From 82880dee34a9e922edc1131c6fcdb05ed98b64fd Mon Sep 17 00:00:00 2001
From: Jeffrey Yasskin <jyasskin@google.com>
Date: Tue, 19 Mar 2024 18:37:57 +0000
Subject: [PATCH 1/2] Add a security & privacy considerations section to the
 explainer template.

---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.md b/README.md
index e028bf4..efea522 100644
--- a/README.md
+++ b/README.md
@@ -43,6 +43,7 @@ reference. Look for [brackets].
 - [Considered alternatives](#considered-alternatives)
   - [[Alternative 1]](#alternative-1)
   - [[Alternative 2]](#alternative-2)
+- [Security and Privacy Considerations](#security-and-privacy-considerations)
 - [Stakeholder Feedback / Opposition](#stakeholder-feedback--opposition)
 - [References & acknowledgements](#references--acknowledgements)
 
@@ -154,6 +155,13 @@ and why you decided against it.]
 
 [etc.]
 
+## Security and Privacy Considerations
+
+[This section can start out as your answers to the [Security and Privacy Self-Review
+Questionnaire](https://www.w3.org/TR/security-privacy-questionnaire/), but you should eventually
+focus it on the aspects of your feature that need special security or privacy attention from
+implementers or users.]
+
 ## Stakeholder Feedback / Opposition
 
 [Implementors and other stakeholders may already have publicly stated positions on this work. If you can, list them here with links to evidence as appropriate.]

From 37db257bff59ee786ba188cc30d816410b54fb1a Mon Sep 17 00:00:00 2001
From: Jeffrey Yasskin <jyasskin@google.com>
Date: Wed, 20 Mar 2024 15:52:05 +0000
Subject: [PATCH 2/2] Mention the Web Platform Security Guidelines.

---
 README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index efea522..fabbaeb 100644
--- a/README.md
+++ b/README.md
@@ -157,10 +157,10 @@ and why you decided against it.]
 
 ## Security and Privacy Considerations
 
-[This section can start out as your answers to the [Security and Privacy Self-Review
-Questionnaire](https://www.w3.org/TR/security-privacy-questionnaire/), but you should eventually
-focus it on the aspects of your feature that need special security or privacy attention from
-implementers or users.]
+[Describe any interesting answers you give to the [Security and Privacy Self-Review
+Questionnaire](https://www.w3.org/TR/security-privacy-questionnaire/) and any interesting ways that
+your feature interacts with [Chromium's Web Platform Security
+Guidelines](https://chromium.googlesource.com/chromium/src/+/master/docs/security/web-platform-security-guidelines.md).]
 
 ## Stakeholder Feedback / Opposition