public-web-security@w3.org from December 2009 by thread

HTTP Mutual-auth proposal status / HTTP AUTH meet-up in Anaheim? Yutaka OIWA (Thursday, 24 December)

following up on STS feedback -- draft-hodges-strict-transport-sec-06.plain.html =JeffH (Friday, 18 December)

Handling multiple headers when only one is allowed Bil Corry (Wednesday, 16 December)

STS and "mixed content" (Part 3 of Re: Feedback on the Strict-Transport-Security specification) =JeffH (Wednesday, 16 December)

fyi: wiki/Same_Origin_Policy linked-to by Browser Security Handbook (BSH) =JeffH (Tuesday, 15 December)

Request for Comments: LCWD of Widget Access Request Policy spec; deadline 13-Jan-2010 Arthur Barstow (Monday, 14 December)

Mobile Security barcamp - 19th January 2010, Sophia Antipolis David Rogers (Monday, 14 December)

STS user-agent processing and new max-age values Sid Stamm (Friday, 11 December)

Same origin CSS selector attacks gaz Heyes (Thursday, 10 December)

Re: STS and lockCA and EVonly (was: STS and lockCA (Gerv)) =JeffH (Thursday, 10 December)

more flexible ABNF for STS? (=JeffH) =JeffH (Wednesday, 9 December)

Other CSS attacks (Navigation monitor / History crawler / LAN scanner + attack ) Eduardo Vela (Wednesday, 9 December)

Sandboxed Scripts and Styles on HTML / comments? (idea?) Eduardo Vela (Wednesday, 9 December)

Feedback on the Strict-Transport-Security specification (EricLaw) =JeffH (Tuesday, 8 December)

Re: Feedback on the Strict-Transport-Security specification (Adam) =JeffH (Tuesday, 8 December)

Re: Feedback on the Strict-Transport-Security specification (part 2) =JeffH (Tuesday, 8 December)

Re: Feedback on the Strict-Transport-Security specification (part 1) =JeffH (Tuesday, 8 December)

Aryeh's comment thread wrt Strict Transport Security (STS) =JeffH (Tuesday, 8 December)

Bil's comment thread wrt Strict Transport Security (STS) =JeffH (Tuesday, 8 December)

STS and lockCA (Gerv) =JeffH (Tuesday, 8 December)

Jonas' comment thread wrt Strict Transport Security (STS) =JeffH (Tuesday, 8 December)

ACS (was Re: Seamless iframes + CSS3 selectors = bad idea) Adam Barth (Tuesday, 8 December)

Cross Site Attacks Sigbjørn Vik (Monday, 7 December)

javascript URIs on stylesheets/redirections Eduardo Vela (Monday, 7 December)

call for reviewers: XMLHttpRequest Last Call Thomas Roessler (Sunday, 6 December)

Sandboxed iframes (was Re: Seamless iframes + CSS3 selectors = bad idea) Adam Barth (Sunday, 6 December)

Seamless iframes + CSS3 selectors = bad idea Eduardo Vela (Friday, 4 December)

What is the same-origin policy for (was Re: The Origin header) Adam Barth (Friday, 4 December)

The Origin header (was Re: HTTPbis and the Same Origin Policy) Adam Barth (Thursday, 3 December)

fyi: original thread: HTTPbis and the Same Origin Policy =JeffH (Wednesday, 2 December)

Re: HTTPbis and the Same Origin Policy Tyler Close (Wednesday, 2 December)

wrt wiki/Strict_Transport_Security =JeffH (Wednesday, 2 December)

related security models to same origin policy Albert Lunde (Wednesday, 2 December)

wiki/Same_Origin_Policy Adam Barth (Tuesday, 1 December)

Welcome to the W3C web security mailing list Thomas Roessler (Tuesday, 1 December)

Last message date: Tuesday, 29 December 2009 06:51:15 UTC