Re: Reviewing Social Web Specs

Since I'm pretty familiar with the specs and the Working Group needs to
Rec ASAP, I'll do a review with the help of the INRIA researcher Karthik
Bharagavan and UCL researcher George Danezis ASAP. I'll try to get the
answers back in a week minimum, one month maximum. I'll post them to
this list for comment, and to the Social Web WG. I'm sure "Security
Considerations" for all these specs will be simple re data formats, but
may require some advice in terms of federation.

  yours,
     harry


On 06/27/2016 06:09 PM, GALINDO Virginie wrote:
>
> Sandro,
>
> Yes, you should not wait a review.
>
> The scenario where you use the questionnaire and come back to us for
> advice is the most reasonable and realistic one, provided our limited
> resources.
>
> Regards,
>
> Virginie
>
>  
>
>  
>
> *From:*Sandro Hawke [mailto:sandro@w3.org]
> *Sent:* lundi 27 juin 2016 18:02
> *To:* GALINDO Virginie <Virginie.Galindo@gemalto.com>; "Wendy Seltzer,
> Staff Contact, Web Security IG", <wseltzer@w3.org>
> *Cc:* public-socialweb@w3.org
> *Subject:* Re: Reviewing Social Web Specs
>
>  
>
> Hi Virginie, thanks for the link to the questionnaire.   We'll take a
> look.
>
> Can you help me understand how we should move forward, given, as you
> say, "low activity"?   Does that mean we shouldn't wait for a review?
>
> Perhaps our best option is to use the questionnaire and come to you
> for advice if any specific issues arise, but otherwise proceed?
>
> Thanks
>
>        -- Sandro
>
> On 06/27/2016 11:29 AM, GALINDO Virginie wrote:
>
>     Sandro, 
>
>     The web security IG wish to be able to perform the security
>     review, but we have a low activity at the moment.
>
>     Note that there is a security and privacy questionnaire that may
>     help you to raise appropriate questions and include warning about
>     sensitive assets in your specification.
>
>     The questionnaire is located here :
>     https://w3ctag.github.io/security-questionnaire/
>
>     Regards,
>
>     Virginie
>
>      
>
>      
>
>     *From:*Sandro Hawke [mailto:sandro@w3.org]
>     *Sent:* vendredi 24 juin 2016 21:46
>     *To:* GALINDO Virginie <Virginie.Galindo@gemalto.com>
>     <mailto:Virginie.Galindo@gemalto.com>; "Wendy Seltzer, Staff
>     Contact, Web Security IG", <wseltzer@w3.org> <mailto:wseltzer@w3.org>
>     *Cc:* public-socialweb@w3.org <mailto:public-socialweb@w3.org>
>     *Subject:* Reviewing Social Web Specs
>
>      
>
>     I'm writing on behalf of the Social Web WG.  Some of our specs are
>     now stable, and if we would value a review from your group at your
>     earliest convenience.  While our primary use cases are often
>     framed in terms of social media and blogging, the technologies may
>     be broadly applicable.
>
>     So far we have three specs in or near CR:
>
>         * *Webmention* lets you tell a website you're linking to it. 
>         This supports ad hoc federation of sites
>
>         https://www.w3.org/TR/webmention/
>
>         * *Activity Streams* (2.0) is a standard (and extensible) way
>         to share a stream of what people do online (eg, "liking",
>         posting a photo, etc)
>
>         https://www.w3.org/TR/activitystreams-core/
>         https://www.w3.org/TR/activitystreams-vocabulary/
>
>         * *Micropub* provides a standard Web API to create and control
>         posts on your own website
>
>         https://www.w3.org/TR/micropub/
>
>
>     Additionally:
>
>         * *Social Web Protocols*: provides an overview, including an
>         explanation for how the parts fit (and sometimes do not fit)
>         together.  This document does not currently have any normative
>         content.
>
>         https://www.w3.org/TR/social-web-protocols/
>
>
>     There are other documents not yet ready for horizontal review. 
>     You'll see them linked from Social Web Protocols, and we'll send
>     another email when they're in or near CR.
>
>     Note that the group is producing multiple stacks which are not
>     entirely compatible, reflecting the fragmentation in this space.
>     Basically, we decided having multiple competing specs, while not
>     an ideal situation, would still be a step forward.
>
>     If you think your group will be doing a review, please reply-all
>     and let us know your timeframe.  We'd very much appreciate the
>     actual review comments being raised as issues on the repo for each
>     particular spec (linked in the title section), and then a
>     high-level email or summary issue stating when the review is complete.
>
>     Please feel free to share this call-for-review with anyone likely
>     to be interested.
>
>     Thank you!
>
>        -- Sandro Hawke, Staff Contact, W3C Social Web Working Group
>
>     ------------------------------------------------------------------------
>
>     /This message and any attachments are intended solely for the
>     addressees and may contain confidential information. Any
>     unauthorized use or disclosure, either whole or partial, is
>     prohibited.
>     E-mails are susceptible to alteration. Our company shall not be
>     liable for the message if altered, changed or falsified. If you
>     are not the intended recipient of this message, please delete it
>     and notify the sender.
>     Although all reasonable efforts have been made to keep this
>     transmission free from viruses, the sender will not be liable for
>     damages caused by a transmitted virus./
>
>  
>
> ------------------------------------------------------------------------
> This message and any attachments are intended solely for the
> addressees and may contain confidential information. Any unauthorized
> use or disclosure, either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable
> for the message if altered, changed or falsified. If you are not the
> intended recipient of this message, please delete it and notify the
> sender.
> Although all reasonable efforts have been made to keep this
> transmission free from viruses, the sender will not be liable for
> damages caused by a transmitted virus. 

Received on Wednesday, 29 June 2016 09:22:02 UTC