- From: Michal Zalewski <lcamtuf@coredump.cx>
- Date: Thu, 17 Dec 2009 00:53:28 -0800
- To: Mark Nottingham <mnot@mnot.net>
- Cc: Thomas Roessler <tlr@w3.org>, Bil Corry <bil@corry.biz>, public-web-security@w3.org
> As an aside -- I'm curious about the "they tend not to focus on such earthly things" characterisation. On what basis was that impression formed? Sorry, that was not meant to be inflammatory; historically, HTTP specs would either explicitly or implicitly steer clear of most implementation-level security topics (e.g., header charsets, precedence, caching header conflict resolution, etc). If that's not the intention anymore, good. /mz
Received on Thursday, 17 December 2009 08:54:11 UTC