Post · bonfire.cafe

Post

The @w3c Security #InterestGroup proposes to make systematic use of threat modeling in W3C to identify potential #threats, vulnerabilities, and safeguards in web specifications.
This guide is designed to help standards #developers make informed decisions about #security and #privacy risks from the beginning of standard development #timetogiveinput

▶️ https://www.w3.org/TR/threat-modeling-guide/

Feedback wlc: https://github.com/w3c/threat-modeling-guide/issues

Data Flow Diagram for Minimalist Web Threat Model with 3 entities (user, network operator, website admin), linked by 7 flows to 3 processes (DNS, browser, server), as described in section A1.3 of the guide.

Threat Modeling Guide

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.2-alpha.7 no JS en

Automatic federation enabled