- From: GALINDO Virginie <Virginie.Galindo@gemalto.com>
- Date: Fri, 19 Jun 2015 08:35:32 +0000
- To: "ted@w3.org" <ted@w3.org>, "public-privacy@w3.org" <public-privacy@w3.org>, "public-web-security@w3.org" <public-web-security@w3.org>, "public-webappse@w3.org" <public-webappse@w3.org>, "public-wot-ig@w3.org" <public-wot-ig@w3.org>
- CC: Paul Boyes <pb@opencar.com>, "Abramski, Adam M" <adam.m.abramski@intel.com>, Kazuyuki Ashimura <ashimura@w3.org>
Ted, and all, [web security IG chair hat on] I feel that initiative really important, I have raised several time the need to have a consistent security approach on the automotive area. [gemalto representative hat on] Let me remind you that gemalto made a contribution during the W3C workshop precisely on security perspectives. It could be useful for your coming work. It is reminding the main rationale for having a robust framework, and an efficient application lifecycle and permission management. Presentation is available here : http://www.w3.org/2012/08/web-and-automotive/slides/webandauto-day1-Gemalto.pdf Regards, Virginie -----Original Message----- From: Ted Guild [mailto:ted@w3.org] Sent: lundi 8 juin 2015 23:24 To: public-privacy@w3.org; public-web-security@w3.org; public-webappse@w3.org; public-wot-ig@w3.org Cc: Paul Boyes; Abramski, Adam M; Kazuyuki Ashimura Subject: [Fwd: CfP in Automotive Privacy and Security Task Force] I am writing because I wanted to ensure Privacy IG, Web Security IG, WebAppSec WG and WoT IG were aware that the Automotive activity at W3C is forming a task force on Privacy and Security focusing on specific issues arising from work we are doing that we may seek your advice on and will continue following your efforts. Any interested are also welcome to join either the Auto BG, WG or both and this task force. -------- Forwarded Message -------- > From: Ted Guild <ted@w3.org> > Reply-to: ted@w3.org > To: public-autowebplatform <public-autowebplatform@w3.org>, > public-automotive <public-automotive@w3.org> > Subject: CfP in Automotive Privacy and Security Task Force > Date: Wed, 03 Jun 2015 12:40:03 -0400 > > This is a call for participation in a Security and Privacy Task Force. > It will be a joint task force comprised of the W3C Automotive and Web > Platform Business Group [1] and the W3C Automotive Working Group [2]. > Participants need to belong to either the Business Group (BG)or > Working Group (WG). > > If you are interested in participating in this task force please > contact either one of the staff contacts (Kaz Ashimura or Ted Guild) > or chairs (Paul Boyes or Adam Abramski), their contact information is > in the cc line of this email. Do encourage participation from > security experts you are acquainted with at your organizations and > those you collaborate with. > > The Working Group is chartered [3] to bring a vehicle API and data > specification through W3C's Recommendation Track. Any work that will > directly influence specifications needs to be worked on solely within > the Working Group to ensure contributions are made under the Patent > Policy [4]. Deliverables that have no direct impact on the > specification can be worked on jointly. > > The Business Group is presently undergoing rechartering after handing > off its draft specifications to the newly formed Working Group. Its > charter will include Media Tuner API and Navigation/Location Based > Services initially and will be revised as other incubator activities > gather interest and momentum. > > This task force will be exploring security primarily from the > perspective of standards being worked on in the WG or under early > exploration in the BG, focusing on potential attack vectors being > created. Some consideration may be given on broader aspects of > security but unless those areas of the purvey of other groups in W3C > or other organizational liaisons they will be considered out of scope. > > Privacy similarly will remain focused on data being exposed by > standards emerging from the WG and BG but may broaden to potential use > cases of applications based on that data, API interaction, user data > rights and clearly communicated opt-in sharing arrangements. > > It is not the intent of this task force to try to address broader > concerns of automotive and web platform. > > This task force intends to liaise with the following W3C groups: > > * Web of Things (WoT) Interest Group [5] > * Privacy Interest Group [6] > * Web Application Security Working Group [7] > * Web Security Interest Group [8] > > Potential deliverables: > > * Use cases > * Best practices > * Challenges > * Requirements > > To avoid cross posting to BG and WG mailing lists this task force will > use public-auto-privacy-security@w3.org as a dedicated list instead. > It is publicly archived [9], task force participants are automatically > subscribed and only participants are allowed to post messages. We can > revisit the configuration later if warranted. > > Follow responsible disclosure practices [10] and do *not* post any > sensitive security information to this mailing list but instead send > any discrete messages to chairs and staff contacts. If necessarry we > can create an unarchived list for confidential discussions. > > List of task force participants is available to W3C Members [11]. > > [1] https://www.w3.org/community/autowebplatform/ > [2] http://www.w3.org/auto/wg/ > [3] http://www.w3.org/2014/automotive/charter > [4] http://www.w3.org/Consortium/Patent-Policy-20040205/ > [5] http://www.w3.org/WoT/ > [6] http://www.w3.org/Privacy/ > [7] http://www.w3.org/2011/webappsec/ > [8] http://www.w3.org/Security/wiki/IG > [9] https://lists.w3.org/Archives/Public/public-auto-privacy-security/ > [10] https://en.wikipedia.org/wiki/Responsible_disclosure > [11] https://www.w3.org/2000/09/dbwg/details?group=78932 > > -- > Ted Guild <ted@w3.org> > W3C Systems Team > http://www.w3.org -- Ted Guild <ted@w3.org> W3C Systems Team http://www.w3.org ________________________________ This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited. E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender. Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
Received on Friday, 19 June 2015 08:36:20 UTC