W3C home > Mailing lists > Public > www-talk@w3.org > January to February 2009

Re: Origin vs Authority; use of HTTPS (draft-nottingham-site-meta-01)

From: Adam Barth <w3c@adambarth.com>
Date: Thu, 12 Feb 2009 12:31:13 -0800
Message-ID: <7789133a0902121231m5d4e0bf9r7ce059fba825ed3a@mail.gmail.com>
To: Breno de Medeiros <breno@google.com>
Cc: Mark Nottingham <mnot@mnot.net>, Eran Hammer-Lahav <eran@hueniverse.com>, "www-talk@w3.org" <www-talk@w3.org>

On Thu, Feb 12, 2009 at 11:38 AM, Breno de Medeiros <breno@google.com> wrote:
> Adam, did you try to create myspace.com/favicon.ico ?

I didn't try, but they already have their favicon there, so I suspect
it wouldn't work.

> You may not consider that a threat by companies do. If they were caught
> distributing illegal images to every browser that navigates to the root of
> their domain, they might be liable to crippling prosecution.

I mean, considering I can upload arbitrary images to my MySpace
profile, I doubt this would cause them much consternation.

> This is a common problem with all well-known-locations. That is why
> host-meta was written in a generic format so that it can be the _last_
> well-known-location. WKLs are evil, but also necessary.

Yeah, as I said in my first email, I think host-meta will be super useful.

Adam
Received on Thursday, 12 February 2009 20:31:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:30 GMT