Re: new security/privacy review questions

Thank you Greg and Joe for all your work on this.

One suggestion at the PING call last week is to use at least some of the time at the PING meeting alongside IETF (Thursday 23 July - during the lunch break) to progress this work further.

In the meantime, everyone, please continue to share your thoughts on the draft as well as the feedback from Greg and Joe.

Christine and Tara

> On 24 Jun 2015, at 3:34 pm, Greg Norcie <> wrote:
> Hi all,
> Myself and Joe Hall been working on a rewrite of the TAG security questionaire[1], which incorporates privacy concerns as well as security concerns. (For example, we include some of the questions raised by Nick in his privacy questionnaire.[2])
> We also split the questionnaire into a security section and a privacy section (with the implication all new standards should enumerate their privacy impacts as well as their security impacts.) 
> The goal is that for each question, there will eventually be an explanation and a concrete, real world example.
> [1]
> [2]
> I've attached a .odt outlining our proposed questions, as well as a PDF in case you don't have an ODT capable editor installed. (I recommend Libreoffice)
> -- 
> /***********************************/
> Greg Norcie (
> Staff Technologist
> Center for Democracy & Technology
> 1634 Eye St NW Suite 1100
> Washington DC 20006
> (p) 202-637-9800
> PGP:
> Fingerprint:  
> 73DF-6710-520F-83FE-03B5
> 8407-2D0E-ABC3-E1AE-21F1
> /***********************************/
> <PingPrivSecQs.pdf><PingPrivSecQs.odt>

Received on Tuesday, 30 June 2015 11:52:32 UTC