- From: Larry Masinter <masinter@adobe.com>
- Date: Sun, 16 Sep 2012 18:08:03 -0700
- To: Barry Leiba <barryleiba@computer.org>, Adam Barth <w3c@adambarth.com>
- CC: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "Martin J. Dürst" <duerst@it.aoyama.ac.jp>, Peter Saint-Andre <stpeter@stpeter.im>, "michel@suignard.com" <michel@suignard.com>, "tony@att.com" <tony@att.com>, "plh@w3.org" <plh@w3.org>, "adil@diwan.com" <adil@diwan.com>, "robin@berjon.com" <robin@berjon.com>, "ted.ietf@gmail.com" <ted.ietf@gmail.com>, "John O'Conner" <jooconne@adobe.com>, "presnick@qualcomm.com" <presnick@qualcomm.com>, "chris@lookout.net" <chris@lookout.net>, "public-ietf-w3c@w3.org" <public-ietf-w3c@w3.org>
Most of the people who are "in favor" of registerProtocolHandler don't go to IETF meetings at all, so talking about it at IETF won't be helpful. Some of them don't show up at W3C meetings either, but at least some of them will be at W3C TPAC http://www.w3.org/2012/10/TPAC/ the week before. Since we're having this discussion on "public-ietf-w3c", perhaps the meta-issue of methods for coordinating security review isn't out of scope? If the web community (through WHATWG or W3C or whatever) propose standards that impact non-web applications and clients, what is a sensible process for technical review? -----Original Message----- From: barryleiba.mailing.lists@gmail.com [mailto:barryleiba.mailing.lists@gmail.com] On Behalf Of Barry Leiba Sent: Sunday, September 16, 2012 2:20 PM To: Adam Barth Cc: Stephen Farrell; Larry Masinter; "Martin J. Dürst"; Peter Saint-Andre; michel@suignard.com; tony@att.com; plh@w3.org; adil@diwan.com; robin@berjon.com; ted.ietf@gmail.com; John O'Conner; presnick@qualcomm.com; chris@lookout.net; public-ietf-w3c@w3.org Subject: Re: web+ and registerProtocolHandler >> So I've seen a bunch of uniformly negative mail on this >> and nothing positive fwiw. > > That's because the folks who are in favor of doing this aren't > participating in this discussion. Indeed, so... >> Maybe it'd be good to get an appsarea presentation on it >> at an IETF meeting (assuming that's not happened) so the >> broader community get to know about it? >> >> I don't really know enough to be against it myself but >> it does sound like a bad security idea from the mails I've >> seen pass by so count me amongst those concerned about >> this. > > I'd caution you about forming an opinion after having heard only one > side of the issue. And I don't think Stephen has formed an opinion, so much as that he's *asking*, specifically, to hear the other side. I think a presentation and discussion in the Apps Area meeting in Atlanta (Monday morning, 5 Nov) would be good. Can we make this happen? Barry
Received on Monday, 17 September 2012 01:10:32 UTC