March 2nd, 2017
W3C published a Team Submission of W3C Security Disclosures Best Practices, a proposal for security and privacy disclosure programs, which will serve as a basis for further work in the space of security and privacy researchers protection, further to our announcement late January. This document contains a template intended for organizations interested in protecting their users and applications from fraud, malware, and computer viruses, as well as interested in ensuring proper adherence to security and privacy considerations included in W3C Recommendations. It also helps to support broad participation, testing, and audit from the security community to keep users safe and the web’s security model intact.
In the coming days, the W3C Director will send the W3C Membership a Call for Review for the Encrypted Media Extensions Proposed Recommendation; and solicit feedback and expression of interest for the specification and the W3C Security Disclosures Best Practices Team Submission.
You may read more in the January 2017 Information about W3C Guidelines for Vulnerability Disclosure Programs and in the article on EME in HTML5 published this week by W3C Director’s Tim Berners-Lee.