Hi all,
This is to inform you that David R, Thomas R, Wendy S and myself went to the WebAppSec WG meeting last week in San Jose and a discussion related to the security model of the web happened.
In short it was agreed that the WebAppSec would contribute to this effort which will essentially target to have a documentation supporting developers to understand the web security model, the best practices and the limits of that model. The work will be lead by David Rogers, the deliverable will end in the webplatform effort http://docs.webplatform.org/wiki/Main_Page owned by W3C .
It will be adverted over the web security public mailing list (http://lists.w3.org/Archives/Public/public-web-security/) and circulated on a regular basis in the different 'sponsoring' working groups such as Web Crypto WG and WebAppSec WG.
In case you want to contribute to this huge and promising task, do not hesitate to contact David Rogers.
Regards,
Virginie
Gemalto
Chair of the Web Crypto WG