W3C home > Mailing lists > Public > public-web-security@w3.org > May 2014

[W3C Web Security IG] Certifying web browser security

From: GALINDO Virginie <Virginie.GALINDO@gemalto.com>
Date: Tue, 27 May 2014 15:11:22 +0200
To: "public-web-security@w3.org" <public-web-security@w3.org>
Message-ID: <239D7A53E5B17B4BB20795A7977613A40251C6ED27BF@CROEXCFWP04.gemalto.com>
Dear all,

In case you missed it, NIAP issued a protection profile in March 2014 for Web Browsers.

"This document provides a baseline set of Security Functional Requirements (SFRs) for a web browser client. It is intended to improve the security of browsers by encouraging the use of operating system security services and requiring the use of sandboxing technologies and environmental mitigations provided by the underlying platform. Additionally, these requirements define security functionality that browsers must provide. The requirements in this document apply to all web browsers that run on any operating system, regardless of the composition of the underlying platform."

See https://www.niap-ccevs.org/pp/PP_WEBBROWSER_v1.0/
There is no product validated yet, associated to this protection profile.

Regards,
Virginie GALINDO
gemalto
Co-chair of Web Security IG


________________________________
This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus
Received on Tuesday, 27 May 2014 13:11:46 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:21 UTC