search

w3c / process

W3C Process Document
https://www.w3.org/policies/process/drafts/
186 stars 124 forks source link

Clarify confidentiality requirements #835

Closed frivoal closed 6 months ago

frivoal commented 6 months ago

This is an attempt to clarify the confidentiality requirements by separating concerns.

But the phrasing of the second bullet could be read as if there was some particular task or activity ("effort") to be performed when dealing with different levels, suggesting that maybe changing levels was OK, as long as you do it the right way (maybe by redacting something).

This rephrasing clarifies that "reasonable effort" is a general requirement about confidentiality, and that disclosing beyond the proper level is not appropriate.

This PR is meant as a possible alternative to https://github.com/w3c/w3process/pull/722

Preview | Diff

joshco commented 6 months ago

looks good to me

css-meeting-bot commented 6 months ago

The Revising W3C Process CG just discussed Clarify confidentiality management, and agreed to the following:

The full IRC log of that discussion <fantasai> Subtopic: Clarify confidentiality management
<fantasai> github: Clarify confidentiality management
<fantasai> github: https://github.com/w3c/w3process/pull/835
<fantasai> florian: Josh made a PR to try to clarify confidentiality management, but most people found the PR even more confusing
<fantasai> ... after discussion in the last telecon, got a better idea of what he was trying to fix
<fantasai> ... this is an attempt to solve that confusion
<cwilso> +1
<fantasai> joshco: Agree this is better
<fantasai> ... previously [missed]
<fantasai> ... but now it says "whatever the confidentiality level is, you're supposed to respect it"
<fantasai> ... which is good
<TallTed> wfm
<fantasai> plh: Objections to merge?
<fantasai> RESOLVED: Merge PR 835 to clarify confidentiality management