Re: "privacy-sensitive" context (was: Comments on the HTTP Sec-From Header (draft-abarth-origin)) from =JeffH on 2009-07-15 (ietf-http-wg@w3.org from July to September 2009)

From: =JeffH <Jeff.Hodges@KingsMountain.com>
Date: Tue, 14 Jul 2009 20:35:22 -0700
To: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <4A5D4E7A.5010906@KingsMountain.com>

I scrawled..
 >
 > 7. Section 5 -- "privacy-sensitive" context is undefined. It is implicitly
 > vaguely defined in sec 7. Also, assuming a definition exists, how does some
 > given UA "know" whether it is "in" a privacy-sensitive context ?

..but I hadn't yet read this thread over on public-webapps@..


Denoting privacy-sensitive requests (was: Re: Do we need to rename the Origin 
header?)
http://www.mail-archive.com/public-webapps@w3.org/msg04198.html


which discusses this notion. Basically, draft-abarth-origin is intended to be 
profiled by other specs, e.g. HTML5, and it is (intended that) within such 
higher-level context that the "privacy-sensitive" notion will be materialized.

=JeffH

Received on Wednesday, 15 July 2009 03:36:06 UTC