Sign in
Version 5.13.0, 2015-03-25
Report a bug

Liaison Statement: Response to Q7/17 "LS on security architecture and operations for web mashup service

Submission Date: 2012-07-31
From: Security Area (Eliot Lear)
To: ITU-T SG 17 (
Cc:A Kremer
Koji Nakao
Eliot Lear
Stephen Farrell
Sean Turner
The IETF Chair
Barry Lieba
Pete Resnick
Mark Nottingham
Response Contact:
Technical Contact:
Purpose: In response
Referenced liaison: LS on security architecture and operations for web mashup services
Attachments: (none)
The IETF Security Area thanks ITU-T study group 17 for the opportunity
to comment on the proposed new work item, X.websec-5. There are
numerous related activities to this work, including the work of the
following IETF working groups in the Applications and Security areas:

·      Web Security (websec)
·      Web Authorization Protocol (oauth)
·      Transport Layer Security (tls)

We bring to your attention RFC-6454 "The Web Origin Concept",
draft-ietf-websec-frame-options, as well as 
draft-ietf-websec-x-frame-options, each of which looks at improving
overall web security of which mashups are classed.

In addition, we are aware of a considerable amount of effort in this
area in the W3C.

As always, we welcome participation in discussions about IETF protocols
through our mailing lists,,, and