SIG Charter (Proposed)

SECURITY SPECIAL INTEREST GROUP CHARTER

BACKGROUND

Inadequate security is inhibiting customer use of network computing
(whether on the Internet or Intranet). Solving this complex,
multi-faceted problem quickly and effectively is critical to the
continued growth of the computing industry and other industries which
rely on computing to deliver customer solutions.  The solution must
involve standards in order to meet customer requirements for
interoperable products and flexibility to deploy a mix of products.
Working groups and standards organizations are already addressing some
specific aspects of security.  Commercial organizations are rapidly
generating new approaches and tackling new security problems.  In order
to quickly meet the demands of the market place for interoperable,
flexible solutions, it is useful to ensure that the various efforts are
consistently coordinated.  To facilitate establishment of security
standards, a number of companies are joining to form a Security Special
Interest Group.

SECURITY SPECIAL INTEREST GROUP CHARTER AND ACTIVITIES

The mission of the Security Special Interest Group is to define the
critical security problems that require establishment of technical
standards, and aid the appropriate working groups and standards
organizations in establishing standards that will help solve critical
security problems.

Specifically, the Security Special Interest Group will:

* compile a list of security problems that are of significant
commercial interest
* identify the technology components required to solve those problems
* identify dependencies between technology components to aid
prioritization
* summarize the status of each technology component.

For example, whether the technology is already being considered by
standards organizations and if so which working group(s) are
considering, whether there will be additional proposals submitted,
stage of development, the interoperability requirements between
different technologies, and the range of customer requirements for each
technology (eg, strength of encryption versus speed and exportability).
* organize the technology components into logical sets and identify the
amount and type of work required to advance each technology set to a
level where it can be submitted for consideration as a standard.

* submit a recommendation to appropriate working groups and standards
 organizations (eg, W3C, IETF) suggesting which group should address
each item in the work list.  Both the W3C and the IETF will have
representation at the SIG.
* provide technical resources to aid working group efforts.

The Security Special Interest Group will not write specifications or
perform technical review of specifications.  Members should submit
draft specifications on a particular technology directly to the
specific organizations cited in the SIG recommendation.

SECURITY SPECIAL INTEREST GROUP ORGANIZATION AND OPERATIONS

The Security Special Interest Group will have an open membership policy
and no dues.  The only requirements for participation are (1) that the
member companies are members of the W3C and have engineers working on
security who are also members of the IETF; and (2) that the member
companies submit a list of technical resources (a minimum of one person
for each technology component in which the company has an interest)
they are willing to assign to working groups that address the work
items defined by the SIG.  The SIG will maintain a mailing list and
discussion forum to inform members of upcoming meetings and enable
discussion of issues being addressed by the SIG.  It will meet as
needed by agreement of the members.  It may conduct additional
activities as agreed upon by the members.  The first meeting will take
place in late May.

HOW TO JOIN THE SECURITY SPECIAL INTEREST GROUP

To be on the mailing list, send the command "subscribe [email]" in the  
Subject line or body of a message to sig-request@w3.org.

Received on Friday, 17 May 1996 17:12:46 UTC