W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2021

Re: draft-ietf-httpbis-bcp56bis-11, "4.14. Maintaining Application Boundaries"

From: Mark Nottingham <mnot@mnot.net>
Date: Mon, 19 Apr 2021 18:13:10 +1000
Cc: ietf-http-wg@w3.org
Message-Id: <4A94E801-31AE-4E6B-9E11-C2B16C768A2F@mnot.net>
To: "Julian F. Reschke" <julian.reschke@gmx.de>
BCP56bis is a set of recommendations for applications that build on top of HTTP, not just commentary on those specs. In particular, the section you're referring to is talking about browser mechanisms for security, which do *not* reference HTTP for this definition; they reference Origin.

Cheers,


> On 19 Apr 2021, at 6:11 pm, Julian Reschke <julian.reschke@gmx.de> wrote:
> 
> Am 19.04.2021 um 09:20 schrieb Mark Nottingham:
>> I don't think so, unless we want to deprecate that RFC (which AFAICT hasn't yet been discussed).
>> ...
> 
> I don't see how that would follow.
> 
> BCP56bis is commentary on top of the HTTP specs, and those have switched
> to their own definition of "Origin", so it might make sense to be
> consistent with that.
> 
> Best regards, Julian

--
Mark Nottingham   https://www.mnot.net/
Received on Monday, 19 April 2021 08:13:32 UTC

This archive was generated by hypermail 2.4.0 : Monday, 19 April 2021 08:13:33 UTC