W3C home > Mailing lists > Public > public-web-security@w3.org > August 2010

Re: Charter strawman for Web App Security WG (CSP, CORS+UMP)

From: Arthur Barstow <art.barstow@nokia.com>
Date: Tue, 31 Aug 2010 08:04:53 -0400
Message-ID: <4C7CEFE5.5000408@nokia.com>
To: ext Thomas Roessler <tlr@w3.org>, Jeff Hodges <jeff.hodges@paypal.com>
CC: "public-web-security@w3.org" <public-web-security@w3.org>, Tyler Close <tyler.close@hp.com>, Anne van Kesteren <annevk@opera.com>, Brandon Sterne <bsterne@mozilla.com>
Hi Thomas, Jeff,

What is the status of this proposal?

-Art Barstow

On 7/21/10 10:59 AM, ext Thomas Roessler wrote:
> FYI, we've published a charter strawman for a Web Application Security WG.
>
> The mission of the Web Application Security Working Group, part of the Rich Web Client Activity, would be to develop security and policy mechanisms to improve the security of Web Applications, and enable secure cross-site communication.
>
> The intended group would start work on a Content Security Policy specification intended to enable web designers or server administrators to adjust the HTML5 security policy, and specify how content interacts on their web sites.  It would also take up the CORS and UMP specifications currently under development in the Web Applications Working Group and advance them along the Recommendation Track as joint deliverables with that group.
>
> We would expect this work to occur in close coordination with the IETF, and expect discussion about details of that coordination to occur at the HASMAT BOF at the upcoming IETF meeting.
>
> The draft text is here:
> 	http://www.w3.org/2010/07/appsecwg-charter
>
> Comments are more than welcome.
>
> Regards,
> --
> Thomas Roessler, W3C<tlr@w3.org>   (@roessler)
>
>
>
>
>
>
>
>
>    
Received on Tuesday, 31 August 2010 12:05:59 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 19 December 2010 00:16:03 GMT