Web Security IG - a proposal of actions

Hi all,

As announced by Wendy, I am now joining the Web Security IG team and I shared with Adam and Wendy few topics I believe this IG could discuss. So here is a proposal of topics we could focus in the coming months, to bring back this IG to life :)

-       Mobile security
We should support the web & mobile IG [1] to understand what are the main security weaknesses in the web app model, compared to native app model. This would help W3C to fill the gap in terms of security feature for the mobile web.

-       Global W3C security roadmap
TAG started to discuss the need to improve the general state of the web security [1] by anymeans, including user awareness, architectural answer, analyzing threat models, ... In addition the IETF has created a global thinking on security [3]. Similarly, I think that this IG may be the right place to share thought, build a plan...

-       Reviewing security specification
According to our charter, our IG is a place where the security aspects of W3C deliverables can be reviewed. Let's try to bring editors talking to us !

-       Monitoring web security
Last but not least, I encourage each of you to communicate on topics/press news/events that could be of interest in terms of web security, new use cases, new technologies...

If you have any interest in each of those specific topic, just be vocal on this mailing, and answer my coming soon call for contributions...

Note that if you are attending the TPAC meeting, there will be a security dedicated session on Wednesday 13th of Nov [4].

Hope to hear and learn a lot from you soon.

Virginie


[1] Web & Mobile IG http://www.w3.org/2013/07/webmobile-ig-charter.html
[2] TAG security task https://github.com/w3ctag/secure-the-web
[3] IETF security activity http://www.ietf.org/blog/2013/09/security-and-pervasive-monitoring/
[4] W3C Security roadmap session in TPAC http://www.w3.org/wiki/TPAC2013/SessionIdeas#Security_roadmap


This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus

Received on Wednesday, 16 October 2013 15:31:07 UTC