- From: Paul Cotton <Paul.Cotton@microsoft.com>
- Date: Thu, 6 Aug 2015 14:19:19 +0000
- To: Bob Lund <B.Lund@CableLabs.com>
- CC: "public-html-media@w3.org" <public-html-media@w3.org>
- Message-ID: <CY1PR0301MB1196D41F7A724D47B907A254EA740@CY1PR0301MB1196.namprd03.prod.outlook.>
> Once that is completed, we'll know what action to take with WebAppSec. Can you give us an update on ACTION-93 before the Aug 18 Media TF meeting when we will discuss EME topics? /paulc Paul Cotton, Microsoft Canada 17 Eleanor Drive, Ottawa, Ontario K2E 6A3 Tel: (425) 705-9596 Fax: (425) 936-7329 From: Bob Lund [mailto:B.Lund@CableLabs.com] Sent: Monday, July 06, 2015 4:25 PM To: Paul Cotton Cc: public-html-media@w3.org Subject: Re: ACTION-93: Get in touch with webappsec wg about the "privileged context" which is more generic than saying https, etc." From: Paul Cotton <Paul.Cotton@microsoft.com<mailto:Paul.Cotton@microsoft.com>> Date: Monday, July 6, 2015 at 12:56 PM To: Bob Lund <b.lund@cablelabs.com<mailto:b.lund@cablelabs.com>> Cc: "<public-html-media@w3. org<mailto:public-html-media@w3.%20org>>" <public-html-media@w3.org<mailto:public-html-media@w3.org>> Subject: RE: ACTION-93: Get in touch with webappsec wg about the "privileged context" which is more generic than saying https, etc." Is there any change in the status of ACTION-93? Some progress is being made. The essence of the problem is that HTTPS to home network web servers requires a sever HTTPS certificate that is in the client browser's trust store. Upcoming CAB Forum requirements will limit these types of certificates to hosts with FQDNs, which is not something home network hosts typically have. We are in the process of working with a CA to understand options and what impact, if any, these might have on browser requirements. Once that is completed, we'll know what action to take with WebAppSec. Bob /paulc Paul Cotton, Microsoft Canada 17 Eleanor Drive, Ottawa, Ontario K2E 6A3 Tel: (425) 705-9596 Fax: (425) 936-7329 From: Bob Lund [mailto:B.Lund@CableLabs.com] Sent: Monday, June 15, 2015 5:12 PM To: Paul Cotton Cc: public-html-media@w3.org<mailto:public-html-media@w3.org> Subject: Re: ACTION-93: Get in touch with webappsec wg about the "privileged context" which is more generic than saying https, etc." Paul, We're still assessing the specific issues regarding problems with HTTPS with home network devices. I don't have an update as to when we'll come to conclusions and submit a bug with the WebAppSec WG. Bob From: Paul Cotton <Paul.Cotton@microsoft.com<mailto:Paul.Cotton@microsoft.com>> Date: Wednesday, June 10, 2015 at 10:00 PM To: Bob Lund <b.lund@cablelabs.com<mailto:b.lund@cablelabs.com>> Cc: "<public-html-media@w3. org<mailto:public-html-media@w3.%20org>>" <public-html-media@w3.org<mailto:public-html-media@w3.org>> Subject: RE: ACTION-93: Get in touch with webappsec wg about the "privileged context" which is more generic than saying https, etc." You previously responded on Jun 1 that your were doing some private work on this matter before contacting the WebAppSec WG. Can you give us any update? /paulc Paul Cotton, Microsoft Canada 17 Eleanor Drive, Ottawa, Ontario K2E 6A3 Tel: (425) 705-9596 Fax: (425) 936-7329 From: Paul Cotton [mailto:Paul.Cotton@microsoft.com] Sent: Monday, June 01, 2015 5:03 PM To: Bob Lund Cc: public-html-media@w3.org<mailto:public-html-media@w3.org> Subject: ACTION-93: Get in touch with webappsec wg about the "privileged context" which is more generic than saying https, etc." ACTION-93: Get in touch with webappsec wg about the "privileged context" which is more generic than saying https, etc." http://www.w3.org/html/wg/media/track/actions/93 Can you provide an update on this action item from the May 19 TF meeting [1]? /paulc [1] http://www.w3.org/2015/05/19-html-media-minutes.html#item06 Paul Cotton, Microsoft Canada 17 Eleanor Drive, Ottawa, Ontario K2E 6A3 Tel: (425) 705-9596 Fax: (425) 936-7329
Received on Thursday, 6 August 2015 14:19:52 UTC