From 2c1619e7117205f11c332affe2379d91849d65b3 Mon Sep 17 00:00:00 2001 From: siusin Date: Wed, 31 Jul 2024 18:51:55 +0800 Subject: [PATCH] minor issues of the SING draft charter --- 2024/ig-security.html | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/2024/ig-security.html b/2024/ig-security.html index d0ec9fc..84c560c 100644 --- a/2024/ig-security.html +++ b/2024/ig-security.html @@ -60,7 +60,6 @@
  • Participation
  • Communication
  • Decision Policy
  • -
  • Patent Policy
  • Patent Disclosures
  • Licensing
  • About this Charter
  • @@ -151,7 +150,7 @@

    PROPOSED Security Interest Group Charter

    Motivation and Background

    -

    The W3C’s mission is to make the Web work based on the principles of accessibility, internationalization, privacy, and security.

    +

    W3C’s mission is to make the Web work based on the principles of accessibility, internationalization, privacy, and security.

    The last two principles, Privacy and Security, are integral to human rights and civil liberties and have always been of the Consortium's concern.

    Also, in the Ethical Web Principles, there are several principles related to security both as a societal impact The web does not cause harm to society and in terms of people's security The web is secure, and respects peoples' privacy, where the goal is to create technology that creates as few threats as possible, or mitigates those threats

    Several working groups deal with security issues, such as developing mechanisms and best practices which improve the security of Web Applications, develping strong authentication functionality for Web Applications, developing APIs to allow a website to request an identity credential securely, and enhancing the security and interoperability of various Web payments technologies.

    @@ -180,9 +179,32 @@

    Updated document status is available on the group publication status page.

    -

    Self-Review Questionnaire for Security and Privacy: In joint with W3C's Technical Architecture Group (TAG) and PING, with a specific focus on Security aspect.

    -

    Threat Modeling guide: in joint with relevant groups such as TAG, PING, and the Threat Modeling Community Group, a guide that contains both generic threat modeling elements to facilitate activities along with groups creating technology, and also to understand threats of different types.

    -

    Security Request Issue template: to facilitate the request of Security Reivews.

    +
    +
    + Self-Review Questionnaire for Security and Privacy +
    +
    +

    + In joint with W3C's Technical Architecture Group (TAG) and PING, with a specific focus on Security aspect. +

    +
    +
    + Threat Modeling guide +
    +
    +

    + In joint with relevant groups such as TAG, PING, and the Threat Modeling Community Group, a guide that contains both generic threat modeling elements to facilitate activities along with groups creating technology, and also to understand threats of different types. +

    +
    +
    + Security Request Issue template +
    +
    +

    + To facilitate the request of Security Reivews. +

    +
    +

    SING may publish other documents consistent with the above scope, such as analyses of security issues, prototype specifications, security principles, threat models, and guidelines for standards.