public-webappsec@w3.org from September 2015 by subject

[clear-site-data] clearing information about URLs visited

• Mike West (Monday, 14 September)
• Nick Doty (Monday, 14 September)

[CSP2] browser behavior on frame-ancestors violation through previous iframe content navigation

• fredericdelaporte@free.fr (Monday, 7 September)
• fredericdelaporte@free.fr (Friday, 4 September)

[CSP2] connect-src 'self' and websockets

• Brad Hill (Monday, 28 September)
• André N. Klingsheim (Monday, 28 September)
• Daniel Veditz (Monday, 28 September)
• Mike West (Monday, 28 September)
• André N. Klingsheim (Sunday, 27 September)

[CSP2] How to restrict resources linking to

• Brad Hill (Thursday, 3 September)
• yao zhongxiao (Wednesday, 2 September)
• Craig Francis (Wednesday, 2 September)
• yao zhongxiao (Wednesday, 2 September)

[CSP2]Is there a directive dealing with the window.opener.location phishing concern?

• Brad Hill (Wednesday, 30 September)
• Tanvi Vyas (Wednesday, 30 September)
• Jerry Qu (Wednesday, 30 September)
• Mike West (Wednesday, 30 September)
• Jerry Qu (Wednesday, 30 September)

[mixed-content] DASH Players and Mixed Content

• Nottingham, Mark (Tuesday, 22 September)
• Göran AP Eriksson (Saturday, 19 September)
• Anne van Kesteren (Friday, 18 September)
• Jon Piesing (Friday, 18 September)
• Anne van Kesteren (Friday, 18 September)
• Nottingham, Mark (Friday, 18 September)
• Mike West (Friday, 18 September)
• Anne van Kesteren (Friday, 18 September)
• Nottingham, Mark (Thursday, 17 September)
• Nottingham, Mark (Thursday, 17 September)
• Göran AP Eriksson (Tuesday, 8 September)

[webappsec] Call for Consensus: COWL to FPWD

• Mike West (Tuesday, 22 September)
• Brad Hill (Monday, 21 September)

[webappsec] CSP2 Implementation Report

• Brad Hill (Wednesday, 2 September)

[webappsec] more CSP test review begging

• Brad Hill (Tuesday, 1 September)

[webappsec] Next teleconference, 7-Sep-2015, CANCELLED

• Brad Hill (Wednesday, 2 September)

`iframe[@sandbox]`: "sandblaster" JS library for analysis/modification

• James M. Greene (Wednesday, 30 September)

A Somewhat Critical View of SOP (Same Origin Policy)

• Rigo Wenning (Saturday, 26 September)
• Rigo Wenning (Saturday, 26 September)
• Rigo Wenning (Saturday, 26 September)
• Rigo Wenning (Saturday, 26 September)
• Anders Rundgren (Saturday, 26 September)
• Alex Russell (Friday, 25 September)
• Henry Story (Friday, 25 September)
• Henry Story (Friday, 25 September)
• Dave Raggett (Friday, 25 September)
• Tony Arcieri (Friday, 25 September)
• ANDREAE Philip (Friday, 25 September)
• Dave Longley (Thursday, 24 September)
• Martin Paljak (Thursday, 24 September)
• Harry Halpin (Thursday, 24 September)
• Dave Longley (Thursday, 24 September)
• henry.story@bblfish.net (Thursday, 24 September)
• Anders Rundgren (Thursday, 24 September)
• Harry Halpin (Thursday, 24 September)
• Dave Longley (Thursday, 24 September)
• Harry Halpin (Thursday, 24 September)
• Dave Longley (Wednesday, 23 September)
• Harry Halpin (Wednesday, 23 September)
• Dave Longley (Wednesday, 23 September)
• Henry Story (Wednesday, 23 September)
• Jeffrey Yasskin (Wednesday, 23 September)
• Brad Hill (Wednesday, 23 September)
• Dave Longley (Wednesday, 23 September)
• Harry Halpin (Wednesday, 23 September)
• Dave Longley (Wednesday, 23 September)
• Adrian Hope-Bailie (Wednesday, 23 September)
• Anders Rundgren (Wednesday, 23 September)
• Harry Halpin (Wednesday, 23 September)
• henry.story@bblfish.net (Wednesday, 23 September)
• Harry Halpin (Wednesday, 23 September)
• Siva Narendra (Wednesday, 23 September)
• Anders Rundgren (Wednesday, 23 September)
• Henry Story (Saturday, 19 September)
• Jeffrey Walton (Friday, 18 September)
• Alex Russell (Friday, 18 September)
• Colin Gallagher (Thursday, 17 September)
• Henry Story (Thursday, 17 September)
• Rigo Wenning (Thursday, 17 September)
• Brad Hill (Thursday, 17 September)
• Rigo Wenning (Thursday, 17 September)
• Rigo Wenning (Thursday, 17 September)
• Henry Story (Wednesday, 16 September)
• Tony Arcieri (Wednesday, 16 September)
• Henry Story (Wednesday, 16 September)
• Henry Story (Wednesday, 16 September)
• Martin Thomson (Wednesday, 16 September)
• Brad Hill (Wednesday, 16 September)
• Henry Story (Wednesday, 16 September)
• Dave Longley (Wednesday, 16 September)
• Rigo Wenning (Wednesday, 16 September)
• Rigo Wenning (Wednesday, 16 September)
• Rigo Wenning (Wednesday, 16 September)
• Tony Arcieri (Wednesday, 16 September)
• Brad Hill (Tuesday, 15 September)
• Alex Russell (Tuesday, 15 September)
• Henry Story (Tuesday, 15 September)
• Henry Story (Tuesday, 15 September)
• Alex Russell (Tuesday, 15 September)
• Henry Story (Tuesday, 15 September)
• Tony Arcieri (Tuesday, 15 September)
• Rigo Wenning (Tuesday, 15 September)
• Eric Mill (Tuesday, 15 September)
• Rigo Wenning (Monday, 14 September)
• Tony Arcieri (Monday, 14 September)
• Henry Story (Monday, 14 September)
• Rigo Wenning (Monday, 14 September)
• Anders Rundgren (Tuesday, 1 September)
• Tony Arcieri (Tuesday, 1 September)
• Anders Rundgren (Tuesday, 1 September)
• Tony Arcieri (Tuesday, 1 September)

