Merge pull request #610 from jyasskin/security-fix-typos

[ig/security] Fix several typos in the Threat Modeling Guide section.
w3c · Oct 21, 2024 · 2005c02 · 2005c02
2 parents b6f982c + d09bdb4
commit 2005c02
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/2024/ig-security.html b/2024/ig-security.html
@@ -151,7 +151,7 @@ <h2>Motivation and Background</h2>
         <p>W3C’s <a href="https://www.w3.org/mission/">mission</a> is to <q>develop open standards for an interoperable web to meet requirements for accessibility, internationalization, privacy, and security – so that humanity can experience all that the web has to offer</q>.</p>
         <p>The last two requirements, Privacy and Security, are integral to <a href="https://www.un.org/en/about-us/universal-declaration-of-human-rights" title="Article 3: Everyone has the right to life, liberty and security of person.">human rights</a> and <a href="https://www.ohchr.org/en/instruments-mechanisms/instruments/international-covenant-civil-and-political-rights" title="Article 9: Everyone has the right to liberty and security of person">civil liberties</a> and have always been of the Consortium's concern.</p>
         <p>Also, in the <a href="https://www.w3.org/TR/ethical-web-principles/">Ethical Web Principles</a>, there are several principles related to security both as a societal impact <a href="https://www.w3.org/TR/ethical-web-principles/#noharm">The web does not cause harm to society</a> and in terms of people's security <a href="https://www.w3.org/TR/ethical-web-principles/#privacy">The web is secure, and respects peoples' privacy</a>, where the goal is to create technology that creates as few threats as possible, or mitigates those threats</p>
-        <p>Several working groups deal with security issues, such as <a href="https://www.w3.org/groups/wg/webappsec/">developing mechanisms and best practices which improve the security of Web Applications</a>, <a href="https://www.w3.org/groups/wg/webauthn/">develping strong authentication functionality for Web Applications</a>, <a href="https://www.w3.org/groups/wg/fedid/">developing APIs to allow a website to request an identity credential securely</a>, and <a href="https://www.w3.org/groups/ig/securepay/">enhancing the security and interoperability of various Web payments technologies</a>.</p>
+        <p>Several working groups deal with security issues, such as <a href="https://www.w3.org/groups/wg/webappsec/">developing mechanisms and best practices which improve the security of Web Applications</a>, <a href="https://www.w3.org/groups/wg/webauthn/">developing strong authentication functionality for Web Applications</a>, <a href="https://www.w3.org/groups/wg/fedid/">developing APIs to allow a website to request an identity credential securely</a>, and <a href="https://www.w3.org/groups/ig/securepay/">enhancing the security and interoperability of various Web payments technologies</a>.</p>
         <p>Security is also a horizontal topic that often touches other groups and standards. Security can impact any protocol or API, which can have security implications. W3C Process mandates <a href="https://www.w3.org/policies/process/#wide-review">Wide Reviews</a>, which is one of the Interest Group’s main scope.</p>
       </div>
 
@@ -203,9 +203,9 @@ <h2>
               Threat Modeling Guide
             </dt>
             <dd>
-    		<p>Section 3 "Threat Models" of the Security and Privacy Questionnaire encourages standards developers to identify, assess various threats, mitigate them, and document them in Security and Privacy Considerations sections.</p>
-    		<p>One of the recommended process, in addition to answering the questionnaire, is to start from a Threat Model specific to the standard, considering a range of attacks and threats. This can also be useful in identifying the need for additional activities such as formal verification or cryptoanalysis.</p>
-    		<p>Since Threat Modeling is a process that originated in security field but can be used for different threat categories, SING, in collaboration with relevant groups such as TAG, PING, and the Threat Modeling Community Group, will create an how-to guide to support standards developers in creating Threat Models, with also specific threats lists e.g., for security and privacy.</p>
+    		<p>Section 3 "Threat Models" of the Security and Privacy Questionnaire encourages standards developers to identify and assess various threats, mitigate them, and document them in Security and Privacy Considerations sections.</p>
+    		<p>One recommended process, in addition to answering the questionnaire, is to start from a Threat Model specific to the standard, considering a range of attacks and threats. This can also be useful in identifying the need for additional activities such as formal verification or cryptoanalysis.</p>
+    		<p>Since Threat Modeling is a process that originated in the security field but can be used for different threat categories, SING, in collaboration with relevant groups such as TAG, PING, and the Threat Modeling Community Group, will create a how-to guide to support standards developers in creating Threat Models. This guide will also include lists of specific threats for various areas including security and privacy.</p>
             </dd>
             <dt id="SRIT" class="spec">
               <a href="https://github.com/w3c/security-request/issues/new/choose">Security Request Issue template</a>