Skip to content

Issues: w3c/security-review

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

SM series algorithms in Web Cryptography close? pending Issue created by the tracker tool and may need to be refined s:webcrypto https://w3c.github.io/webcrypto/ tracker Security is following a discussion, but doesn't require resolution.
#39 opened May 12, 2020 by w3cbot updated May 14, 2020
"credentialless" embedder policy. close? pending Issue created by the tracker tool and may need to be refined s:credentialless https://wicg.github.io/credentiallessness/ tracker Security is following a discussion, but doesn't require resolution.
#113 opened Jul 27, 2021 by w3cbot updated Sep 17, 2021
Framebust out of webviews pending Issue created by the tracker tool and may need to be refined s:html https://html.spec.whatwg.org/multipage/ tracker Security is following a discussion, but doesn't require resolution.
#166 opened Aug 14, 2022 by w3cbot updated Aug 14, 2022
COEP reflection close? pending Issue created by the tracker tool and may need to be refined tracker Security is following a discussion, but doesn't require resolution.
#164 opened Jun 23, 2022 by w3cbot updated Nov 15, 2022
Private State Tokens (formerly Trust Tokens) close? pending Issue created by the tracker tool and may need to be refined tracker Security is following a discussion, but doesn't require resolution.
#170 opened Nov 17, 2022 by w3cbot updated Feb 16, 2023
HTTPS Upgrades close? pending Issue created by the tracker tool and may need to be refined tracker Security is following a discussion, but doesn't require resolution.
#181 opened Jun 15, 2023 by w3cbot updated Aug 28, 2023
Phantomrwcwride2Zero
#201 opened Sep 8, 2023 by PhantomRwcwride2Zero updated Sep 8, 2023
RDF Canonicalization close? pending Issue created by the tracker tool and may need to be refined tracker Security is following a discussion, but doesn't require resolution.
#180 opened Jun 15, 2023 by w3cbot updated Oct 25, 2023
Security and Privacy Self Review pending Issue created by the tracker tool and may need to be refined s:vc-di-bbs missing link tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#213 opened Dec 16, 2023 by w3cbot updated Feb 9, 2024
Security and Privacy Self-Review Questionnaire close? pending Issue created by the tracker tool and may need to be refined s:vc-jose-cose missing link tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#206 opened Sep 15, 2023 by w3cbot updated Feb 9, 2024
Simplify TLS requirements so we don't have to recommend algorithms. close? pending Issue created by the tracker tool and may need to be refined s:openscreenprotocol https://w3c.github.io/openscreenprotocol/ tracker Security is following a discussion, but doesn't require resolution. wg:secondscreen https://www.w3.org/groups/wg/secondscreen
#203 opened Sep 11, 2023 by w3cbot updated Feb 9, 2024
Encourage the use of OHTTP close? pending Issue created by the tracker tool and may need to be refined s:vc-data-model https://w3c.github.io/vc-data-model/ tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#197 opened Sep 5, 2023 by w3cbot updated Feb 9, 2024
Point Privacy and Security Considerations section back to Data Integrity close? pending Issue created by the tracker tool and may need to be refined s:vc-di-eddsa https://w3c.github.io/vc-di-eddsa/ tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#196 opened Aug 27, 2023 by w3cbot updated Feb 9, 2024
Highlight security/privacy trade-offs between RDF-CANON and JCS close? pending Issue created by the tracker tool and may need to be refined s:vc-di-eddsa https://w3c.github.io/vc-di-eddsa/ tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#195 opened Aug 27, 2023 by w3cbot updated Feb 9, 2024
Add reference back to VC Data Model Security and Privacy Considerations sections close? pending Issue created by the tracker tool and may need to be refined s:vc-data-integrity https://w3c.github.io/vc-data-integrity/ tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#194 opened Aug 19, 2023 by w3cbot updated Feb 9, 2024
Add Security Consideration to avoid key reuse close? pending Issue created by the tracker tool and may need to be refined s:vc-data-model https://w3c.github.io/vc-data-model/ tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#193 opened Aug 19, 2023 by w3cbot updated Feb 9, 2024
Add normative guidance that @context files SHOULD be cached close? pending Issue created by the tracker tool and may need to be refined s:vc-data-integrity https://w3c.github.io/vc-data-integrity/ tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#192 opened Aug 19, 2023 by w3cbot updated Feb 9, 2024
Highlight security/privacy trade-offs between RDF-CANON and JCS close? needs-resolution Security expects this item to be resolved to their satisfaction. pending Issue created by the tracker tool and may need to be refined wg:vc https://www.w3.org/groups/wg/vc
#189 opened Aug 19, 2023 by w3cbot updated Feb 9, 2024
Strengthening Trust Boundaries for Holder Software in Verifiable Credential Processing close? pending Issue created by the tracker tool and may need to be refined s:vc-data-model https://w3c.github.io/vc-data-model/ tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#187 opened Aug 17, 2023 by w3cbot updated Feb 9, 2024
Addressing Verifier Stored Data Vulnerabilities and Legal Compliance close? pending Issue created by the tracker tool and may need to be refined s:vc-data-model https://w3c.github.io/vc-data-model/ tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#185 opened Aug 17, 2023 by w3cbot updated Feb 9, 2024
Security: fetch event in service worker can bypass the limitation of extension's CSP cg:webextensions https://www.w3.org/groups/cg/webextensions pending Issue created by the tracker tool and may need to be refined s:webextensions missing link tracker Security is following a discussion, but doesn't require resolution.
#183 opened Jul 10, 2023 by w3cbot updated Feb 9, 2024
Security and Privacy Self-Review Questionnaire close? pending Issue created by the tracker tool and may need to be refined s:vc-data-model https://w3c.github.io/vc-data-model/ tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#182 opened Jun 16, 2023 by w3cbot updated Feb 9, 2024
Repeat fingerprinting analysis assuming a malicious font server close? pending Issue created by the tracker tool and may need to be refined s:ift https://w3c.github.io/IFT/Overview.html tracker Security is following a discussion, but doesn't require resolution. wg:webfonts https://www.w3.org/groups/wg/webfonts
#179 opened May 17, 2023 by w3cbot updated Feb 9, 2024
"sideloading" and "untrustworthy" references are unclear given lack of authentication and integrity close? pending Issue created by the tracker tool and may need to be refined tracker Security is following a discussion, but doesn't require resolution. wg:epub https://www.w3.org/groups/wg/epub wg:pm https://www.w3.org/groups/wg/pm
#178 opened Mar 17, 2023 by w3cbot updated Feb 9, 2024
security considerations regarding use of platform accessibility apis for accessing user data close? pending Issue created by the tracker tool and may need to be refined s:core-aam missing link tracker Security is following a discussion, but doesn't require resolution. wg:aria https://www.w3.org/groups/wg/aria
#176 opened Dec 7, 2022 by w3cbot updated Feb 9, 2024
ProTip! What’s not been updated in a month: updated:<2024-11-19.