- From: <chaals@yandex-team.ru>
- Date: Fri, 07 Nov 2014 13:02:14 +0100
- To: Jeff Jaffe <jeff@w3.org>, GALINDO Virginie <virginie.galindo@gemalto.com>, Karl Dubost <karl@la-grange.net>
- Cc: Anne van Kesteren <annevk@annevk.nl>, Philippe Le Hégaret <plh@w3.org>, public-w3process <public-w3process@w3.org>
04.11.2014, 15:25, "Jeff Jaffe" <jeff@w3.org>: > On 11/4/2014 3:40 AM, GALINDO Virginie wrote: >> +1 for the guidelines, > > Would the Security IG be the right place to develop those guidelines? They would be the obvious group to have them as a deliverable. But in the nature of things, they probably should look around for expertise in other groups to help make the guidelines as good as we can get them… cheers >> and security at early stage, w3c can not afford at the moment to have systematic security review, unless we recruit a larger security expert community. >> Virginie >> >> ---- Karl Dubost a écrit ---- >> >> [....] >>> Do not make it part of the process. >>> On the other hand, publish a set of guidelines and how to implement them for reviewing security issues *when* editing a spec. >>> >>> -- >>> Karl Dubost 🐄 >>> http://www.la-grange.net/karl/ >> ________________________________ >> This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited. >> E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender. >> Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus. -- Charles McCathie Nevile - web standards - CTO Office, Yandex chaals@yandex-team.ru - - - Find more at http://yandex.com
Received on Friday, 7 November 2014 12:02:44 UTC