- From: Jonas Sicking <jonas@sicking.cc>
- Date: Tue, 29 Jan 2013 02:31:45 -0800
- To: John Lyle <john.lyle@cs.ox.ac.uk>
- Cc: public-sysapps@w3.org
On Tue, Jan 29, 2013 at 2:26 AM, John Lyle <john.lyle@cs.ox.ac.uk> wrote: > The purpose of the security model we proposed (which is essentially the > webinos security model) was primarily to get agreement (or create > discussion) on the threat model, assets, terminology and some other broad > principles. That hasn't happened, unfortunately, but the proposals by > Samsung and Mozilla broadly satisfy most of the requirements expressed (The > Samsung proposal perhaps more). It's worth mentioning that there remain > some points of disagreement between the three documents, but nothing > insurmountable. > > I would be happy to contribute to a merged proposal of [2] and [3] to help > add further content about the threat model and requirements, if the editors > think this would be helpful. I think threat model and requirements is a large enough deliverable that it's better done as a separate document. Would this be acceptable to you? I would imagine that the mozilla security team would be interested in providing feedback to the document that you have written up. / Jonas
Received on Tuesday, 29 January 2013 10:32:41 UTC