- From: Eric J. Bowman <eric@bisonsystems.net>
- Date: Wed, 21 Jan 2015 14:27:06 -0700
- To: Mark Nottingham <mnot@mnot.net>
- Cc: "www-tag@w3.org List" <www-tag@w3.org>
Mark Nottingham wrote: > > We've started work on a new Finding, to a) serve as a Web version of > the IAB statement, and b) support the work on Secure Origins in > WebAppSec. > Given the amount of nitpicking in this thread on whether we're talking about security or privacy/confidentiality, there seems to be consensus that we don't mean security unless user-server authentication occurs both ways. As the Finding only covers server -> user authentication as a means of achieving privacy/confidentiality, is "Securing the Web" the proper title? -Eric
Received on Wednesday, 21 January 2015 21:27:49 UTC