- From: Brian Smith <brian@briansmith.org>
- Date: Wed, 11 Feb 2015 12:04:36 -0800
- To: Mike West <mkwst@google.com>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, Brad Hill <hillbrad@gmail.com>, Dan Veditz <dveditz@mozilla.com>, Wendy Seltzer <wseltzer@w3.org>, Peter Eckersley <pde@eff.org>, yan zhu <yan@mit.edu>
Mike West <mkwst@google.com> wrote: > This is a call for consensus to publish* the following draft of "Upgrade > Insecure Resources" as a First Public Working Draft: > > https://w3c.github.io/webappsec/specs/upgrade/published/2015-02-FPWD.html > WDYT? Please send comments to public-webappsec@w3.org. Positive feedback is > encouraged. Negative feedback is encouraged. Anything other than a lack of > feedback is encouraged. :) I support this effort. However, this shouldn't be a separate spec from MIX. I understand that from a document preparation perspective, there are benefits to having things split up in multiple documents. However, from the perspective of somebody trying to read such specifications, having related content spread across multiple documents is confusing. In this case, in particular, having one of the coping mechanisms for the rest of MIX defined in a separate document is bad. Maybe there is some concern that if we add this to MIX, then the rest of MIX will be delayed. I am not sure that matters, practically. But, if people feel like that is a concern, then we should just start a MIX 2 draft that is MIX + this feature. Cheers, Brian
Received on Wednesday, 11 February 2015 20:05:03 UTC