W3C home > Mailing lists > Public > public-prov-wg@w3.org > July 2012

PROV-ISSUE-448 (Security-considerations): Provide proper discussion of security considerations [cross-document]

From: Provenance Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Mon, 09 Jul 2012 10:28:12 +0000
Message-Id: <E1SoBCO-0006SE-Bi@tibor.w3.org>
To: public-prov-wg@w3.org
PROV-ISSUE-448 (Security-considerations): Provide proper discussion of security considerations [cross-document]

http://www.w3.org/2011/prov/track/issues/448

Raised by: Graham Klyne
On product: cross-document

Provenance is substantially about establishing trust.  As such, I think we should (following long-established IETF practice) give due attention to related security considerations.  In particular, I think our treatment of security considerations should be pulled into a place where it will get most review, as strong review is one of the cornerstones of good security.

It's not our job to fix every possible security problem, but we should try and expose the range of issues that developers will need to consider when implementing applications that use provenance.

Currently, there are security considerations in the MIME registration for PROV-N, and in PROV-AQ.

I think a new security considerations section in PROV-N, cross-referenced from the other documents as appropriate, might be a reasonably prominent place to document security concerns for provenance.  For many concerns, we may be able to reference other documents from there.

Emails relating to this issue include:
http://lists.w3.org/Archives/Public/public-prov-wg/2012Jul/0104.html
http://lists.w3.org/Archives/Public/public-prov-wg/2012Jul/0103.html
Received on Monday, 9 July 2012 10:28:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 9 July 2012 10:28:20 GMT