RE: Security review request: Web Annotation model and protocol

Ivan, and all,

Thanks for sending that review request to the Web Security IG.
Please note that we are operating with low activity here, we will see if some participants will volunteer to perform the security review.

In the meantime, les me inform you that the TAG and Web App Sec WG are maintaining a security and privacy self questionnaire, in order to help the editors and WG to include a security and privacy considerations sections into their specifications. The questionnaire is here We could set up a call together with the WG and/or editors to have conversation around that questionnaire and see if we detect blockers.



-----Original Message-----
From: Ivan Herman []
Sent: jeudi 31 mars 2016 14:11
Cc: Wendy Seltzer; GALINDO Virginie; W3C Public Annotation List
Subject: Security review request: Web Annotation model and protocol

Dear security people,

the Web Annotation WG has just published three working drafts:

Web Annotation Data Model

Web Annotation Vocabulary

Web Annotation Protocol

these documents are in what I would call "pseudo/virtual Last Call". Virtual, because, per process, there is no such thing as a Last Call WD any more; and pseudo, because there may be some minor technical changes still, but nothing fundamental.

These are the three documents that the WG intends to publish as a Recommendation. The WG will have a face-to-face mid May (17-18, to be precise), and the plan is to go to CR right after that. It would be great if we received your comments by then, so that we could incorporate the changes, if any, into the CR publications.

The WG works mostly on Github, processing github issues. Our Issues' are at:

I have set up the labels that we would like to use for the review, namely sec-review.

Alternatively, if you prefer to use the groups mailing list, it is at:

the group is open for mails coming from outside the Working Group.

Thanks in advance for your reviews


Ivan Herman, W3C
Digital Publishing Lead
mobile: +31-641044153

 This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.

Received on Thursday, 31 March 2016 16:08:52 UTC