Re: Request to make one proposal for execution model and security model

On Tue, Jan 29, 2013 at 2:26 AM, John Lyle <john.lyle@cs.ox.ac.uk> wrote:
> The purpose of the security model we proposed (which is essentially the
> webinos security model) was primarily to get agreement (or create
> discussion) on the threat model, assets, terminology and some other broad
> principles.  That hasn't happened, unfortunately, but the proposals by
> Samsung and Mozilla broadly satisfy most of the requirements expressed (The
> Samsung proposal perhaps more).  It's worth mentioning that there remain
> some points of disagreement between the three documents, but nothing
> insurmountable.
>
> I would be happy to contribute to a merged proposal of [2] and [3] to help
> add further content about the threat model and requirements, if the editors
> think this would be helpful.

I think threat model and requirements is a large enough deliverable
that it's better done as a separate document. Would this be acceptable
to you? I would imagine that the mozilla security team would be
interested in providing feedback to the document that you have written
up.

/ Jonas

Received on Tuesday, 29 January 2013 10:32:41 UTC