Web Security Interest Group Charter

Deliverables

As an Interest Group, this group has no formal deliverables. The group may propose additional standards work to the W3C and may publish Interest Group Notes on topics such as best practices, analysis of security issues, and design considerations.

The Group intends to focus its work on three categories of effort:

• Incubation: Discussing ideas for new Recommendation-track work; dispatching promising ideas to a Community Group or Task Force; proposing drafts to W3C for Working Group chartering.
• Horizontal Reviews: Assessing W3C drafts for security considerations and/or publishing questionnaires or other guidance to enable self-review by working groups.
• Web Security Incident Review: Considering reported security incidents as input, e.g., to correct patterns of error, threat modeling, and new spec development.

Coordination

Technical coordination with the following Groups will be made, per the W3C Process Document:

Communication

Technical discussions for this Interest Group are conducted in public.This group primarily conducts its work on the public mailing list public-web-security@w3.org.

Information about the group (including details about deliverables, issues, actions, status, participants, and meetings) will be available from the Web Security Interest Group home page.

Decision Policy

This group will seek to make decisions through consensus and due process, per the W3C Process Document (section 3.3). Typically, an editor or other participant makes an initial proposal, which is then refined in discussion with members of the group and other reviewers, and consensus emerges with little formal voting being required.

However, if a decision is necessary for timely progress, but consensus is not achieved after careful consideration of the range of views presented, the Chairs may call for a group vote, and record a decision along with any objections.

To afford asynchronous decisions and organizational deliberation, any resolution (including publication decisions) taken in a face-to-face meeting or teleconference will be considered provisional. A call for consensus (CfC) will be issued for all resolutions (for example, via email and/or web-based survey), with a response period from one week to 10 working days, depending on the chair's evaluation of the group consensus on the issue. If no objections are raised on the mailing list by the end of the response period, the resolution will be considered to have consensus as a resolution of the Interest Group.

All decisions made by the group should be considered resolved unless and until new information becomes available, or unless reopened at the discretion of the Chairs or the Director.

This charter is written in accordance with the W3C Process Document (Section 3.4, Votes), and includes no voting procedures beyond what the Process Document requires.

Patent Disclosures

The Interest Group provides an opportunity to share perspectives on the topic addressed by this charter. W3C reminds Interest Group participants of their obligation to comply with patent disclosure obligations as set out in Section 6 of the W3C Patent Policy. While the Interest Group does not produce Recommendation-track documents, when Interest Group participants review Recommendation-track specifications from Working Groups, the patent disclosure obligations do apply. For more information about disclosure obligations for this group, please see the W3C Patent Policy Implementation.

Licensing

This Interest Group will use the W3C Software and Document license for all its deliverables.

About this Charter

This charter has been created according to section 5.2 of the Process Document. In the event of a conflict between this document or the provisions of any charter and the W3C Process, the W3C Process shall take precedence.