Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[wg/wasm] WebAssembly 2022 charter #325

Closed
1 task done
ericprud opened this issue Apr 5, 2022 · 8 comments
Closed
1 task done

[wg/wasm] WebAssembly 2022 charter #325

ericprud opened this issue Apr 5, 2022 · 8 comments
Assignees
@sideshowbarker
Labels
Accessibility review completed Advance Notice Sent Advance Notice of (re)chartering has been sent to the AC charter group charter Horizontal review requested Internationalization review completed Privacy review completed security-needs-resolution Issue the security Group has raised and looks for a response on.
Projects
Strategy Team's Incubation Pipeline (...

Comments

@ericprud
Copy link
Member

ericprud commented Apr 5, 2022
edited by plehegar

New charter proposal, reviewers please take note.

Charter Review

Charter:

What kind of charter is this? Check the relevant box / remove irrelevant branches.

Communities suggested for outreach:
WebAssembly Community Group

Known or potential areas of concern:
This is a continuation of earlier work. It should not introduce any new i18n or a11y concerns.

Where would charter proponents like to see issues raised? (this strategy funnel issue, a different github repo, email, ...)

Anything else we should think about as we review?
none
@michael-n-cooper
Copy link
Member

No comments from APA.

@himorin
Copy link

himorin commented Apr 14, 2022

no comment/request from i18n

@samuelweiler samuelweiler added Privacy review completed security-needs-resolution Issue the security Group has raised and looks for a response on. labels Apr 20, 2022
@samuelweiler
Copy link
Member

Commenting here since the template question about where comments should go is unanswered.

When will the working groups be seeking security and privacy reviews for these docs? I ask in part because the JS Interface Doc appears to have not been republished in over two years, and I haven't seen review requests for any of these docs lately.

I also see that the privacy and security sections in the existing WG docs are not in great shape. The security analyses in the both the base doc and the JS interface doc are too minimal and don't touch on privacy at all, and there's nothing about either in the API doc. I suggest quick attention to those.

I'm particularly curious as to the state of the base doc, which says in-line that it's CG doc, not a WG doc, as detailed here: WebAssembly/spec#1447

More substantively on the security side, what provisions are available for auditing WebAssembly code? Are there things we can do to make it more auditable?

@w3cbot w3cbot mentioned this issue Apr 21, 2022
Open
@samuelweiler samuelweiler mentioned this issue Apr 21, 2022
Closed
@samuelweiler
Copy link
Member

@ericprud any thoughts re: the above, especially the ability to audit the code?

@ericprud
Copy link
Member Author

We (@samuelweiler, @plehegar and others) discussed this in global on 12 mai. I believe we reached consensus that:

  1. the WebAssembly browser host is more secure than the the JS browser environment so inspection for WebAssembly isn't more desirable (or achievable) than any other web app.
  2. the WASI host environment is wide open but isn't a standard, just some experiments

There's an issue to WebAssembly/spec#1393 to integrate with Content Security Policy. See the associated proposal.

@plehegar
Copy link
Member

Charter work was announced to AC last year: https://lists.w3.org/Archives/Member/w3c-ac-members/2022AprJun/0011.html

@plehegar plehegar added the Advance Notice Sent Advance Notice of (re)chartering has been sent to the AC label Jun 26, 2023
@plehegar
Copy link
Member

(charter was approved by TiLT and can be sent for AC review)

@plehegar plehegar added the charter group charter label Oct 17, 2023
@plehegar plehegar changed the title WebAssembly 2022 charter [wg/wasm] WebAssembly 2022 charter Oct 17, 2023
@plehegar
Copy link
Member

Approved https://lists.w3.org/Archives/Member/w3c-ac-members/2023OctDec/0047.html

@plehegar plehegar moved this from Chartering to Strategy Work Concluded in Strategy Team's Incubation Pipeline (Funnel) Dec 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sideshowbarker sideshowbarker

Labels
Accessibility review completed Advance Notice Sent Advance Notice of (re)chartering has been sent to the AC charter group charter Horizontal review requested Internationalization review completed Privacy review completed security-needs-resolution Issue the security Group has raised and looks for a response on.
Projects
Strategy Team's Incubation Pipeline (...
Strategy Work Concluded
Milestone
No milestone
Development

No branches or pull requests
7 participants
@sideshowbarker @ericprud @plehegar @michael-n-cooper @himorin @samuelweiler and others