Old2014
// old version of the page //
Specs to review, groups to watch
Most wiki activity is now taking place in the Web Security Interest Group.
Specs
Wiki pages containing information about these specifications:
- Content Security Policy (webappsec); use the public-webappsec@w3.org mailing list for discussion.
- XMLHttpRequest (webapps)
- CORS and Uniform Messaging Policy (webappsec); use the public-webappsec@w3.org mail list for related discussions
- HTML5 (html)
- Websockets (webapps)
- Anti-Clickjacking Requirements (webappsec); use the public-webappsec@w3.org mailing list for discussion.
Groups
Related Groups to Liaise With
Ongoing issues
- Trusted User Interface
- Same Origin Policy and Same Origin Policy by Adam Barth
- Cross Site Attacks
- Comparison of CORS and UMP (Work in progress)
Perhaps this wiki would be handy for thinking thru some security patterns the TAG is discussing under ISSUE-31 (metadatainURI-31)...
- Ungessable URI, Web Key, Email Confirmation
- Passwords In The Clear (maybe not worth bothering; the finding is done, I think)