Fwd: W3C TPAC Security Breakout session - findings and material from Brad Hill on 2013-11-18 (public-webappsec@w3.org from November 2013)

From: Brad Hill <hillbrad@gmail.com>
Date: Mon, 18 Nov 2013 11:51:21 -0800
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <CAEeYn8g6=cTyXjmSOKr2tZOmZhEUFY1Tzk7epuZ6o61Cgznxnw@mail.gmail.com>

---------- Forwarded message ----------
From: GALINDO Virginie <Virginie.GALINDO@gemalto.com>
Date: Mon, Nov 18, 2013 at 11:49 AM
Subject: W3C TPAC Security Breakout session - findings and material
To: Brad Hill <hillbrad@gmail.com>, Eric Rescorla <ekr@rtfm.com>, Adam
Barth <abarth@gmail.com>, "public-web-security@w3.org" <
public-web-security@w3.org>, "public-webcrypto@w3.org" <
public-webcrypto@w3.org>
Cc: Wendy Seltzer <wseltzer@w3.org>


 Hi all,



During the TPAC week, there was a breakout session organized by Wendy S and
myself, related to W3C security roadmap. Here are the minutes [1] of this
TPAC Security TPAC session, together with a slideware containing the ideas
shared by the 50 participants [2].



Note that findings of this breakout session are that there are 3 domains on
which W3C could progress on :

-          Technology improvement : Thinking of protecting clients side,
managing certificate, protecting sessions, peer to peer trusted connection

-          Community : Building standard with more experts/researchers,
sharing more UA vendor’s knowledge, other SDOs

-          Education : Educate users, educate the W3C community



It was also expressed that the new environments hosting the open web
platform, such as mobile, electric grid, plane, cars would raise new
security/privacy challenges, together with the domains of financial
services, social business and identity.



It was also the right moment to invite any representative interested in
security to actually contribute and join the discussions either on the Web
Security Interest Group [3] !



Regards,

Virginie Galindo

Gemalto

Chair of the Web Crypto WG

Co-chair of the Web Security IG



[1] minutes of the TPAC Security breakout session
http://www.w3.org/2013/11/13-security-minutes.html

[2] take away from the TPAC Security breakout session
http://www.w3.org/wiki/images/e/e8/Security_Breakout_session_tpac2013.pdf

[3] Web Security IG wiki http://www.w3.org/Security/wiki/IG









  *I**I**II **Virginie GALINDO*
Technical Marketing & Innovation
Mob: +33 6 13 23 20 03

La Vigie - Avenue du Jujubier - ZI Athelia IV
13 705 La Ciotat Cedex - France
www.gemalto.com





------------------------------
This message and any attachments are intended solely for the addressees and
may contain confidential information. Any unauthorized use or disclosure,
either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for
the message if altered, changed or falsified. If you are not the intended
recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission
free from viruses, the sender will not be liable for damages caused by a
transmitted virus

Attachments

image/jpeg attachment: image001.jpg
image/jpeg attachment: image002.jpg

Received on Monday, 18 November 2013 19:51:52 UTC