- From: Deian Stefan <deian@cs.stanford.edu>
- Date: Sun, 09 Nov 2014 22:37:48 -0800
- To: Brad Hill <hillbrad@fb.com>, Web Application Security Working Group <public-webappsec@w3.org>
Brad Hill <hillbrad@fb.com> writes: > Rechartering Thread 12: COWL > > Though not on our survey, Deian Stefan of Stanford introduced his COWL > proposal to the group at TPAC. > > http://cowl.ws > > My nutshell summary is that COWL is an efficient and backwards compatible > way to apply mandatory access controls using origin labels to webapp > information flows, opening very interesting new possibilities in mashups > and security reasoning about new features. > > There was strong positive sentiment towards the proposal at TPAC. > Implementation requires a few new features as part of CSP, and > additionally, Deian would need to outline what a normative specification > would look like. My call on the consensus so far is that if he is willing > to serve as an editor the group is interested in advancing the proposal. > > Please reply to this thread with comments or objections, if you are > interested in serving as a co-editor, or have additional relevant input > documents. I would love to serve as an editor and will start on the normative spec outline this week. Thanks! Best, Deian
Received on Monday, 10 November 2014 06:38:17 UTC