How should we model security for an open development process? That's a question we need to consider for security.
Here is a repo where we have started writing: https://github.com/hartm/SecurityTaskForce.
Note that this is a TeX document. We will eventually want to publish formal-ish documents, which is why we are using TeX instead of just the wiki. If you want to use TeX but don't know how, here's enough that will let you build documents on a Mac: . Please feel free to ask questions and generate comments.