W3C home > Mailing lists > Public > public-web-security@w3.org > May 2012

same-origin assertions in the DNS (Fwd: [apps-discuss] draft-sullivan-domain-origin-assert-00)

From: Thomas Roessler <tlr@w3.org>
Date: Sat, 5 May 2012 12:17:20 +0200
Cc: Thomas Roessler <tlr@w3.org>, Andrew Sullivan <ajs@anvilwalrusden.com>
Message-Id: <F5CC5359-B268-4F05-AB3A-2FA866BF285F@w3.org>
To: public-web-security <public-web-security@w3.org>
For your information:

This seems targeted at situations where different domain names want to assert that they're something like same-origin, and for use by security policies implemented in browsers.
Thomas Roessler, W3C  <tlr@w3.org>  (@roessler)

Begin forwarded message:

> From: Andrew Sullivan <ajs@anvilwalrusden.com>
> Subject: [apps-discuss] draft-sullivan-domain-origin-assert-00
> Date: May 4, 2012 23:08:53 +0200
> To: apps-discuss@ietf.org
> List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
> Dear colleagues,
> I posted today draft-sullivan-domain-origin-assert-00.txt.  The point
> of this draft is to outline a way of publishing records in the DNS, so
> that one can figure out what names have some sort of administrative
> link to one another (I've called this the "administrative realm",
> although probably not consistently, and I'm not too happy with the
> term).  The idea is that you'd be able to use the mechanism in order
> either to consider different DNS names as somehow linked together (so
> that, for instance, cookie policies or other such things could be
> adapted accordingly), or (more often) to determine that names are
> _not_ linked together in order to foil illegitimate attempts to assert
> links.  
> I can't think of any other list that is appropriate, but if people
> have an alternative I'm all ears.  I haven't explicitly pointed
> commenters at this list yet, pending permission from the list
> moderators.
> Comments (shredding, &c. &c.) are eagerly solicited.  
> Best regards,
> A
> -- 
> Andrew Sullivan
> ajs@anvilwalrusden.com
> _______________________________________________
> apps-discuss mailing list
> apps-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss
Received on Saturday, 5 May 2012 10:17:27 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:20 UTC