2009/10/26 David Rogers <david.rog...@omtp.org>: > Hi Art and Marcos, > > > > I didn’t see this point discussed in the last widgets meeting minutes. Do you > know if anybody has started work on any security guidelines for widgets? I > noticed that in the “Web Security Context: User Interface Guidelines”, for > example this requirement[1] there may be some conflict with widgets / > potential to put requirements there for the item below and others? >
We have not yet started work on this. We could certainly add a security considerations section to one the view mode specs (as we have done with P&C and with Dig Sig). Please feel free to contribute some tests. -- Marcos Caceres http://datadriven.com.au