W3C home > Mailing lists > Public > www-tag@w3.org > July 2016

Re: Securing the security reviews in W3C - how to proceed ?

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Fri, 22 Jul 2016 16:35:33 +0200
To: GALINDO Virginie <Virginie.Galindo@gemalto.com>, "www-tag@w3.org" <www-tag@w3.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Cc: Wendy Seltzer <wseltzer@w3.org>, Samuel Weiler <weiler@w3.org>
Message-ID: <104f46ab-7b5b-fc8c-655d-efbb1ce344bc@gmail.com>
On 2016-07-21 16:34, GALINDO Virginie wrote:
> Dear all,
>
> As you know, W3C members expressed recently that security was a major topic for the open web platform [1]. Performing security reviews on future recommendations is one possible way to make sure the open web platform stays a secure platform. This email is to get feedbacks from you, and the security community :
> - if you believe that creating a pool of security expert, being in charge collectively to perform security review is a reasonable way to achieve that - this is the way IETF is proceeding today,
> -  give a chance to declare your interest to participate in this pool of experts, if it were to be created,
> - get from you any idea that would help improving the security review efficiency,
>
> Thanks for jumping in that thread if you believe you can help with improving security reviews in W3C !

It appears to be a fairly big job there already:
https://lists.w3.org/Archives/Public/public-payments-wg/2016Jul/0194.html

I can't help though since I wasn't invited to the party :-)

Anders
Received on Friday, 22 July 2016 14:36:12 UTC

This archive was generated by hypermail 2.3.1 : Friday, 22 July 2016 14:36:13 UTC