One of the suggested additions to "intent to implement" emails: https://wiki.mozilla.org/WebAPI/ExposureGuidelines#Intent_to_Implement
is a statement regarding Security & Privacy concerns, because those have often been noted as brief summary statements in some past "intent to implement" emails. There has been some discussion among various W3C/TAG etc. folks of adding a security self-review to W3C specifications, based on this strawman list of questions to answer (e.g. perhaps informatively in a section in a spec) https://mikewest.github.io/spec-questionnaire/security-privacy/ Until specs start publishing their answers to these security/privacy questions, should we consider doing so at least as part of "Intent to implement"? Thoughts? Tantek _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
