Status: Draft
Editor: @simoneonofri
This document details the participation stated in the Security Interest Group charter.
The Security Interest Group is a particular group within W3C, in fact it seeks specific expertise:
- Security Experts (e.g., Security Researchers, Penetration Testers, Security Architects, and Code Reviewrs)
- Threat Modeling experts
- Cryptographers and Cryptoanalysts
If a person have these skills and want to put them for shaping a secure web and for the good of users, they can participate in two ways:
- "Participation in discussions via mailing lists and GitHub is free" and open.
- "Participation in reviews, deliverable development, and meetings requires joining the group".
To join the group:
- If the organization the person is involved with is a W3C Member, you can join here with the authorization of your Advisory Commitee representative
- If the organization the person is involved with is not a W3C Member, the organization can evaluate to join.
- If the person would like to participate as an individual, this group is open to Invited Experts.
The Security Interest Group, from its charter, specifically welcomes individuals. Invited Experts are not given Member access, for this group.
The group welcomes and encourages all participants with proven specific expertise, even if they do not represent a W3C Member. In that case, they should join as Invited Experts. Invited Experts in this group are not granted access to Member-only information.
Invited Experts are described as follows:
W3C Invited Experts are individuals who are invited by a chair of a Working or Interest Group to participate in that group. The chair and the W3C staff must agree that the individual brings particular expertise to the group prior to inviting the individual.
The Chairs and Staff Contact expect to invite individuals to participate in the Interest Group as Invited Experts in a manner consistent with the W3C Invited Expert policy and IG Charter.
The Chairs and Staff Contact will also take into consideration whether individuals:
- Have contributed to the Security IG (e.g., via the mailing list or GitHub) as non-participants.
- Have expertise that the Chairs and Staff Contact deem important to the success of the group, even if they have not previously contributed to the IG.
Once the Chairs have extended an invitation to someone to join as an Invited Expert, that person should review the instructions for joining the group.
Individuals are welcome to contact the Chairs and Staff Contact to initiate a discussion about participation as an Invited Expert.
We expect Security Interest Group participants to contribute, which can take the form of:
- Participating in security reviews
- Scribing calls
- Participating in discussions
- ...among other things.
Inactive or non-contributing Invited Experts may not be renewed.
Potentially, yes (per the charter).
No. Individuals who work for a W3C Member organization participate as representatives of their organization and not via the Invited Expert program.
Potentially.
- There are no patent licensing obligations associated with participation in an Interest Group. However see the disclosure obligations for Interest Group participants.
- When a participant of this Interest Group contributes to a technical submission reviewing or marking comments on deliverables by other groups, they must agree to the terms of the W3C Patent Policy and License Grants from Non-Participants.
Yes. Anyone may subscribe to the group’s mailing list and post to it. (People who join the group are automatically subscribed.)
See also:
Similar documents: