Group Note Drafts: Threat Modeling Guide and Threat Model for Decentralized Credentials

The Security Interest Group has published the first drafts of the following Group Notes:

• Threat Modeling Guide: This document describes when, why, and how to perform threat modeling during the development of a specification at the World Wide Web Consortium (W3C). This is designed to help standards developers understand threats and countermeasures from the beginning of standard development and to document the model in the security considerations section. This document is intended for threat modeling with the broadest definition of threat.
• Threat Model for Decentralized Credentials: This document is the live "meta" Threat Model related to Decentralized Credentials. This outlines the many concerns related to these work areas and the initial principles for addressing user considerations for starting a discussion.