W3C home > Mailing lists > Public > public-w3process@w3.org > November 2014

Re: Require security review before FPWD

From: GALINDO Virginie <Virginie.Galindo@gemalto.com>
Date: Tue, 4 Nov 2014 08:40:27 +0000
To: "chaals@yandex-team.ru" <chaals@yandex-team.ru>, Karl Dubost <karl@la-grange.net>
CC: Anne van Kesteren <annevk@annevk.nl>, Jeff Jaffe <jeff@w3.org>, Philippe Le Hégaret <plh@w3.org>, public-w3process <public-w3process@w3.org>
Message-ID: <qxq4at6tw678f5g03lo0lgl2.1415090416316@email.android.com>
+1 for the guidelines, and security at early stage, w3c can not afford at the moment to have systematic security review, unless we recruit a larger security expert community.
Virginie

---- Karl Dubost a écrit ----

[....]
>
> Do not make it part of the process.
> On the other hand, publish a set of guidelines and how to implement them for reviewing security issues *when* editing a spec.
>
>
> --
> Karl Dubost 🐄
> http://www.la-grange.net/karl/

________________________________
 This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
Received on Tuesday, 4 November 2014 08:41:00 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:35:12 UTC