Re: [Fwd: CfP in Automotive Privacy and Security Task Force] from Kazuyuki Ashimura on 2015-06-19 (public-wot-ig@w3.org from June 2015)

From: Kazuyuki Ashimura <ashimura@w3.org>
Date: Fri, 19 Jun 2015 19:11:13 +0900
To: GALINDO Virginie <Virginie.Galindo@gemalto.com>
Cc: "ted@w3.org" <ted@w3.org>, "public-privacy@w3.org" <public-privacy@w3.org>, "public-web-security@w3.org" <public-web-security@w3.org>, "public-webappse@w3.org" <public-webappse@w3.org>, "public-wot-ig@w3.org" <public-wot-ig@w3.org>, Paul Boyes <pb@opencar.com>, "Abramski, Adam M" <adam.m.abramski@intel.com>
Message-ID: <CAJ8iq9Wz573ZvMjq=6R=epxDJKLY9uuRWNF-D=39ain5SsWtGw@mail.gmail.com>
On Fri, Jun 19, 2015 at 5:35 PM, GALINDO Virginie <
Virginie.Galindo@gemalto.com> wrote:

> Ted, and all,
>
> [web security IG chair hat on]
> I feel that initiative really important, I have raised several time the
> need to have a consistent security approach on the automotive area.
>
> [gemalto representative hat on]
> Let me remind you that gemalto made a contribution during the W3C workshop
> precisely on security perspectives. It could be useful for your coming
> work. It is reminding the main rationale for having a robust framework, and
> an efficient application lifecycle and permission management.
> Presentation is available here :
> http://www.w3.org/2012/08/web-and-automotive/slides/webandauto-day1-Gemalto.pdf


Thanks a lot for reminding us of the workshop presentations, Virginie!

I remember Gemalto's presentation and would agree it would be useful
we review workshop presentations from the viewpoint of security&privacy.

Also probably it would make sense for us to review slides on security
and privacy presented at the previous Automotive BG meetings as well.

Thanks,

Kazuyuki




>
>
> Regards,
> Virginie
>
> -----Original Message-----
> From: Ted Guild [mailto:ted@w3.org]
> Sent: lundi 8 juin 2015 23:24
> To: public-privacy@w3.org; public-web-security@w3.org;
> public-webappse@w3.org; public-wot-ig@w3.org
> Cc: Paul Boyes; Abramski, Adam M; Kazuyuki Ashimura
> Subject: [Fwd: CfP in Automotive Privacy and Security Task Force]
>
> I am writing because I wanted to ensure Privacy IG, Web Security IG,
> WebAppSec WG and WoT IG were aware that the Automotive activity at W3C is
> forming a task force on Privacy and Security focusing on specific issues
> arising from work we are doing that we may seek your advice on and will
> continue following your efforts.
>
> Any interested are also welcome to join either the Auto BG, WG or both and
> this task force.
>
> -------- Forwarded Message --------
> > From: Ted Guild <ted@w3.org>
> > Reply-to: ted@w3.org
> > To: public-autowebplatform <public-autowebplatform@w3.org>,
> > public-automotive <public-automotive@w3.org>
> > Subject: CfP in Automotive Privacy and Security Task Force
> > Date: Wed, 03 Jun 2015 12:40:03 -0400
> >
> > This is a call for participation in a Security and Privacy Task Force.
> > It will be a joint task force comprised of the W3C Automotive and Web
> > Platform Business Group [1] and the W3C Automotive Working Group [2].
> > Participants need to belong to either the Business Group (BG)or
> > Working Group (WG).
> >
> > If you are interested in participating in this task force please
> > contact either one of the staff contacts (Kaz Ashimura or Ted Guild)
> > or chairs (Paul Boyes or Adam Abramski), their contact information is
> > in the cc line of this email.  Do encourage participation from
> > security experts you are acquainted with at your organizations and
> > those you collaborate with.
> >
> > The Working Group is chartered [3] to bring a vehicle API and data
> > specification through W3C's Recommendation Track.  Any work that will
> > directly influence specifications needs to be worked on solely within
> > the Working Group to ensure contributions are made under the Patent
> > Policy [4].  Deliverables that have no direct impact on the
> > specification can be worked on jointly.
> >
> > The Business Group is presently undergoing rechartering after handing
> > off its draft specifications to the newly formed Working Group.  Its
> > charter will include Media Tuner API and Navigation/Location Based
> > Services initially and will be revised as other incubator activities
> > gather interest and momentum.
> >
> > This task force will be exploring security primarily from the
> > perspective of standards being worked on in the WG or under early
> > exploration in the BG, focusing on potential attack vectors being
> > created.  Some consideration may be given on broader aspects of
> > security but unless those areas of the purvey of other groups in W3C
> > or other organizational liaisons they will be considered out of scope.
> >
> > Privacy similarly will remain focused on data being exposed by
> > standards emerging from the WG and BG but may broaden to potential use
> > cases of applications based on that data, API interaction, user data
> > rights and clearly communicated opt-in sharing arrangements.
> >
> > It is not the intent of this task force to try to address broader
> > concerns of automotive and web platform.
> >
> > This task force intends to liaise with the following W3C groups:
> >
> > * Web of Things (WoT) Interest Group [5]
> > * Privacy Interest Group [6]
> > * Web Application Security Working Group [7]
> > * Web Security Interest Group [8]
> >
> > Potential deliverables:
> >
> > * Use cases
> > * Best practices
> > * Challenges
> > * Requirements
> >
> > To avoid cross posting to BG and WG mailing lists this task force will
> > use public-auto-privacy-security@w3.org as a dedicated list instead.
> > It is publicly archived [9], task force participants are automatically
> > subscribed and only participants are allowed to post messages.  We can
> > revisit the configuration later if warranted.
> >
> > Follow responsible disclosure practices [10] and do *not* post any
> > sensitive security information to this mailing list but instead send
> > any discrete messages to chairs and staff contacts.  If necessarry we
> > can create an unarchived list for confidential discussions.
> >
> > List of task force participants is available to W3C Members [11].
> >
> > [1] https://www.w3.org/community/autowebplatform/
> > [2] http://www.w3.org/auto/wg/
> > [3] http://www.w3.org/2014/automotive/charter
> > [4] http://www.w3.org/Consortium/Patent-Policy-20040205/
> > [5] http://www.w3.org/WoT/
> > [6] http://www.w3.org/Privacy/
> > [7] http://www.w3.org/2011/webappsec/
> > [8] http://www.w3.org/Security/wiki/IG
> > [9] https://lists.w3.org/Archives/Public/public-auto-privacy-security/
> > [10] https://en.wikipedia.org/wiki/Responsible_disclosure
> > [11] https://www.w3.org/2000/09/dbwg/details?group=78932
> >
> > --
> > Ted Guild <ted@w3.org>
> > W3C Systems Team
> > http://www.w3.org
>
> --
> Ted Guild <ted@w3.org>
> W3C Systems Team
> http://www.w3.org
> ________________________________
>  This message and any attachments are intended solely for the addressees
> and may contain confidential information. Any unauthorized use or
> disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for
> the message if altered, changed or falsified. If you are not the intended
> recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission
> free from viruses, the sender will not be liable for damages caused by a
> transmitted virus.
>



-- 
Kaz Ashimura, W3C Staff Contact for Auto, TV, MMI, Voice and Geo
Tel: +81 3 3516 2504
Received on Friday, 19 June 2015 10:12:25 UTC