RE: Motion: Move CSP 1.0 to Last Call

We had some discussion in today's teleconference about ensuring that the content we link to in the HTML5 spec for the sandbox directive. I feel confident having worked with Hixie and Adam that the HTML5 content is stable for this feature. Linking to the W3C version of HTML5 (as opposed to the WHATWG edition) would be our preference as it, like CSP, is a W3C recommendation-track specification. Currently CSP links to the WHATWG HTML spec.

Otherwise, we support publishing a LC draft.

> -----Original Message-----
> From: Adam Barth [mailto:w3c@adambarth.com]
> Sent: Tuesday, June 05, 2012 3:50 PM
> To: public-webappsec@w3.org
> Subject: Motion: Move CSP 1.0 to Last Call
> 
> As discussed on the teleconference today, I've edited the CSP 1.0 spec to
> make the sandbox directive optional:
> 
> http://dvcs.w3.org/hg/content-security-policy/rev/6e60ee08c97a
> 
> I've left sandbox as required in CSP 1.1.
> 
> As there don't appear to be any remaining open issues, I'd like to move to
> advance CSP 1.0 to Last Call.
> 
> http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-1.0-
> specification.html
> 
> Thanks,
> Adam
> 

Received on Tuesday, 5 June 2012 23:30:06 UTC