Skip to main content

Liaison statement
Response to Q7/17 "LS on security architecture and operations for web mashup service

Additional information about IETF liaison relationships is available on the IETF webpage and the Internet Architecture Board liaison webpage.
State Posted
Submitted Date 2012-07-31
From Group SEC
From Contact Eliot Lear
To Group ITU-T-SG-17
To Contacts
Cc A Kremer <>
Koji Nakao <>
Eliot Lear <>
Stephen Farrell <>
Sean Turner <>
The IETF Chair <>
Barry Lieba <>
Pete Resnick <>
Mark Nottingham <>
Response Contact
Technical Contact
Purpose In response
Attachments (None)
Liaisons referred by this one LS on security architecture and operations for web mashup services
The IETF Security Area thanks ITU-T study group 17 for the opportunity to
comment on the proposed new work item, X.websec-5. There are numerous related
activities to this work, including the work of the following IETF working
groups in the Applications and Security areas:

·      Web Security (websec)
·      Web Authorization Protocol (oauth)
·      Transport Layer Security (tls)

We bring to your attention RFC-6454 "The Web Origin Concept",
draft-ietf-websec-frame-options, as well as  draft-ietf-websec-x-frame-options,
each of which looks at improving overall web security of which mashups are

In addition, we are aware of a considerable amount of effort in this area in
the W3C.

As always, we welcome participation in discussions about IETF protocols through
our mailing lists,,, and