ISSUE-448: Provide proper discussion of security considerations
Security-considerations
Provide proper discussion of security considerations
- State:
- CLOSED
- Product:
- cross-document
- Raised by:
- Graham Klyne
- Opened on:
- 2012-07-09
- Description:
- Provenance is substantially about establishing trust. As such, I think we should (following long-established IETF practice) give due attention to related security considerations. In particular, I think our treatment of security considerations should be pulled into a place where it will get most review, as strong review is one of the cornerstones of good security.
It's not our job to fix every possible security problem, but we should try and expose the range of issues that developers will need to consider when implementing applications that use provenance.
Currently, there are security considerations in the MIME registration for PROV-N, and in PROV-AQ.
I think a new security considerations section in PROV-DM, cross-referenced from the other documents as appropriate, might be a reasonably prominent place to document security concerns for provenance. For many concerns, we may be able to reference other documents from there.
Emails relating to this issue include:
http://lists.w3.org/Archives/Public/public-prov-wg/2012Jul/0104.html
http://lists.w3.org/Archives/Public/public-prov-wg/2012Jul/0103.html
- Related Actions Items:
- No related actions
- Related emails:
- PROV-ISSUE-448 (Security-considerations): Provide proper discussion of security considerations [cross-document] (from sysbot+tracker@w3.org on 2012-07-09)
Related notes:
Typo spotted! Changed: "I think a new security considerations section in PROV-DM" to "I think a new security considerations section in PROV-DM" in original description.
Display change log