- From: Kazuyuki Ashimura <ashimura@w3.org>
- Date: Fri, 19 Jun 2015 19:11:13 +0900
- To: GALINDO Virginie <Virginie.Galindo@gemalto.com>
- Cc: "ted@w3.org" <ted@w3.org>, "public-privacy@w3.org" <public-privacy@w3.org>, "public-web-security@w3.org" <public-web-security@w3.org>, "public-webappse@w3.org" <public-webappse@w3.org>, "public-wot-ig@w3.org" <public-wot-ig@w3.org>, Paul Boyes <pb@opencar.com>, "Abramski, Adam M" <adam.m.abramski@intel.com>
- Message-ID: <CAJ8iq9Wz573ZvMjq=6R=epxDJKLY9uuRWNF-D=39ain5SsWtGw@mail.gmail.com>
On Fri, Jun 19, 2015 at 5:35 PM, GALINDO Virginie < Virginie.Galindo@gemalto.com> wrote: > Ted, and all, > > [web security IG chair hat on] > I feel that initiative really important, I have raised several time the > need to have a consistent security approach on the automotive area. > > [gemalto representative hat on] > Let me remind you that gemalto made a contribution during the W3C workshop > precisely on security perspectives. It could be useful for your coming > work. It is reminding the main rationale for having a robust framework, and > an efficient application lifecycle and permission management. > Presentation is available here : > http://www.w3.org/2012/08/web-and-automotive/slides/webandauto-day1-Gemalto.pdf Thanks a lot for reminding us of the workshop presentations, Virginie! I remember Gemalto's presentation and would agree it would be useful we review workshop presentations from the viewpoint of security&privacy. Also probably it would make sense for us to review slides on security and privacy presented at the previous Automotive BG meetings as well. Thanks, Kazuyuki > > > Regards, > Virginie > > -----Original Message----- > From: Ted Guild [mailto:ted@w3.org] > Sent: lundi 8 juin 2015 23:24 > To: public-privacy@w3.org; public-web-security@w3.org; > public-webappse@w3.org; public-wot-ig@w3.org > Cc: Paul Boyes; Abramski, Adam M; Kazuyuki Ashimura > Subject: [Fwd: CfP in Automotive Privacy and Security Task Force] > > I am writing because I wanted to ensure Privacy IG, Web Security IG, > WebAppSec WG and WoT IG were aware that the Automotive activity at W3C is > forming a task force on Privacy and Security focusing on specific issues > arising from work we are doing that we may seek your advice on and will > continue following your efforts. > > Any interested are also welcome to join either the Auto BG, WG or both and > this task force. > > -------- Forwarded Message -------- > > From: Ted Guild <ted@w3.org> > > Reply-to: ted@w3.org > > To: public-autowebplatform <public-autowebplatform@w3.org>, > > public-automotive <public-automotive@w3.org> > > Subject: CfP in Automotive Privacy and Security Task Force > > Date: Wed, 03 Jun 2015 12:40:03 -0400 > > > > This is a call for participation in a Security and Privacy Task Force. > > It will be a joint task force comprised of the W3C Automotive and Web > > Platform Business Group [1] and the W3C Automotive Working Group [2]. > > Participants need to belong to either the Business Group (BG)or > > Working Group (WG). > > > > If you are interested in participating in this task force please > > contact either one of the staff contacts (Kaz Ashimura or Ted Guild) > > or chairs (Paul Boyes or Adam Abramski), their contact information is > > in the cc line of this email. Do encourage participation from > > security experts you are acquainted with at your organizations and > > those you collaborate with. > > > > The Working Group is chartered [3] to bring a vehicle API and data > > specification through W3C's Recommendation Track. Any work that will > > directly influence specifications needs to be worked on solely within > > the Working Group to ensure contributions are made under the Patent > > Policy [4]. Deliverables that have no direct impact on the > > specification can be worked on jointly. > > > > The Business Group is presently undergoing rechartering after handing > > off its draft specifications to the newly formed Working Group. Its > > charter will include Media Tuner API and Navigation/Location Based > > Services initially and will be revised as other incubator activities > > gather interest and momentum. > > > > This task force will be exploring security primarily from the > > perspective of standards being worked on in the WG or under early > > exploration in the BG, focusing on potential attack vectors being > > created. Some consideration may be given on broader aspects of > > security but unless those areas of the purvey of other groups in W3C > > or other organizational liaisons they will be considered out of scope. > > > > Privacy similarly will remain focused on data being exposed by > > standards emerging from the WG and BG but may broaden to potential use > > cases of applications based on that data, API interaction, user data > > rights and clearly communicated opt-in sharing arrangements. > > > > It is not the intent of this task force to try to address broader > > concerns of automotive and web platform. > > > > This task force intends to liaise with the following W3C groups: > > > > * Web of Things (WoT) Interest Group [5] > > * Privacy Interest Group [6] > > * Web Application Security Working Group [7] > > * Web Security Interest Group [8] > > > > Potential deliverables: > > > > * Use cases > > * Best practices > > * Challenges > > * Requirements > > > > To avoid cross posting to BG and WG mailing lists this task force will > > use public-auto-privacy-security@w3.org as a dedicated list instead. > > It is publicly archived [9], task force participants are automatically > > subscribed and only participants are allowed to post messages. We can > > revisit the configuration later if warranted. > > > > Follow responsible disclosure practices [10] and do *not* post any > > sensitive security information to this mailing list but instead send > > any discrete messages to chairs and staff contacts. If necessarry we > > can create an unarchived list for confidential discussions. > > > > List of task force participants is available to W3C Members [11]. > > > > [1] https://www.w3.org/community/autowebplatform/ > > [2] http://www.w3.org/auto/wg/ > > [3] http://www.w3.org/2014/automotive/charter > > [4] http://www.w3.org/Consortium/Patent-Policy-20040205/ > > [5] http://www.w3.org/WoT/ > > [6] http://www.w3.org/Privacy/ > > [7] http://www.w3.org/2011/webappsec/ > > [8] http://www.w3.org/Security/wiki/IG > > [9] https://lists.w3.org/Archives/Public/public-auto-privacy-security/ > > [10] https://en.wikipedia.org/wiki/Responsible_disclosure > > [11] https://www.w3.org/2000/09/dbwg/details?group=78932 > > > > -- > > Ted Guild <ted@w3.org> > > W3C Systems Team > > http://www.w3.org > > -- > Ted Guild <ted@w3.org> > W3C Systems Team > http://www.w3.org > ________________________________ > This message and any attachments are intended solely for the addressees > and may contain confidential information. Any unauthorized use or > disclosure, either whole or partial, is prohibited. > E-mails are susceptible to alteration. Our company shall not be liable for > the message if altered, changed or falsified. If you are not the intended > recipient of this message, please delete it and notify the sender. > Although all reasonable efforts have been made to keep this transmission > free from viruses, the sender will not be liable for damages caused by a > transmitted virus. > -- Kaz Ashimura, W3C Staff Contact for Auto, TV, MMI, Voice and Geo Tel: +81 3 3516 2504
Received on Friday, 19 June 2015 10:12:25 UTC