- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 27 Mar 2009 14:47:29 +0100
- To: Thomas Roessler <tlr@w3.org>
- Cc: Dan Connolly <connolly@w3.org>, public-ietf-w3c <public-ietf-w3c@w3.org>, Mark Nottingham <mnot@mnot.net>, Sam Ruby <rubys@us.ibm.com>
On 27 Mar 2009, at 14:42, Thomas Roessler wrote: > Thanks Sam and Dan! > > From the notes, I can't quite tell whether Origin and CORS got > discussed together or separately. That doesn't really match > reality, as there's (at least in the view of some) "Discussing them separately ignores an important motivation for Origin" is what I mean -- sorry for the unclear words. > value to using the same header for CORS and more general cross site > request forgery prevention. That aspect is, in my view, an > important element in the cost/benefit analysis for Origin. > > Concerning "JavaScript sandboxing", I wonder what precisely people > at the meeting had in mind. Is this another instance of the topic > area of last December's workshop > > http://www.w3.org/2008/security-ws/ > > ... or is something different meant? > > Regards, > -- > Thomas Roessler, W3C <tlr@w3.org> > > > > > > > > On 27 Mar 2009, at 13:34, Dan Connolly wrote: > >> On Tue, 2009-02-24 at 12:20 -0600, Dan Connolly wrote: >> [...] >>> And supplementary to IETF 75 near SFO an HTML 5 related get-together >>> is brewing. >>> http://esw.w3.org/topic/IETF_HTML5_Meeting_March_2009 >> >> That wiki topic now has notes from the meeting, mostly >> thanks to Sam Ruby. >> >> -- >> Dan Connolly, W3C http://www.w3.org/People/Connolly/ >> gpg D3C2 887B 0F92 6005 C541 0875 0F91 96DE 6E52 C29E >> >> >
Received on Friday, 27 March 2009 13:47:39 UTC