Re: security model of Web Components, etc. - joint work with WebAppSec?

On 3/14/13 8:16 PM, ext Charles McCathie Nevile wrote:
> On Thu, 14 Mar 2013 18:15:14 +0100, Dimitri Glazkov 
> <dglazkov@chromium.org> wrote:
>
>> On Thu, Mar 14, 2013 at 7:10 AM, Hill, Brad <bhill@paypal-inc.com> 
>> wrote:
>>
>>> Is there time available on the April F2F agenda for discussion of this?
>>> If not in WebApps, would relevant WG members be willing to join us 
>>> if we
>>> found time to discuss in WebAppSec’s timeslot Thursday or Friday?
>>>
>> http://www.w3.org/wiki/Webapps/April2013Meeting#Potential_Topics Shows
>> agenda wide open so far. Should we just plop something into one of the
>> slots?
>
> Yep, that's a reasonable thing to do...

I allocated a slot for the joint meeting on Thursday from 2:30-3:00. If 
anyone thinks more time is needed, please speak up.

Please use public-webapps@w3.org for _all_ Web Components discussions 
and I encourage feedback, comments, etc. in _advance_ of the meeting.

FYI Brad, Dimitri and the Editors have created a suite of Web Components 
specs. The set of specs that have already been published is:

* Web Components Introduction 
<http://dvcs.w3.org/hg/webcomponents/raw-file/tip/explainer/index.html>

* HTML Templates 
<http://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/templates/index.html>

* Shadow DOM 
<http://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/shadow/index.html>

There is at least one unpublished ED (not sure if this is ready yet for 
security review):

* Web Components (<link rel=components> and Components API) 
<https://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/components/index.html>

Dimitri - if you can think of specific areas of potential security 
concerns you would like reviewed or if I missed any specs, please let us 
know.

-Thanks, ArtB


>
> cheers
>
> Chaals
>

Received on Friday, 15 March 2013 11:20:23 UTC