RE: Security review request: Web Annotation model and protocol

Ivan, and all,

Thanks for sending that review request to the Web Security IG.
Please note that we are operating with low activity here, we will see if some participants will volunteer to perform the security review.

In the meantime, les me inform you that the TAG and Web App Sec WG are maintaining a security and privacy self questionnaire, in order to help the editors and WG to include a security and privacy considerations sections into their specifications. The questionnaire is here https://w3ctag.github.io/security-questionnaire/. We could set up a call together with the WG and/or editors to have conversation around that questionnaire and see if we detect blockers.

Regards,

Virginie

-----Original Message-----
From: Ivan Herman [mailto:ivan@w3.org]
Sent: jeudi 31 mars 2016 14:11
To: public-web-security@w3.org
Cc: Wendy Seltzer; GALINDO Virginie; W3C Public Annotation List
Subject: Security review request: Web Annotation model and protocol

Dear security people,

the Web Annotation WG has just published three working drafts:

Web Annotation Data Model
URI: http://www.w3.org/TR/2016/WD-annotation-model-20160331/

Web Annotation Vocabulary
URI: http://www.w3.org/TR/2016/WD-annotation-vocab-20160331/

Web Annotation Protocol
URI: http://www.w3.org/TR/2016/WD-annotation-protocol-20160331/

these documents are in what I would call "pseudo/virtual Last Call". Virtual, because, per process, there is no such thing as a Last Call WD any more; and pseudo, because there may be some minor technical changes still, but nothing fundamental.

These are the three documents that the WG intends to publish as a Recommendation. The WG will have a face-to-face mid May (17-18, to be precise), and the plan is to go to CR right after that. It would be great if we received your comments by then, so that we could incorporate the changes, if any, into the CR publications.

The WG works mostly on Github, processing github issues. Our Issues' are at:

https://github.com/w3c/web-annotation/issues

I have set up the labels that we would like to use for the review, namely sec-review.

Alternatively, if you prefer to use the groups mailing list, it is at:

public-annotation@w3.org

the group is open for mails coming from outside the Working Group.

Thanks in advance for your reviews

Ivan

----
Ivan Herman, W3C
Digital Publishing Lead
Home: http://www.w3.org/People/Ivan/
mobile: +31-641044153
ORCID ID: http://orcid.org/0000-0003-0782-2704




________________________________
 This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.

Received on Thursday, 31 March 2016 16:08:52 UTC