W3C home > Mailing lists > Public > public-web-security@w3.org > July 2010

Charter strawman for Web App Security WG (CSP, CORS+UMP)

From: Thomas Roessler <tlr@w3.org>
Date: Wed, 21 Jul 2010 16:59:47 +0200
Message-Id: <151D257D-5EFC-4E7D-BA51-6D1D780CA52C@w3.org>
Cc: Thomas Roessler <tlr@w3.org>, Jeff Hodges <jeff.hodges@paypal.com>, Tyler Close <tyler.close@hp.com>, Anne van Kesteren <annevk@opera.com>, Brandon Sterne <bsterne@mozilla.com>
To: public-web-security@w3.org
FYI, we've published a charter strawman for a Web Application Security WG.

The mission of the Web Application Security Working Group, part of the Rich Web Client Activity, would be to develop security and policy mechanisms to improve the security of Web Applications, and enable secure cross-site communication.

The intended group would start work on a Content Security Policy specification intended to enable web designers or server administrators to adjust the HTML5 security policy, and specify how content interacts on their web sites.  It would also take up the CORS and UMP specifications currently under development in the Web Applications Working Group and advance them along the Recommendation Track as joint deliverables with that group.

We would expect this work to occur in close coordination with the IETF, and expect discussion about details of that coordination to occur at the HASMAT BOF at the upcoming IETF meeting.

The draft text is here:

Comments are more than welcome.

Thomas Roessler, W3C  <tlr@w3.org>  (@roessler)
Received on Wednesday, 21 July 2010 14:59:51 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:09:24 UTC