- From: Jeffrey Yasskin <jyasskin@google.com>
- Date: Fri, 15 Nov 2024 12:08:40 -0800
- To: public-privacy <public-privacy@w3.org>
- Message-ID: <CANh-dXkRm68yHF+YMHvYP=xt6tpSfJimHxy30G3bQO86f_LBOw@mail.gmail.com>
Hi privacy folks, Do we need approval by both the Privacy WG and the TAG to change the Security&Privacy Questionnaire <https://github.com/w3ctag/security-questionnaire>, or is just TAG approval enough? If the Privacy WG wants to approve, we need to ensure we have an active editor from this WG, and we need the WG's approval to auto-publish changes to TR space ( https://github.com/w3ctag/security-questionnaire/pull/171). If not, we just need an editor from the TAG side, although of course that editor should check with this WG for privacy-relevant changes. The questionnaire's readme says it's "a joint product of the TAG and PING", which seems to imply needing two approvals. The PING's charter <https://www.w3.org/2019/09/privacy-ig-charter.html> agreed with that, saying "In conjunction with W3C's Technical Architecture Group (TAG) PING maintains a Self-Review Questionnaire for Security and Privacy." However, the new WG's charter <https://www.w3.org/2024/10/wg-privacy-charter.html#ig-other-deliverables> only says that "The Working Group will contribute to privacy-focused documents maintained by the W3C TAG: Self-Review Questionnaire: Security and Privacy". If it's maintained by the TAG, TAG approval seems sufficient. What do y'all think? Jeffrey
Received on Friday, 15 November 2024 20:08:59 UTC