Automatic private browsing upgrades

• Mike West (Wednesday, 16 September)
• Francois Marier (Wednesday, 16 September)
• Mike West (Monday, 14 September)
• Nick Doty (Monday, 14 September)
• Mark Nottingham (Tuesday, 8 September)
• Richard Barnes (Thursday, 3 September)
• Mike West (Thursday, 3 September)
• Richard Barnes (Thursday, 3 September)
• Francois Marier (Thursday, 3 September)

Caching of web content based on hashes?

• Christian Nygaard (Saturday, 5 September)
• Ángel González (Friday, 4 September)
• Christian Nygaard (Thursday, 3 September)
• Richard Barnes (Thursday, 3 September)
• Brad Hill (Thursday, 3 September)
• Martin Thomson (Thursday, 3 September)
• Richard Barnes (Thursday, 3 September)
• Christian Nygaard (Wednesday, 2 September)

Call for Exclusions (Update): Entry Point Regulation

• Xueyuan Jia (Wednesday, 9 September)

CfC: Republish MIX as a CR; deadline Sept. 15th.

• Mike West (Tuesday, 8 September)

CfC: Transition "Secure Contexts" to CR; deadline October 1st.

• Mike West (Thursday, 24 September)

Coming back to CREDENTIAL.

• Dave Longley (Tuesday, 22 September)
• Mike West (Tuesday, 22 September)
• Mike West (Tuesday, 15 September)
• Dave Longley (Monday, 14 September)
• Mike West (Tuesday, 8 September)
• Dick Hardt (Monday, 7 September)
• Dave Longley (Monday, 7 September)
• Mike West (Thursday, 3 September)
• Dave Longley (Wednesday, 2 September)
• Mike West (Wednesday, 2 September)
• Dave Longley (Wednesday, 2 September)
• Mike West (Wednesday, 2 September)
• Adrian Hope-Bailie (Tuesday, 1 September)
• Mike West (Tuesday, 1 September)

CSP 401 Issue

• Kepeng Li (Thursday, 10 September)
• Anne van Kesteren (Wednesday, 9 September)
• Mike West (Wednesday, 9 September)
• Anne van Kesteren (Wednesday, 9 September)
• Tanvi Vyas (Wednesday, 9 September)
• Anne van Kesteren (Sunday, 6 September)
• Kepeng Li (Sunday, 6 September)
• Anne van Kesteren (Saturday, 5 September)

CSP3 as a polylithic set of modules?

• Mike West (Wednesday, 30 September)
• Brian Smith (Tuesday, 29 September)
• Mike West (Tuesday, 29 September)
• Mike West (Tuesday, 29 September)
• Jim Manico (Tuesday, 29 September)
• Jonathan Kingston (Tuesday, 29 September)
• Brian Smith (Monday, 28 September)
• Joel Weinberger (Monday, 28 September)
• Brian Smith (Monday, 28 September)
• Mike West (Saturday, 26 September)

Fwd: Password generation classes

• Jonathan Kingston (Wednesday, 30 September)

HSTS, mixed content, and priming

• Jacob Hoffman-Andrews (Monday, 21 September)

Password generation classes

• Jonathan Kingston (Wednesday, 30 September)
• John Wong (Wednesday, 30 September)
• John Wong (Wednesday, 30 September)
• Jonathan Kingston (Wednesday, 30 September)

Permissions API

• Mike West (Saturday, 26 September)
• Mike O'Neill (Saturday, 26 September)

