Skip to content
This repository was archived by the owner on Oct 28, 2024. It is now read-only.

simplified how-to-use-section #22

Open
torgo wants to merge 1 commit into
base: main
Choose a base branch
from
Open

simplified how-to-use-section #22

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 8 additions & 25 deletions index.src.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,34 +101,17 @@ <h2 id="intro">Introduction</h2>

<h2 id="threats">How To Use The Questionnaire</h2>

Thinking about security and privacy risks and mitigations early in a project
is the best approach as it helps ensure the privacy of your feature at an
architectural level and ensures the result, descriptions, protocols and
algorithms incorporate privacy by default as opposed to through possible
implementation mitigations.

The Privacy Interest Group (PING) recommends that a feature group review the
guidance and questionnaire when first considering their feature and meet with
PING at that time to discuss any questions they have about how the
guidance/questionnaire intersects with their feature at a conceptual level.
After the feature group has developed their feature with the
guidance/questionnaire informing their development process, the group should
bring an early draft of their feature specification with Privacy consideration
section to PING for review. From there the feature group should iterate on
their design.

When requesting a Technical Architecture Group review, include the filled
questionnaire, along with the description of changes or observations made
during the design process. This allows external reviewers understand the
When designing a new web feature or technology, you should think about
security and privacy risks and mitigations early.
Please have a look at this questionnaire document
as you consider the design of a new web fearure or technology.

When requesting a Technical Architecture Group review, please include
responses to this questionnaire, along with the privacy-related aspects of
the design. This allows external reviewers understand the
rationale, as well as the challenges and evolution of the feature, with
respect to security and privacy.

It is understandable that developers may not always have the necessary data
to see the broader picture and possible implications, for example in relation
to other existing web functionalities. The answers to the questionnaire are
meant as help and input for people who may nonetheless make security and
privacy remarks, or the assessment.

</section>

<!-- Big Text: Threats -->
Expand Down