Web Application Security Working Group

Calendar of Events

Subscribe:   

Mission

As stated in its charter, the mission of the Web Application Security Working Group is to develop technical and policy mechanisms to improve the security of and enable secure cross-site communications for applications on the Web.

Mailing List

The group's primary work mode is via discussion on a public mailing list: public-webappsec@w3.org | Subscribe | List Archives

Search the archive

Teleconferences

WebAppSec conducts a one hour, members-only teleconference every two weeks. See the calendar of events for the most current dates and times and dial-in details.

Participants in the teleconference are encouraged to please also join the #webappsec channel during the call. Connect to irc.w3.org:6665 with your favorite IRC client or use the web interface.

Minutes for teleconferences and face-to-face meeetings are archived here.

Bugs, Issues & Actions

Technical issues and actions for WG members can be managed on the group's tracker instance. (some features are member-only, see the full tracker documentation)

Some editors use the WG's GitHub repo to manage spec text bugs and pull requests. (technical issues and feature requests must go through the public mailing list first)

Recommendation-Track Drafts

Candidate Recommendation
21-July-2015
Mike West, Dan Veditz, Adam Barth
Mike West, Brad Hill
Working Draft
21-June-2016
Mike West
Working Draft
07-June-2016
Brad Hill
Editor's Draft
13-July-2016
Frederik Braun, Devdatta Akhawe, Joel Weinberger, Francois Marier,Mike West
Working Draft
01-June-2016
Jochen Eisinger, Emily Stark
Candidate Recommendation
08-October-2015
Mike West
Kristijan Burnik
Working Draft
19-July-2016
Mike West
First Public Working Draft
26-February-2015
Mike West
Scheduled to transition to WG NOTE
Candidate Recommendation
08-October-2015
Mike West
First Public Working Draft
07-April-2015
Mounir Lamouri, Marcos Cáceres
Working Draft
25-April-2016
Mike West
First Public Working Draft
09-June-2015
David Ross, Mike West
Scheduled for transition to WG NOTE
Working Draft
20-July-2016
Mike West
First Public Working Draft
15-October-2015
Deian Stefan
First Public Working Draft
15-December-2015
Mike West
Scheduled for transition to WG NOTE
First Public Working Draft
15-December-2015
Mike West

W3C Recommendations

Recommendation
16-January-2014
Anne van Kesteren
Recommendation
23-June-2016
Frederik Braun, Devdatta Akhawe, Joel Weinberger, Francois Marier,Mike West

Non-Recommendation-Track Documents

Working Group Note
19-February-2015
Brandon Sterne, Adam Barth
Succeeded by Content Security Policy Level 2
Working Group Note
26-January-2010
Tyler Close, Mark Miller
Input document for Cross-Origin Resource Sharing from WebApps WG
No offical status
04-February-2011
John Kemp
Input and reference document

Administrative

Charter

The WebAppSec Working Group operates under a charter approved on 18-March-2015.

Patent Disclosures

The W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent.

Chairs

Brad Hill (Facebook) and Daniel Veditz (Mozilla)

W3C Team Contact

Wendy Seltzer

Membership

(W3C Member-Only) See DBWG and IPP for a list of WG participants.

Liasons with Other Groups

Members and the public interested in this WG's work may also want to follow the W3C Web Security Interest Group and Web Cryptography Working Group as well as the Websec Working Group at the IETF.