"End-to-End Encryption email" is missing an actual proposal

Question

"End-to-End Encryption email" is missing an actual proposal

plehegar opened this issue a year ago · 7 comments

From AC Review:
[[
We are concerned about the new "End-to-End Encryption email" proposed optional deliverable because it looks out of scope for the working group: https://www.w3.org/2024/01/proposed-wg-webappsec.html#scope

The proposed charter does not have cryptography in its scope except for maintaining the Web Cryptography API
The proposed charter does not have messaging standards, formats, protocols in its scope

We also note that the link in the deliverables section to "End-to-End Encryption email" is also only to a section of minutes of a meeting from nearly 6 months ago, and NOT a Proposal draft (whether incubated or not) or even an Explainer draft, which is highly unusual and unexpected. This seems like a Charter drafting clerical error of leaving in the wrong link, since the linked minutes do say there is a "draft that we have" that "if there's enough interest we will publish", so presumably that publication may (should?) have happened in the past 6 months since one implementer proposed it and another implementer said "There is interest".

Since we are not sure if there was an attempt to expand the Scope but it wasn't written up, and/or if there was a clerical error of failing to link to an actual proposal, or if this was perhaps a Charter editing-in-progress tentative addition that was errantly not removed before taking to an AC poll, we do not feel we have enough information to propose a specific set of actions to resolve these concerns.

We are expressing our concerns (on apparent scope violation and failure to link to an actual proposal) but we are not making this a Formal Objection because optimistically the error or errors may again be clerical (rather than substantial) in nature, and we expect the Team to address such corrections before adopting an updated Web Application Security Working Group Charter.
]]

cc w3c/strategy#426

Answer 1 · 2024-03-04T14:59:45.000Z

cc @marcoscaceres

Answer 2 · 2024-03-20T16:59:07.000Z

proposal is at https://github.com/WebKit/explainers/tree/main/remote-cryptokeys

Answer 3 · 2024-03-20T17:06:46.000Z

(second part of the proposal is expected by end of this week)

cc @hober

Answer 4 · 2024-03-22T05:23:07.000Z

We can have the second part most likely by next week.

Answer 5 · 2024-04-03T20:06:52.000Z

it's been 2 weeks now and still no actual; proposal. at this point, this should be dropped.

Answer 6 · 2024-04-03T23:59:49.000Z

The https://github.com/WebKit/explainers/tree/main/remote-cryptokeys is part of it. Sorry, I've been dealing with some health issues last few days which delayed things. I'll put it up in the next few hours.

Answer 7 · 2024-04-04T08:09:51.000Z

Sorry for the delay on our side:
https://github.com/WebKit/explainers/blob/main/cryptographic-message-syntax-API/README.md