W3C home > Mailing lists > Public > public-web-security@w3.org > June 2010

Re: CSP & IETF BOF on HTTP Application Security?

From: Brandon Sterne <bsterne@mozilla.com>
Date: Wed, 09 Jun 2010 08:25:20 -0700
Message-ID: <4C0FB260.5060606@mozilla.com>
To: art.barstow@nokia.com
CC: ext Thomas Roessler <tlr@w3.org>, Jonas Sicking <jonas@sicking.cc>, Arun Ranganathan <arun@mozilla.com>, ext Daniel Veditz <dveditz@mozilla.com>, "public-web-security@w3.org" <public-web-security@w3.org>
I think W3C is the right venue for CSP given that CSP is primarily
geared towards content restrictions and HASMAT will be primarily focused
on transport-level restrictions (think Origin header, STS, etc.).  I
think there is a neat separation between these two areas which maps well
to the areas of focus of IETF and W3C.


On 06/03/2010 11:39 AM, Arthur Barstow wrote:
> Would this be a reasonable/acceptable place for CSP?
> -Art Barstow
> P.S. "hasmat" - that's a good one!
>>> From: Peter Saint-Andre<stpeter@stpeter.im>
>>> Date: 3 June 2010 20:14:13 GMT+02:00
>>> To: "apps-discuss@ietf.org"<apps-discuss@ietf.org>
>>> Subject: Re: HTTP Application Security (HAS) BoF
>>> We now have a dedicated list for this BoF:
>>> https://www.ietf.org/mailman/listinfo/hasmat
>>> Please discuss further on that list. I'll be blasting various lists and
>>> individuals regarding the BoF.
>>> On 6/2/10 8:11 AM, Peter Saint-Andre wrote:
>>>> I've received a proposal to hold a birds of a feather (BoF) session at
>>>> IETF 78 in Maastricht on the topic of HTTP Application Security.  A
>>>> draft charter and agenda can be found below.  Please discuss on the
>>>> apps-discuss@ietf.org list:
Received on Wednesday, 9 June 2010 15:26:30 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:17 UTC