Response to Q7/17 "LS on security architecture and operations for web mashup service
Additional information about IETF liaison relationships is available on the IETF webpage and the Internet Architecture Board liaison webpage.
|From Contact||Eliot Lear|
|Cc||A Kremer <email@example.com>
Koji Nakao <firstname.lastname@example.org>
Eliot Lear <email@example.com>
Stephen Farrell <firstname.lastname@example.org>
Sean Turner <email@example.com>
The IETF Chair <firstname.lastname@example.org>
Barry Lieba <email@example.com>
Pete Resnick <firstname.lastname@example.org>
Mark Nottingham <email@example.com>
|Liaisons referred by this one||
LS on security architecture and operations for web mashup services
The IETF Security Area thanks ITU-T study group 17 for the opportunity to comment on the proposed new work item, X.websec-5. There are numerous related activities to this work, including the work of the following IETF working groups in the Applications and Security areas: · Web Security (websec) · Web Authorization Protocol (oauth) · Transport Layer Security (tls) We bring to your attention RFC-6454 "The Web Origin Concept", draft-ietf-websec-frame-options, as well as draft-ietf-websec-x-frame-options, each of which looks at improving overall web security of which mashups are classed. In addition, we are aware of a considerable amount of effort in this area in the W3C. As always, we welcome participation in discussions about IETF protocols through our mailing lists, firstname.lastname@example.org, email@example.com, and firstname.lastname@example.org.