Skip to content

Commit

Permalink
Merge pull request #614 from tantek/patch-3
Browse files Browse the repository at this point in the history
[ig/security] scope: change "incubates" to explores, "initiating work" to tests
  • Loading branch information
simoneonofri authored Oct 24, 2024
2 parents a8cc51d + 6ddd1a0 commit 67f7c85
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion 2024/ig-security.html
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ <h2>Scope</h2>
<p>The Security Interest Group (SING) develops and documents guidelines, patterns, processes, and best practices for addressing security issues in Web standards.</p>
<p>SING supports, promotes, and structures the threat modeling for web standards and technologies. This approach can be used, along with other groups, for threats of different types such as security, privacy, and other kinds of harm. Threat modeling is a joint activity with threat experts and groups developing technology or other documentation. It can be used to get an understanding of the impact of the technology and guide its development, as well as to write Security Considerations sections.</p>
<p>SING provides "<a href="https://www.w3.org/Guide/documentreview/">horizontal review</a>", offering groups on-request guidance on security issues and mitigations specific to their technologies. SING aims to offer this review as early in the technology development lifecycle as requested, observing that early feedback is often more helpful. SING may also seek out technologies that benefit from earlier security reviews and conduct such reviews on its initiative.</p>
<p>SING incubates standards work on security issues by collecting requirements, prototyping, and/or initiating the work within the IG and recommending that the W3C move the work into other groups when appropriate.</p>
<p>SING identifies standardization work on security issues by collecting requirements, prototyping, and/or developing tests within the IG and recommending that the W3C move the work into other groups when appropriate.</p>
<p>SING may recommend mitigations for security issues in existing features of the Web platform, up to and including their deprecation.</p>
<p>SING may provide input to the <a href="https://www.w3.org/groups/other/ab/">Advisory Board</a> on process changes that will improve security in Web standards, e.g., by establishing particular requirements or threat models for identifying and mitigating security issues in W3C Recommendations.</p>
<p>SING may recommend to the <a href="https://www.w3.org/groups/other/ac/">W3C Advisory Committee</a> and the <a href="https://www.w3.org/groups/other/tag/">W3C TAG</a> regarding the security impact of proposed standards.</p>
Expand Down

0 comments on commit 67f7c85

Please sign in to comment.