Re: Security, Privacy, and Accessibility self-review Questionnaires.

Hey Mike,

I think this is a great idea — one of the issues brought up at the AC meeting was getting more security focus in the TAG, and this would be a good start.

It seems like the TAG could be a one-stop-shop for this kind of review, even if we farm out some parts of it to others (depending on load, expertise available, etc.).

Cheers,



> On 4 Nov 2014, at 5:43 am, Mike West <mkwst@google.com> wrote:
> 
> Over on the process list, Anne kicked off a discussion regarding security review of specs entering the publication pipeline[1]. Part of that discussion focused on the potential benefit of a self-review questionnaire that could help focus working groups on the important questions in areas where they might lack expertise[2]. Anecdotally, this mirrors some of the processes internally on the Chrome team for privacy and security review; it's appealing to me as a pretty short bar that we could ask folks to hurdle as part of the FPWD publication process.
> 
> Regardless of the policy discussion's decision about whether or not such questionnaires/reviews should be a mandatory part of publication, it seems valuable for the TAG to publish a set of questions which working groups should carefully consider.
> 
> I've taken a stab at a security/privacy questionnaire: <https://github.com/mikewest/spec-questionnaire/blob/master/questionnaire.markdown> Steve Faulkner (CC'd) has done the same for accessibility: <https://github.com/stevefaulkner/accessibility-spec-questionnaire/blob/master/accessibility-spec-questionnaire.md>. Is the TAG an appropriate place to publish these sorts of things (as Notes, I suppose)? If so, how can we help make that happen? :)
> 
> [1]: http://lists.w3.org/Archives/Public/public-w3process/2014Oct/0191.html
> [2]: http://lists.w3.org/Archives/Public/public-w3process/2014Oct/0195.html
> 
> --
> Mike West <mkwst@google.com>
> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
> 
> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
> Registergericht und -nummer: Hamburg, HRB 86891
> Sitz der Gesellschaft: Hamburg
> Geschäftsführer: Graham Law, Christine Elizabeth Flores
> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

--
Mark Nottingham   http://www.mnot.net/

Received on Monday, 3 November 2014 23:38:44 UTC