BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Sabre//Sabre VObject 4.5.8//EN
CALSCALE:GREGORIAN
LAST-MODIFIED:20260219T061354Z
BEGIN:VTIMEZONE
TZID:Asia/Tokyo
X-MICROSOFT-CDO-TZID:20
BEGIN:STANDARD
DTSTART:20241117T071500
TZOFFSETFROM:+0900
TZOFFSETTO:+0900
TZNAME:JST
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
UID:2baf5a15-9c60-4494-8354-a4ff1866ef16
DTSTAMP:20260219T061354Z
SUMMARY:New approach to solving client-side security
DTSTART;TZID=Asia/Tokyo:20251112T161500
DTEND;TZID=Asia/Tokyo:20251112T171500
DESCRIPTION:https://www.w3.org/events/meetings/2baf5a15-9c60-4494-8354-a4ff
 1866ef16/\n\nhttps://github.com/w3c/webappsec-csp/issues/736\nThe energy i
 n the room when we discussed after my presentation was 'CSP was never buil
 t for this'. So perhaps now is a great time to think ahead of what CSP wil
 l not do and figure out what a good mechanism could look like to stop such
  attacks (I have suggestions).\n\n**Goal(s):**\nIgnoring CSP\, what would 
 the ideal client-side security solution look like today/\n\nAgenda\n\n1. G
 oing over client-side attacks. Those that happen routinely\, the rarer one
 s\, the highly targeted ones and the opportunistic spread and pray ones.\n
 2. limitations of CSP and SRI\n3. What could the alternatives look like - 
 open discussion.\n4. How does JS fit into JS security.\n\n**Materials:**\n
 - [Session proposal on GitHub](https://github.com/w3c/tpac2025-breakouts/i
 ssues/74)
STATUS:CONFIRMED
CREATED:20251028T131650Z
LAST-MODIFIED:20260219T061354Z
SEQUENCE:3
ORGANIZER;CN=W3C Calendar;PARTSTAT=ACCEPTED;ROLE=NON-PARTICIPANT:mailto:nor
 eply@w3.org
LOCATION:Floor 4 - 403
CATEGORIES:TPAC 2025,Breakout Sessions
END:VEVENT
END:VCALENDAR