest changing the requirement for UX design to SHOULD (  SHOULD describe privacy UI/UX design ) since a platform developer could have no control over the UI, but maybe over other aspects.
 
Editorially, I suggest removing all placeholders and comments regarding future work from the document - this can go on the TC wiki roadmap, which would be more flexible, especially as  plans could change.

regards, Frederick

Frederick Hirsch, Nokia
@fjhirsch

Attachment: pbd-se-v1_0-wd04 R3 - without Section - fjh.docx
Description: pbd-se-v1_0-wd04 R3 - without Section - fjh.docx

















[Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]