Post · Bonfire Dinteg Labs

The @w3c Security #InterestGroup proposes to make systematic use of threat modeling in W3C to identify potential #threats, vulnerabilities, and safeguards in web specifications.
This guide is designed to help standards #developers make informed decisions about #security and #privacy risks from the beginning of standard development #timetogiveinput

▶️ https://www.w3.org/TR/threat-modeling-guide/

Feedback wlc: https://github.com/w3c/threat-modeling-guide/issues

Threat Modeling Guide

Data Flow Diagram for Minimalist Web Threat Model with 3 entities (user, network operator, website admin), linked by 7 flows to 3 processes (DNS, browser, server), as described in section A1.3 of the guide.

Bonfire Dinteg Labs

This is a bonfire demo instance for testing purposes. This is not a production site. There are no backups for now. Data, including profiles may be wiped without notice. No service or other guarantees expressed or implied.

Bonfire Dinteg Labs: About · Code of conduct · Privacy ·

Bonfire social · 1.0.0 no JS en

Automatic federation enabled