/
662.txt
129 lines (96 loc) · 4.63 KB
/
662.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
[19] [DFN[[[Web Application Security Working Group]]]] ([DFN[[[WebAppSec]]]])
は、 [[Web]] の[[セキュリティー]]関係の仕様を開発している [[W3C]] の [[WD]] です。
* 仕様
[17] [[WebAppSec]] は次の[[仕様]]を開発しています。
[FIG(short list)[
- [[CSP]]
- [[SRI]]
- [[Mixed Content]]
- [[Upgrade Insecure Requests]]
- [[Secure Contexts]]
- [[Referrer Policy]]
- [[Clear Site Data]]
- [[EPR]]
- [[COWL]]
- [[Permissions API]]
- [[Credential Management]]
- [[UI Security]]
- [[Reporting API]]
]FIG]
* 人物
[18] 多くの仕様は [[Mike West]] が開発しています。多くの仕様は [[Fetch]]
や [[HTML]] など [[WHATWG]] の仕様と深く関わっているため、 [[WHATWG]]
側で [[Anne van Kesteren]] がよく関与しています。
* 歴史
[1] [CITE@en-US[Web Application Security Working Group]]
( ([TIME[2010-07-22 00:55:55 +09:00]] 版))
<http://www.w3.org/2010/07/appsecwg-charter>
[2] [CITE@en[Web Application Security Working Group]]
( ([TIME[2011-09-08 08:57:55 +09:00]] 版))
<http://www.w3.org/2011/webappsec/>
[3] [CITE[Web Application Security Working Group]]
( ([TIME[2011-09-08 08:58:50 +09:00]] 版))
<http://www.w3.org/2011/08/appsecwg-charter.html>
[4] [CITE@en[WebAppSec re-charter status]]
([[Wendy Seltzer]] 著, [TIME[2015-02-04 21:16:47 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015Feb/0066.html>
[5] [CITE[IRC logs: freenode / #whatwg / 20150310]]
([TIME[2015-03-11 11:49:49 +09:00]] 版)
<http://krijnhoetmer.nl/irc-logs/whatwg/20150310>
[6] [CITE@en[''''''[''''''webappsec'''''']'''''' rechartering complete!]]
([[Brad Hill]] 著, [TIME[2015-03-19 05:15:06 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015Mar/0128.html>
[7] [CITE[Web Application Security Working Group]]
([TIME[2015-03-19 03:15:49 +09:00]] 版)
<http://www.w3.org/2015/03/webappsec-charter-2015.html>
[FIG(quote)[
[FIGCAPTION[
[8] [CITE@en[Joining WebAppSec]]
([[Nottingham, Mark]] 著, [TIME[2015-03-26 05:55:36 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015Mar/0172.html>
]FIGCAPTION]
> Akamai has joined the WG, and we'll be sending a few people to participate, including me.
]FIG]
[9] [CITE@en[CFC: All publications in WebAppSec to use new W3C publication process, was Re: CFC to push use new publishing process]]
([[Marcos Caceres]] 著, [TIME[2015-03-26 03:33:39 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015Mar/0170.html>
[10] [CITE[Web Application Security Working Group]]
([TIME[2015-04-30 03:57:27 +09:00]] 版)
<http://www.w3.org/2015/03/webappsec-charter-2015.html>
[11] [CITE[IRC logs: freenode / #whatwg / 20150824]]
([TIME[2015-08-25 11:10:10 +09:00]] 版)
<http://krijnhoetmer.nl/irc-logs/whatwg/20150824>
[FIG(quote)[
[FIGCAPTION[
[12] [CITE[IRC logs: freenode / #whatwg / 20150831]]
([TIME[2015-09-01 11:54:18 +09:00]] 版)
<http://krijnhoetmer.nl/irc-logs/whatwg/20150831#l-258>
]FIGCAPTION]
> <mkwst> I only care about the W3C HTML spec insofar as I need to advance specs to REC due to patent idiocy.
]FIG]
[13] [CITE@en[Split the `w3c/webappsec` respository?]]
([[Mike West]] 著, [TIME[2015-09-08 17:33:40 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015Sep/0039.html>
[14] [CITE@en[Re: Starting to create new repositories.]]
([[Mike West]] 著, [TIME[2015-10-02 03:12:08 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015Oct/0002.html>
[15] [CITE[Table of Specifications]]
([TIME[2015-10-01 20:51:59 +09:00]] 版)
<https://w3c.github.io/webappsec/specs/>
[16] [CITE@en[Starting to create new repositories.]]
([[Mike West]] 著, [TIME[2015-09-30 21:27:58 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015Sep/0239.html>
* メモ
[20] [[W3C]] の [[WD]] にしては珍しく、高品質な仕様書を順調に開発しています。
[21] [CITE@en[Web Application Security Working Group F2F -- 16 May 2016]]
( ([TIME[2016-05-18 00:38:05 +09:00]]))
<https://www.w3.org/2016/05/16-webappsec-minutes.html>
[22] [CITE@en[Web Application Security Working Group F2F -- 17 May 2016]]
( ([TIME[2016-05-18 09:49:47 +09:00]]))
<https://www.w3.org/2016/05/17-webappsec-minutes.html>
[23] [CITE@en[Rechartering WebAppSec -- call for input]]
([[Wendy Seltzer]]著, [TIME[2016-10-20 06:53:01 +09:00]])
<https://lists.w3.org/Archives/Public/public-webappsec/2016Oct/0036.html>
[24] [CITE@en[add an initial draft of Charter 2017]]
([[wseltzer]]著, [TIME[2016-11-30 08:25:55 +09:00]])
<https://github.com/w3c/webappsec/commit/321356f94ed7b7366ce641d75d16fece1541071e>