W3C home > Mailing lists > Public > public-privacy@w3.org > July to September 2015

Re: new security/privacy review questions

From: Greg Norcie <gnorcie@cdt.org>
Date: Tue, 30 Jun 2015 21:51:12 -0400
Message-ID: <CAMJgV7ZLnKz-w0HcH796=XTt6VPRyQuPGzeJc5U1DYe1-OOefw@mail.gmail.com>
To: Christine Runnegar <runnegar@isoc.org>
Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Hi all,

Joe's out of the office this week, but I spoke with him before he left, and
he will be at IETF in Prague.

I'd love to join him, but I had made plans to attend SOUPS
<https://cups.cs.cmu.edu/soups/2015/> in Ottawa during that time prior to
this idea being raised. (But if anyone will also be at SOUPS I'd be happy
to chat)

If anyone has feedback between now and then, please feel free to share it
with the list and I will iterate on the current question set.

On Tue, Jun 30, 2015 at 7:52 AM, Christine Runnegar <runnegar@isoc.org>
wrote:

> Thank you Greg and Joe for all your work on this.
>
> One suggestion at the PING call last week is to use at least some of the
> time at the PING meeting alongside IETF (Thursday 23 July - during the
> lunch break) to progress this work further.
>
> In the meantime, everyone, please continue to share your thoughts on the
> draft as well as the feedback from Greg and Joe.
>
> Christine and Tara
>
> > On 24 Jun 2015, at 3:34 pm, Greg Norcie <gnorcie@cdt.org> wrote:
> >
> > Hi all,
> >
> > Myself and Joe Hall been working on a rewrite of the TAG security
> questionaire[1], which incorporates privacy concerns as well as security
> concerns. (For example, we include some of the questions raised by Nick in
> his privacy questionnaire.[2])
> >
> > We also split the questionnaire into a security section and a privacy
> section (with the implication all new standards should enumerate their
> privacy impacts as well as their security impacts.)
> >
> > The goal is that for each question, there will eventually be an
> explanation and a concrete, real world example.
> >
> > [1] https://w3ctag.github.io/security-questionnaire/
> > [2]
> https://lists.w3.org/Archives/Public/public-privacy/2013AprJun/0004.html
> >
> > I've attached a .odt outlining our proposed questions, as well as a PDF
> in case you don't have an ODT capable editor installed. (I recommend
> Libreoffice)
> > --
> > /***********************************/
> > Greg Norcie (norcie@cdt.org)
> > Staff Technologist
> > Center for Democracy & Technology
> > 1634 Eye St NW Suite 1100
> > Washington DC 20006
> > (p) 202-637-9800
> > PGP: http://norcie.com/pgp.txt
> >
> > Fingerprint:
> > 73DF-6710-520F-83FE-03B5
> > 8407-2D0E-ABC3-E1AE-21F1
> >
> > /***********************************/
> > <PingPrivSecQs.pdf><PingPrivSecQs.odt>
>
>


-- 
/***********************************/

*Greg Norcie (norcie@cdt.org <norcie@cdt.org>)*

*Staff Technologist*
*Center for Democracy & Technology*
1634 Eye St NW Suite 1100
Washington DC 20006
(p) 202-637-9800
PGP: http://norcie.com/pgp.txt

Fingerprint:
73DF-6710-520F-83FE-03B5
8407-2D0E-ABC3-E1AE-21F1

/***********************************/
Received on Wednesday, 1 July 2015 01:51:43 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:49:30 UTC