W3C home > Mailing lists > Public > public-webappsec@w3.org > June 2012

Re: Motion: Move CSP 1.0 to Last Call

From: Adam Barth <w3c@adambarth.com>
Date: Tue, 5 Jun 2012 16:53:52 -0700
Message-ID: <CAJE5ia95F-d1CTYf8BFgUTPzU3KJZHizjtWLdLbPMW8gK4Rx4g@mail.gmail.com>
To: Jacob Rossi <Jacob.Rossi@microsoft.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
On Tue, Jun 5, 2012 at 4:29 PM, Jacob Rossi <Jacob.Rossi@microsoft.com> wrote:
> We had some discussion in today's teleconference about ensuring that the content we link to in the HTML5 spec for the sandbox directive. I feel confident having worked with Hixie and Adam that the HTML5 content is stable for this feature. Linking to the W3C version of HTML5 (as opposed to the WHATWG edition) would be our preference as it, like CSP, is a W3C recommendation-track specification. Currently CSP links to the WHATWG HTML spec.

I've updated the spec to link to the W3C version.


> Otherwise, we support publishing a LC draft.
>> -----Original Message-----
>> From: Adam Barth [mailto:w3c@adambarth.com]
>> Sent: Tuesday, June 05, 2012 3:50 PM
>> To: public-webappsec@w3.org
>> Subject: Motion: Move CSP 1.0 to Last Call
>> As discussed on the teleconference today, I've edited the CSP 1.0 spec to
>> make the sandbox directive optional:
>> http://dvcs.w3.org/hg/content-security-policy/rev/6e60ee08c97a
>> I've left sandbox as required in CSP 1.1.
>> As there don't appear to be any remaining open issues, I'd like to move to
>> advance CSP 1.0 to Last Call.
>> http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-1.0-
>> specification.html
>> Thanks,
>> Adam
Received on Tuesday, 5 June 2012 23:54:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 June 2012 23:54:54 GMT