TAG spec review on keygen and use of client certificates in the web platform
A small-but-growing set of design principles collected by the TAG while reviewing specifications
W3C specs and API reviews
A security/privacy review questionnaire for W3C specs
wiki for non-specific stuff
A guide for spec authors on how to use Promises in prose and WebIDL.
Finding on Unsanctioned Tracking
TAG current work github page
Documenting the state of the extensible web
Transitioning the Web to HTTPS
Guidance about how to provide packages of information on the web.
Work on good practices for the use of capability URLs
Specification for "private mode" browsing
Recommendations from the TAG on How to Make the Web More Secure
How and why to design APIs that allow subclassing