W3C home > Mailing lists > Public > public-web-security@w3.org > August 2011

Re: CORS/UMP to become joint WebApps and WebAppSec joint deliverable

From: Thomas Roessler <tlr@w3.org>
Date: Wed, 3 Aug 2011 13:08:54 +0200
Cc: Thomas Roessler <tlr@w3.org>, Anne van Kesteren <annevk@opera.com>, public-webapps <public-webapps@w3.org>, public-web-security <public-web-security@w3.org>, Arthur Barstow <art.barstow@nokia.com>
Message-Id: <0A2D2189-778C-4DDE-8DF4-50E052AB2362@w3.org>
To: Maciej Stachowiak <mjs@apple.com>
On Aug 3, 2011, at 07:48 , Maciej Stachowiak wrote:

> At Apple we have a somewhat lengthy internal process for joining new Working Groups, so if feedback has to go to a new WG's list, you will likely miss out on Apple feedback for at least a few months.

Is the hold-up over "feedback has to go to a new WG's list", or is it "Apple has to sign up to a new group"?

(I realize that you may have an internal policy that makes the latter a prerequisite to the former.)

From a purely technical W3C perspective, both Webapps and WebAppSec make IPR commitments to CORS and UMP.  Therefore, no reason to obtain additional commitments in order to take future (even substantive) comments from members of the WebApps WG on CORS and UMP into account.

Input on CSP would be a different story.

> In addition to this, I'd personally prefer to have discussion remain on public-webapps because we've managed to gather all the stakeholders here, and gathering them again will just add disruption and delay. Perhaps WebAppSec could be focused on new deliverables instead of taking over a deliverable that is relatively on track as it is. This could include a hypothetical CORS 2, or even production of the CORS test suite.

Care to elaborate on the CORS 2 idea?
Received on Wednesday, 3 August 2011 11:09:02 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 3 August 2011 11:09:02 GMT