W3C home > Mailing lists > Public > public-powderwg@w3.org > July 2007

Re: Aligning grouping of resources in POWDER and WAF Access Control.

From: Jonas Sicking <jonas@sicking.cc>
Date: Wed, 25 Jul 2007 13:50:05 -0700
Message-ID: <46A7B77D.2090301@sicking.cc>
To: Anne van Kesteren <annevk@opera.com>
CC: Phil Archer <parcher@icra.org>, public-appformats@w3.org, Public POWDER <public-powderwg@w3.org>

Anne van Kesteren wrote:
> On Mon, 23 Jul 2007 20:29:42 +0200, Jonas Sicking <jonas@sicking.cc> wrote:
>>>  OK, forget the ? notation. Your examples are very clear and we seem 
>>> in full alignment that <foo.com> includes sub domains but <*.foo.com> 
>>> wouldn't include foo.com itself.
>>
>> Sounds great. What do other people think of switching to this syntax? 
>> The difference from the current spec would be to change
> 
> The only slightly confusing thing is that <http://foo.com> also matches 
> <http://bar.foo.com> but I suppose that's ok.

Yeah, I agree, but given all other alternatives I think this is better. 
If for example someone does

CAC: allow <*> exclude <http://evil.com>

is most likely useless since the owners of very.evil.com are the same 
ones as evil.com. So it's not unlikely that the rule can be easily 
circumvented.

It's not ideal, but it's the least bad suggestion yet IMHO.

/ Jonas
Received on Wednesday, 25 July 2007 20:50:57 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:42:11 GMT