W3C home > Mailing lists > Public > public-html-media@w3.org > February 2017

Re: On HME extension and vulnerability disclosure programs

From: Philippe Le Hégaret <plh@w3.org>
Date: Thu, 23 Feb 2017 08:59:00 -0500
To: "public-html-media@w3.org" <public-html-media@w3.org>
Message-ID: <ec01ab6c-4ac8-afe3-843a-631fb2fcbed8@w3.org>
On 1/27/2017 6:41 PM, Philippe Le Hégaret wrote:
> Specifically, the W3C Team will publish on 2 March 2017 a set of
> guidelines for vulnerability disclosure programs that protect security
> and privacy researchers as a W3C Team submission. This will represent
> our initial sense of best practice and will serve as input for further
> work in this space. Prior to the publication of the team submission,
> input will be welcome on public-security-disclosure@w3.org. The
> Responsible Vulnerability Disclosure program [1] established by Netflix
> will be used as a starting point.

An early draft of the guidelines is available. See also
 
https://lists.w3.org/Archives/Public/public-security-disclosure/2017Feb/0000.html

Philippe
Received on Thursday, 23 February 2017 13:59:07 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 23 February 2017 13:59:07 UTC