Skip to content

Latest commit

 

History

History
41 lines (29 loc) · 5.26 KB

GOVERNANCE.md

File metadata and controls

41 lines (29 loc) · 5.26 KB
Raw

Governance of Security Interest Group

Status: Draft

Editor: @simoneonofri

Decision Process

This group will seek to make decisions through consensus and due process, per the W3C Process Document (section 5.2.1, Consensus).

Roles

Group roles

There are some W3C-defined roles at group level:

  • Chair: The Chair's primary role is to facilitate consensus-building among Group members.
  • Staff (or Team) Contact: The Contact helps set the strategic direction of the Group in the chartering phase. Many of the Contact's tasks involve helping the Chair complete his or her roles, such as ensuring that the group runs smoothly, actively aiding consensus building, ensuring wide review of specifications, tracking feedback from implementors, and so forth.
  • Participants: Those who participate, in their skills and abilities, in group activities. In general in this group, participants collaborate on writing papers and do security reviews.

Meeting roles

During the meeting, there are two special roles:

  • Chair: coordinates the meeting, welcome participants and manages consensus and timing.
  • Scribe: The role of scribes is to record all decisions, actions and issues noted by the group during meetings, as well as recording significant discussion so that topics need not be revisited. Everyone in a meeting should consider it their responsibility to help the scribe.
    • If speaking and making a complicated point - offer to type the summary into the chat yourself
    • If there is an error in the log, correct it during the meeting (see Scribe Instructions)
    • If the scribe needs to speak, offer to fill in

Reviewer roles

There are also a specific role for this group, for the reviews:

  • Reviewer: Is the core role of this group, reviewers ensure web standards are designed with robust security principles, identifying and mitigating potential threats, attacks and vulnerabilities to protect the user.

Document roles

There are some specific document roles (adapted from (Xenc Contributor Policies)):

  • Editor: The role of the editor is not that of author. "Every Technical Report published as part of the Technical Report development process is edited by one or more editors appointed by a Group Chair. It is the responsibility of these editors to ensure that the decisions of the Group are correctly reflected in subsequent drafts of the technical report." (W3C Process, 6.2.1). The editor commitment is a substantive one, the editor is responsible for tracking questions about the specification and resolution of issues (managed by the chair), coordinating work of the authors, and the regular publication of the document that meets W3C publication requirements.
  • Author: Authors by their own initiative or through commitments to the Chair make substantive contributions that are included within the specification. Frequently an author will make and write a proposal that is then the basis of a section of the specification. Criteria for authorship are the expressed interest (agreed to by the Chair) to be listed as an author and the substance and quality of the contributions. The Chair looks at the consistency of participation, the willingness to take action items, and how much "authoring" the group member actually accomplished. This criteria is somewhat relative in that if this role is designated, the Chair wish to list the top handful of people that consistently plugged away on the work while avoid a list of names occupying the first two pages of the specification. Where the number of authors/editors are small, the Author and Editor role is frequently collapsed in to the Editor designation. Where there are numerous authors, the role will be a specified subset of the Contributor designation which is an Appendix to the specification.
  • Contributor: Contributors are the many important group members who provide the ideas, comments, feedback and implementation experience that makes the specification meaningful. Criteria for the contributor role are an expressed interest to be listed as a contributor to the document and the quality of contribution as determined by the Chair; this is based on the consistency of participation on the email list, participation in teleconferences and face-to-face meetings as appropriate, and a responsiveness to open WG issues. In reality, this criteria is fairly relaxed in that the Chair wish to include all of those that helped and not weaken that acknowledgement through the inclusion of group members that did not.

Note that neither the IETF nor W3C have processes to define the role of author. However, it has become clear through experience that this distinction is sometimes a useful one. In the end, it is only the editors that are listed on the http://www.w3.org/TR/ page or within the header of IETF documents for reference elsewhere. The Chair will consider a final formulation in a way that is reasonably terse but as fair as possible to all involved.