start of a privacy section

w3c / automotive

W3C Automotive Working Group Specifications

Other

146 stars 68 forks source link

start of a privacy section #376

Closed tguild closed 3 years ago

tguild commented 3 years ago

@UlfBj and others, please take a read of my start of a privacy section for VISSv2

Input welcome

UlfBj commented 3 years ago

All information sent from a VISS service to client application must be encrypted.

This could be interpreted as that encryption must be applied to the data independently of the confidentiality protection given by the transport protocol, which I think should not be a requirement. With that view I would rewrite it as shown below.

All information sent from a VISS service to client application must be transported over a confidentiality protected protocol.

tguild commented 3 years ago

Hej @UlfBj how about:

All information sent from a VISS service to client application must be transported over an encrypted protocol to help protect privacy.

UlfBj commented 3 years ago

All information sent from a VISS service to client application must be transported over an encrypted protocol to help protect privacy.

It makes it clear, so it is fine from my point of view.

tguild commented 3 years ago

Don't merge yet, additional changes from #378 and today's call

tguild commented 3 years ago

@peterMelco let me know if you have better wording for what you raised in

https://github.com/w3c/automotive/issues/378