On Tue, Nov 4, 2014 at 11:41 AM, <chaals@yandex-team.ru> wrote:
> I think we're converging. I will come back to the question in a few days.
>
Ping! :)
It's been a few days, and there does indeed seem to be some interest in
putting together the kind of questionnaire both you and Mark have suggested
that https://mikewest.github.io/spec-questionnaire/security-privacy/ should
be. Assuming that's an accurate interpretation, it would be nice if we
could determine the right place to publish such a document while I finish
putting together a first draft.
It seems to me that we have 4ish options. The TAG could publish the doc as
a finding, the Web Security IG could publish a Note, the Privacy IG could
publish a note, or WebAppSec could publish a Note (+Virgine,
Christine/Tara, and Brad/Dan, respectively).
Personally, I'd lean towards either publication through TAG or WebAppSec,
but I'm open to pretty much any option that working groups could be
encouraged to pay attention to.
What do you folks think?
-mike
--
Mike West <mkwst@google.com>
Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
Geschäftsführer: Graham Law, Christine Elizabeth Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)