- From: Sunava Dutta <sunavad@windows.microsoft.com>
- Date: Fri, 13 Jun 2008 15:51:52 -0700
- To: Jonas Sicking <jonas@sicking.cc>
- CC: Arthur Barstow <art.barstow@nokia.com>, Marc Silbey <marcsil@windows.microsoft.com>, "public-webapps@w3.org" <public-webapps@w3.org>, "arun@mozilla.com" <arun@mozilla.com>, Eric Lawrence <ericlaw@exchange.microsoft.com>, Chris Wilson <Chris.Wilson@microsoft.com>, David Ross <dross@windows.microsoft.com>, "Mark Shlimovich (SWI)" <marksh@microsoft.com>, Doug Stamper <dstamper@exchange.microsoft.com>, Zhenbin Xu <Zhenbin.Xu@microsoft.com>
Inline.... > -----Original Message----- > From: Jonas Sicking [mailto:jonas@sicking.cc] > Sent: Friday, June 13, 2008 3:28 PM > To: Sunava Dutta > Cc: Arthur Barstow; Marc Silbey; public-webapps@w3.org; > arun@mozilla.com; Eric Lawrence; Chris Wilson; David Ross; Mark > Shlimovich (SWI); Doug Stamper; Zhenbin Xu > Subject: Re: Seeking earlier feedback from MS [Was: IE Team's Proposal > for Cross Site Requests] > > Sunava Dutta wrote: > > Inline... > > > >> -----Original Message----- > >> From: Jonas Sicking [mailto:jonas@sicking.cc] > >> Sent: Friday, June 13, 2008 1:53 PM > >> To: Sunava Dutta > >> Cc: Arthur Barstow; Marc Silbey; public-webapps@w3.org; > >> arun@mozilla.com; public-webapi@w3.org WG (public); public- > >> appformats@w3.org; Eric Lawrence; Chris Wilson; David Ross; Mark > >> Shlimovich (SWI); Doug Stamper; Zhenbin Xu > >> Subject: Re: Seeking earlier feedback from MS [Was: IE Team's > Proposal > >> for Cross Site Requests] > >> > >> Sunava Dutta wrote: > >>> Woo hooo, my first mail to the new webapps alias! -:) > >>> > >>> Thanks for waiting for us to get feedback in from people across > MSFT. > >> As promised, here is the whitepaper on client side cross domain > >> security articulating the security principles and challenges (high > >> level and specifics ) of the current CS-XHR draft. > >>> I've also addressed the questions members raised in the FAQ. > >> Thanks Sunava, I look forward to reading this once it is available > in > >> an > >> acceptable license. > >> > >> However, I would further hope that you are able to discuss the > feedback > >> that are sure to be raised? As with your initial feedback, much of > the > >> results of these discussions will also require research and so it is > >> good if we can get as much done before the face to face as possible. > > > > [Sunava Dutta] We're kind of heads down in our development cycle with > IE8 and the F2F is the first opportunity to discuss this at length. > Personally, I have other urgent pending standards related items in HTML > 5.0 and Web Apps that I'll be having to attend to. (I wish our AJAX > team here was bigger!) > > So is that a 'no'? That would be very unfortunate as it just means that > we won't be that much further along after the F2F then we are now as > far > as taking microsofts input into account :([Sunava Dutta] [Sunava Dutta] Sorry Jonas, but I really don't know what else you want me to say. In case you have forgotten, our conversation a few weeks back (You, Arun, Window, EricLaw [MSFT], Chris [MSFT] and I) on teleconference on CS-XHR and XDR as you yourself said was very informative for Mozilla on articulating why we have security concerns with CS-XHR and reasons why we are shipping XDR. At least Mozilla should have a good understanding of our concerns although no doubt the paper will expand on that. Meanwhile, yes 2 weeks is short and I look forward to spending that time moving forward my other numerous commitments before we further discuss this. > > / Jonas
Received on Friday, 13 June 2008 22:52:46 UTC