W3C Launches New Web Application Security Working Group

Modern Web Applications may be governed by numerous security policies. Because there is no standard and shared mechanism for declaring and enforcing policies, it is not possible for sites to selectively declare the need to escape from some restrictions or to request enforcement of additional restrictions. W3C today launched the new Web Application Security Working Group, with a mission is to address security issues in modern web applications and mash-ups. The group will define lightweight policy expression mechanisms to tune the browser security model. The group will take up work based on the Content Security Policy specification, and will work on secure mash-up technologies including Cross-Domain Resource Sharing and UMP. W3C also launched today the Web Security Interest Group, a forum for discussions on improving standards and implementations to advance the security of the Web. Learn more about W3C's Security Activity.