W3C home > Mailing lists > Public > public-web-security@w3.org > May 2012

Re: same-origin assertions in the DNS (Fwd: [apps-discuss] draft-sullivan-domain-origin-assert-00)

From: Peter Saint-Andre <stpeter@stpeter.im>
Date: Sun, 06 May 2012 19:17:43 -0600
Message-ID: <4FA722B7.3000303@stpeter.im>
To: Thomas Roessler <tlr@w3.org>
CC: public-web-security <public-web-security@w3.org>, Andrew Sullivan <ajs@anvilwalrusden.com>
On 5/5/12 4:17 AM, Thomas Roessler wrote:
> For your information:
> 	http://tools.ietf.org/html/draft-sullivan-domain-origin-assert-00
> This seems targeted at situations where different domain names want to assert that they're something like same-origin, and for use by security policies implemented in browsers.

Hi Thomas,

Having talked with Andrew and other folks quite a bit about this topic
(most recently at IETF 83), I'd say that ultimately it is directed at
finding a way to build a scalable approach to solving the same problem
that is solved right now with the public suffix list.


Peter Saint-Andre
Received on Monday, 7 May 2012 01:18:12 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:20 UTC