Difference between revisions of "OWASP Working Session - Browser Security"

From OWASP
Jump to: navigation, search
m
m
Line 9: Line 9:
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Work Session Description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Work Session Description'''  
  | colspan="6" style="width:85%; background:#cccccc" align="left"|TBD
+
  | colspan="6" style="width:85%; background:#cccccc" align="left"|Brainstorming on how to introduce more useful security into our browsers
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Related Projects (if any)'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Related Projects (if any)'''  
Line 31: Line 31:
 
  | style="width:25%; background:#7B8ABD" align="center"|'''Venue/Date&Time/Model'''
 
  | style="width:25%; background:#7B8ABD" align="center"|'''Venue/Date&Time/Model'''
 
  | style="width:25%; background:#cccccc" align="center"|'''Venue'''<br>[[:OWASP EU Summit 2008|OWASP EU Summit Portugal 2008]]  
 
  | style="width:25%; background:#cccccc" align="center"|'''Venue'''<br>[[:OWASP EU Summit 2008|OWASP EU Summit Portugal 2008]]  
  | style="width:25%; background:#cccccc" align="center"|'''Date&Time'''<br>November 4 & 7, 2008 <br>Time TBD
+
  | style="width:25%; background:#cccccc" align="center"|'''Date&Time'''<br>November 4, 2008 <br>9:00
 
  | style="width:25%; background:#cccccc" align="center"|'''Discussion Model'''<br>Everybody is a Participant
 
  | style="width:25%; background:#cccccc" align="center"|'''Discussion Model'''<br>Everybody is a Participant
 
  |}
 
  |}

Revision as of 07:53, 7 October 2008

Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Work Session Name ISWG Browser Security
Short Work Session Description Brainstorming on how to introduce more useful security into our browsers
Related Projects (if any)

OWASP ISWG (Intrinsic Security Working Group) = OWASP Intrinsic Security Working Group - Browser Security

Email Contacts & Roles Chair
Arshan Dabirsiaghi
Secretary
Kuai Hinojosa
Mailing list
Subscription Page
WORKING SESSION SPECIFICS
Objectives
  • Discuss ongoing HTML5 security research,
  • Discuss further ramifications of HTML5 (cross-site XHR, Access-Control, client storage, etc.),
  • Take a look at security critical areas and discuss possible browser improvements.
Venue/Date&Time/Model Venue
OWASP EU Summit Portugal 2008
Date&Time
November 4, 2008
9:00
Discussion Model
Everybody is a Participant
WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power
WORKING SESSION ADDITIONAL DETAILS
  • Browsers to invite: IE, FF, Safari, Opera and Chrome.
  • Agenda:

- Time: 30 mins Introduction

- Time: 2 hrs 30 mins Action Item: Identify 5 Key Browser Risks and select the top 3

- Time: 2 hrs 30 mins Address issues in the current HTML 5 specifications

- Time: 1 hr 30 mins Build a proposal to target key players in the industry and ask for their support

- Time: 30 mins Assign point leads, roles and responsibilities

WORKING SESSION OUTCOMES
Statements, Initiatives or Decisions Proposed by Working Group Approved by OWASP Board
OWASP Top 10 Browser Wishlist. After the Board Meeting - fill in here.
Actionable advice and technical arguments for HTML5 feature set. After the Board Meeting - fill in here.
Establish OWASP points-of-contact for W3C. After the Board Meeting - fill in here.
Fill in here. After the Board Meeting - fill in here.

Working Session Participants

(Add you name by editing this table. On your the right, just above the this frame, you have the option to edit)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed
1 Mario Heiderich Independent General Expertise
2 Gareth Heyes Independent General Expertise
3 Marcin Wielgoszewski Protiviti Participant
4 Adam Baso Symantec Participant
5
6
7
8
9
10