Referrer value for resources fetched from CSS

• Boris Zbarsky (Wednesday, 30 September)
• Jochen Eisinger (Wednesday, 30 September)
• Boris Zbarsky (Wednesday, 30 September)
• Jochen Eisinger (Wednesday, 30 September)
• Boris Zbarsky (Wednesday, 30 September)
• Jochen Eisinger (Wednesday, 30 September)
• Anne van Kesteren (Wednesday, 30 September)
• Jochen Eisinger (Wednesday, 30 September)
• Boris Zbarsky (Wednesday, 30 September)
• Jochen Eisinger (Wednesday, 30 September)
• Anne van Kesteren (Wednesday, 30 September)
• Jochen Eisinger (Wednesday, 30 September)
• Jochen Eisinger (Tuesday, 29 September)
• Tanvi Vyas (Monday, 28 September)
• Jochen Eisinger (Tuesday, 8 September)
• Mike West (Tuesday, 8 September)
• Yoav Weiss (Tuesday, 8 September)

RfC: Service Workers

• Arthur Barstow (Monday, 21 September)
• Arthur Barstow (Monday, 21 September)

Secure Contexts: It's worth taking another look.

• Anne van Kesteren (Friday, 11 September)
• Mike West (Friday, 11 September)

SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)

• Henry Story (Wednesday, 30 September)
• Tony Arcieri (Tuesday, 29 September)
• Hodges, Jeff (Tuesday, 29 September)
• Tony Arcieri (Tuesday, 29 September)
• Brad Hill (Tuesday, 29 September)
• Henry Story (Tuesday, 29 September)
• Hodges, Jeff (Monday, 28 September)
• Henry Story (Monday, 28 September)
• GALINDO Virginie (Monday, 28 September)
• Henry Story (Monday, 28 September)

Split the `w3c/webappsec` respository?

• Mike West (Friday, 11 September)
• Frederik Braun (Friday, 11 September)
• Mike West (Friday, 11 September)
• Jonathan Kingston (Thursday, 10 September)
• Wendy Seltzer (Thursday, 10 September)
• Mike West (Thursday, 10 September)
• Brad Hill (Wednesday, 9 September)
• Ángel González (Wednesday, 9 September)
• Neil Matatall (Wednesday, 9 September)
• Eric Mill (Wednesday, 9 September)
• Oda, Terri (Wednesday, 9 September)
• Joel Weinberger (Wednesday, 9 September)
• Mike West (Wednesday, 9 September)
• Francois Marier (Tuesday, 8 September)
• Deian Stefan (Tuesday, 8 September)
• David Ross (Tuesday, 8 September)
• Brad Hill (Tuesday, 8 September)
• Frederik Braun (Tuesday, 8 September)
• Mike West (Tuesday, 8 September)
• Jochen Eisinger (Tuesday, 8 September)
• Mike West (Tuesday, 8 September)

SRI: data URIs and Blob URL

• Anne van Kesteren (Thursday, 24 September)
• Francois Marier (Thursday, 24 September)
• Jerry Qu (Thursday, 24 September)
• Anne van Kesteren (Wednesday, 23 September)
• Jerry Qu (Wednesday, 23 September)

SRI: edge case when loading the same stylesheet twice in a document

• Tanvi Vyas (Monday, 21 September)
• Francois Marier (Monday, 21 September)
• Tanvi Vyas (Monday, 21 September)
• Daniel Veditz (Saturday, 19 September)
• Jonathan Kingston (Friday, 18 September)
• Brian Smith (Friday, 18 September)
• Anne van Kesteren (Thursday, 17 September)
• Francois Marier (Thursday, 17 September)
• Francois Marier (Thursday, 17 September)
• Anne van Kesteren (Thursday, 17 September)
• Frederik Braun (Thursday, 17 September)
• Conrad Irwin (Thursday, 17 September)
• Francois Marier (Wednesday, 16 September)

Starting to create new repositories.

• Deian Stefan (Wednesday, 30 September)
• Frederik Braun (Wednesday, 30 September)
• Mike West (Wednesday, 30 September)

Testing W3C's HTTPS setup

• Mike West (Wednesday, 23 September)
• Tanvi Vyas (Wednesday, 23 September)
• Alex Russell (Tuesday, 22 September)
• Eric Mill (Monday, 21 September)
• Richard Barnes (Monday, 21 September)
• Anne van Kesteren (Monday, 21 September)
• Jim Manico (Monday, 21 September)
• Eric Mill (Monday, 21 September)
• Mike West (Monday, 21 September)
• Jose Kahan (Monday, 21 September)
• Mike West (Monday, 21 September)
• Jose Kahan (Monday, 21 September)
• Mike West (Monday, 21 September)
• Jose Kahan (Monday, 21 September)
• Mike West (Tuesday, 15 September)
• Mike West (Monday, 14 September)

WebAppSec Teleconference Agenda 21-Sep-2015

• Mike West (Monday, 21 September)
• Brad Hill (Monday, 21 September)
• Deian Stefan (Monday, 21 September)
• Mike West (Sunday, 20 September)
• Daniel Veditz (Sunday, 20 September)

Last message date: Wednesday, 30 September 2015 21:23:12 UTC