Add initial content to Security and Privacy Considerations sections. #189
Conversation
msporny
requested review from
marcoscaceres,
samuelgoto,
RByers and
timcappalli
as code owners
| "https://github.com/WICG/digital-credentials/blob/main/horizontal-reviews/security-privacy.md"> | ||
| TAG Security and Privacy Considerations Questionnaire (WIP)</a> | ||
| </li> | ||
| </ul> |
There was a problem hiding this comment.
I would propose to add also the Threat Model, as defined in the (re)charter
| "https://github.com/WICG/digital-credentials/blob/main/horizontal-reviews/security-privacy.md"> | ||
| TAG Security and Privacy Considerations Questionnaire (WIP)</a> | ||
| </li> | ||
| </ul> |
| Digital Credentials, both broadly and for presentation on the web. | ||
| Their contents will be integrated into this document gradually. | ||
| </p> | ||
| <ul> |
There was a problem hiding this comment.
Add the threat model here too? It's probably even more about privacy than security I'd say right @simoneonofri?
There was a problem hiding this comment.
@RByers, the generic one is a hybrid of security and privacy as per the frameworks used so that it can fit one or both
|
Let's give it 24 hours to see if anyone else wants to add comments, and then if there are no objections I'll merge it. |
| "https://github.com/WICG/digital-credentials/blob/main/horizontal-reviews/security-privacy.md"> | ||
| TAG Security and Privacy Considerations Questionnaire (WIP)</a> | ||
| </li> | ||
| </ul> |
|
Definitely an improvement to at least have an outline of some of the concerns, both for the spec or for what other ecosystem pieces are involved. I'll mention this topic on the Privacy WG call this week and see if I or others have the time to also add in some initial content to these sections. |
|
Thank you all, merged. |
Based on the 2024-11-13 WICG Digital Credentials telecon, this PR adds some basic content to the security considerations and privacy considerations sections noting that the group has done some thinking in this area and plans to continue and expand upon that work during the Working Group.
/cc @npdoty @timcappalli @samuelgoto @RByers @marcoscaceres
PS: I don't have any strong opinions on any of the content, just trying to be responsive to @npdoty's request and produce something for the group to discuss and merge.
💥 Error: 500 Internal Server Error 💥
PR Preview failed to build. (Last tried on Dec 3, 2024, 1:41 PM UTC).
More
PR Preview relies on a number of web services to run. There seems to be an issue with the following one:
🚨 Spec Generator - Spec Generator is the web service used to build specs that rely on ReSpec.
🔗 Related URL
If you don't have enough information above to solve the error by yourself (or to understand to which web service the error is related to, if any), please file an issue.