Re: [pki-survey] Final draft follow-up survey

[Steve Hanna <steve.hanna@sun.com>]

Thanks for the review, Sharon. My comments are below.

Sharon Boeyen wrote:
> I have no comments on the email text - I think it's perfect.

Good!

> Just a couple of minor comments on the survey itself:
> 
> 1 - In the privacy statement it says "If you choose to
> provide your email address..." but they really don't have
> a choice do they? Question 1 requires that they supply it.
> Suggest rewording the privacy statement to say "If you choose
> to complete this survey (note that this requires supplying
> your email address)...

Good point. I'll make this change.

> 2 - In question 2 I'm wondering if the "(generally not
> legally binding)" could be changed to something like "(generally
> no specific legal significance)". I'm thinking of things like
> expense claims for business travel or other forms signed within
> your own company for example. Your employment contract may make
> these legally binding but they are different than signing contracts
> for example. I like the "legally binding" for that category but
> think the "not" may be a bit misleading in the signing electronic
> forms case.

I see what you mean. The phrase "generally no specific legal
significance" is long and a bit lawyerly, though. How about
moving Signing Contracts to the front (since that's short
and clear) and changing the parenthetical comment for Signing
Electronic Forms to "(not legal agreements)" or "(not contracts)"?

> 3 - In the text just before question 3, where you describe the
> points system it might be helpful to add another sentence at the
> end of the first paragraph to make sure people understand that
> they don't need to distribute the points among all items, only to
> those of importance to them. Something along these lines "Note that you are
> free to allocate the points as you see fit and there is no need
> to allocate points to each item, only to those you feel are
> important. For example all 10 points could be allocated to a single item
> if you feel that reflects the relative importance." might work, but
> I'm flexible on the text itself. Just want to make sure they understand
> the flexibility.

OK. I'll make a change for this.

> 4 - In 7a, I suggest adding another item to the list (probably fits
> in between certificate revocation and smart card). The item is
> path validation.

That's a good one. It's pretty specific.

I think the three items that start with Application are
too vague. Respondents will have trouble knowing what they
mean and we'll have trouble knowing what to do if they
are ranked high. Maybe we should change them to:

Protocols that use PKI
   [formerly Application-Server and Application-Application]

Unusual Certificate Contents
   [formerly Application-Certificate]

> 5 - In question 8, first paragraph. It might be good to add a sentence
> to the end of this paragraph indicating that we still have the comments
> they provided in the first survey so they need not repeat those, but any
> additional thoughts would be welcome here.

There is a note about that later in question 8.
I'll move it to the end of the first paragraph.

> Sorry I've taken so long to respond - just been swamped :-)

That's OK. I was worried we would miss our August 11
startup date. But the OASIS staff is moving quickly.
I should have a prototype survey for you to try by
Thursday at the latest.

Thanks,

Steve

S/MIME Cryptographic Signature