Hi, Jeff Hodges here.
I gave a brief overview presentation regarding the status of Internet standards efforts regarding web security. at the recent OWASP Bay Area chapter meeting (20-Aug-2012):
The presentation highlights some of the "recent", "emerging", and "in genesis" web security standards (e.g., respectively: HTTP State Management, HSTS, and UI Safety), related & leverageable standards (e.g., DNSSEC, DANE/TLSA), as well as fora where this work is occuring (some which we helped create):
W3C Web App Security Working Group
IETF WebSec Working Group
It also summarizes some things not yet cohesively approached (e.g., browser security indicators, the Web PKI trust model situation) and suggests some things you can do to overall help move web security forward.
Comments
You can follow this conversation by subscribing to the comment feed for this post.