iherman
commented
1 month ago ~For some reason this issue did not appear on the pull-down list of the repo when I tried to add it to the pipeline...~ (Found it...)
Open iherman opened 1 month ago
iherman
commented
1 month ago ~For some reason this issue did not appear on the pull-down list of the repo when I tried to add it to the pipeline...~ (Found it...)
simoneonofri
commented
3 weeks ago hi @iherman,
For the security aspect, would it make sense to add the same text you wrote for VCWG for Security maintenance?
Thank you
iherman
commented
3 weeks ago @simoneonofri yes and no 😉...
At first glance, the VCWG example is not directly relevant here: once published as Recommendations, class 4 changes for VC documents are not allowed for them (per the WG's decision). The security issues that you refer to is explicitly allowing class 4 changes as exceptions. The PM case is different, because the charter makes the issues around class 4 exceptions moot, because the charter is for a new version of the EPUB specifications, following the "traditional" WD->CR->PR->Rec route. I.e., in theory, such exception is superfluous.
That being said, the PM charter is setting the scope expectation very tightly (the publishing industry is very averse to change, hence the precaution). As a consequence, it might indeed be a good idea to add an entry to, e.g., the second bullet list in the scope section which makes explicit some incubation work that may or may not end up as part of the Recommendation in this charter round. The item would reuse the same text:
Serious security or privacy issues that arise, requiring changes in a Recommendation
(Note that I have added privacy, because I actually think it has the same issue.)
If you agree, I will raise a new PR soon, but I would prefer to do that if and when https://github.com/w3c/publ-maintenance-wg-charter/pull/44 is merged, because that PR makes a more serious re-write of the scope section and I do not want to create a github merge mess...
@wareid @shiestyle @tjwhalen
simoneonofri
commented
2 weeks ago @iherman thank you for the explanation, approved the PR
himorin
commented
2 weeks ago no comment or request from i18n
npdoty
commented
1 week ago Looks fine from a privacy perspective. I don't know that the maintenance group can address all the privacy-relevant issues with ePubs, but horizontal review as normal seems fine and the charter does call out security and privacy fixes as within scope.
ruoxiran
commented
1 week ago APA is OK with this charter.
iherman
commented
1 week ago For the record the PR mentioned in https://github.com/w3c/strategy/issues/481#issuecomment-2441911915 has been raised and merged.
New charter proposal, reviewers please take note.
Charter Review
What kind of charter is this?
[X] Existing WG recharter
If this is a charter extension or revision, any issue discussion:
Communities suggested for outreach
(Digital) publishing in general, including
Known or potential areas of concern
The main concern is to have clear backing from publishers (we have many of the Reading System providers on board, like Apple, Google, Kobo/Rakuten, or EDRLab)
Where would charter proponents like to see issues raised?
Anything else we should think about as we review?
Under the current Working Group charter (expiring in June '25) the Group is not authorized to publish new versions of the Recommendation with class 4 changes. The objective of the new charter is to explicitly list features that were discussed/incubated in the Publishing Maintenance Working Group or elsewhere, and which are ready to be added to EPUB as standard features following the standard Recommendation process.
There are no plans to fundamentally change EPUB 3.
cc: @shiestyle, @wareid, @rickj, @swickr, @BillKasdorf