Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add guidelines for stage 3 reviewers that includes a mention of security review #4

Open
michaelficarra opened this issue Nov 29, 2018 · 2 comments
Open

add guidelines for stage 3 reviewers that includes a mention of security review #4

michaelficarra opened this issue Nov 29, 2018 · 2 comments

Comments

@michaelficarra
Copy link
Member

At the Nov 2018 breakout session, we thought it might be valuable for stage 3 reviewers to have guidelines for what to consider during review. We could encourage them to consider security by including it in the guidelines. @natashenka has offered to put together a PR for the process document that would include this section, then present it to the committee at a future meeting.
@ljharb
Copy link
Member

ljharb commented Nov 29, 2018

This sounds like a great addition to tc39/process-document#18 :-D "Security" could be one of the risk areas defined at an early stage, that's evaluated as part of stage 3.

@michaelficarra
Copy link
Member Author

The W3C (https://www.w3.org/TR/security-privacy-questionnaire/) and IETF (https://datatracker.ietf.org/doc/html/rfc3552) each have security consideration guidelines. We can take inspiration from these documents.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ljharb @michaelficarra