- From: Simone Onofri via GitHub <sysbot+gh@w3.org>
- Date: Wed, 30 Apr 2025 11:59:43 +0000
- To: public-security@w3.org
simoneonofri has just created a new issue for https://github.com/w3c/securityig: == CfC: Adopt W3C Security Disclosures Best Practices as a Work Item == W3C Team published [W3C Security Disclosures Best Practices](https://www.w3.org/TeamSubmission/sdbp/) in 2017. Given that the Security Interest Group manages security aspects of standardization with a focus on Threat Modeling, and to facilitate compliance with the EU Cyber Resilience Act for those who develop open source software, the deliverable should be adopted and updated with new security practices. We discussed this briefly in our most recent IG meeting, with no objections raised. To ensure everyone has an opportunity to weigh in, this issue will serve as a record of the group's decision, one way or another. I've pre-populated this issue with both a 👍 and a 👎 to make collecting a signal from folks worldwide trivial. If you register discontent with the publication, please add a comment so we know what we can address to remove the concern. Thanks! Please respond by 2025-05-08, at which point I'll close this CfC. Please view or discuss this issue at https://github.com/w3c/securityig/issues/13 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 30 April 2025 11:59:44 UTC