- From: Dominique Hazael-Massieux <dom@w3.org>
- Date: Thu, 17 Oct 2013 10:17:05 +0200
- To: public-web-mobile@w3.org
Hi, As I have mentioned in a separate thread, "security" is often mentioned as an area where developing on the Web is inferior to native. While some of these mentions are fairly hand-wavy, in general this relates to: * lack of encrypted storage * impossibility to manage remotely locally-stored data for a given Web app * certificate/key management * difficulty to protect against XSS/CSRF attacks * difficulty to hide the code of the app (and thus greater exposure to attacks) Virginie Galindo, one of the co-chairs of the Web Security IG, has started a call for interest in the Web Security IG on developing a clearer picture and set of requirements in this space: http://lists.w3.org/Archives/Public/public-web-security/2013Oct/0002.html I hope the WebMob IG can provide assistance in this space. In particular, it would be great to hear from people on this list of what use cases they've found hard or impossible to implement via Web technologies due to concern around security. Adding references on relevant articles and reports on this topic in http://www.w3.org/wiki/Mobile/articles#Security_and_Web_apps would also be very useful contributions. Thanks, Dom
Received on Thursday, 17 October 2013 08:17:21 UTC