W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2011

Re: CfC: publish FPWD of Content Security Policy: Deadline Nov 22

From: Robin Berjon <robin@berjon.com>
Date: Tue, 15 Nov 2011 21:04:41 +0100
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, "public-web-security@w3.org" <public-web-security@w3.org>
Message-Id: <B0390120-9D37-4BDB-B9E5-848F8F01A1A3@berjon.com>
To: "Hill, Brad" <bhill@paypal-inc.com>
Hi,

just some completely editorial notes (I otherwise support publishing this).

On Nov 15, 2011, at 20:48 , Hill, Brad wrote:
> As discussed in our first Web App Sec WG meeting, the editors would like to publish a First Public Working Draft of the Content Security Policy and this is a Call for Consensus to do so:
>  
> http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html

You seem to be using a local version of ReSpec. I don't know how up to date you are with the latest version, but in general it is better to link directly to it since it does get regular bug fixes. At the very least you should probably update to the latest version.

Your configuration does not specify a wgPatentURI  be sure to fill that out (correctly) before you publish as it is essential to this document's IPR policy (which is doubly important for FPWD since it starts the exclusion period).

I also note that you manually create a reference to [ORIGIN] which does not point to the references section but rather straight to the document. It's probably better to be consistent there. If you did this because that specific reference isn't in the DB, that can easily be fixed. You also write your own copy of the conformance section boilerplate when ReSpec can do that for you. Our goal is to kill all boilerplate by writing as much as possible for you, you should use that :) In the same vein, you seem to have taken care of using the right h1-h6 elements for the given level  don't bother, the tool fixes that for you (convention is to just use h2 everywhere, but anything works).

There are probably other such things that could be fixed, I didn't check everything. If closer review would be helpful, don't hesitate to ask.

Other than that the document looks great and is very much useful!

-- 
Robin Berjon - http://berjon.com/ - @robinberjon
Received on Tuesday, 15 November 2011 20:05:23 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 15 November 2011 20:05:27 GMT