Closed elf-pavlik closed 3 months ago
Currently, we have https://github.com/solid/specification/pull/598 (22-11-2023) and https://github.com/solid/specification/issues/514 (22-03-2023) stuck in an overgrown issues tracker.
For clarity, please format dates per ISO8601, i.e., 2023-11-22
and 2023-03-22
Please vote on the repo name in
Accepted as https://github.com/solid/security-bp
I'm creating this issue since we considered managing it as a new work item.
625
Provide a document similar to OAuth 2.0 Security Best Current Practice. It will address security concerns raised in Solid CG, for example, #598
Currently, we have #598 (2023-11-22) and #514 (2023-03-22) stuck in an overgrown issues tracker.
While some security concerns may not be addressed directly in relevant specifications, we can still document known best practices in a dedicated document. As long as suggested countermeasures don't require non-conformance to any of Solid specs, they can be presented as available options.
This is a very specialized aspect of Solid aimed at a very specific audience; anyone with security-related responsibilities can contribute.
This work is explicitly intended for a technical audience.