Re: CSP & IETF BOF on HTTP Application Security?

Agreed, from what I've seen so far. It would be good for us to clearly
demarcate what's in scope for each group here.

On 6/9/10 9:25 AM, Brandon Sterne wrote:
> I think W3C is the right venue for CSP given that CSP is primarily
> geared towards content restrictions and HASMAT will be primarily focused
> on transport-level restrictions (think Origin header, STS, etc.).  I
> think there is a neat separation between these two areas which maps well
> to the areas of focus of IETF and W3C.
> 
> -Brandon
> 
> 
> On 06/03/2010 11:39 AM, Arthur Barstow wrote:
>> Would this be a reasonable/acceptable place for CSP?
>>
>> -Art Barstow
>>
>> P.S. "hasmat" - that's a good one!
>>>> From: Peter Saint-Andre<stpeter@stpeter.im>
>>>> Date: 3 June 2010 20:14:13 GMT+02:00
>>>> To: "apps-discuss@ietf.org"<apps-discuss@ietf.org>
>>>> Subject: Re: HTTP Application Security (HAS) BoF
>>>>
>>>> We now have a dedicated list for this BoF:
>>>>
>>>> https://www.ietf.org/mailman/listinfo/hasmat
>>>>
>>>> Please discuss further on that list. I'll be blasting various lists and
>>>> individuals regarding the BoF.
>>>>
>>>> On 6/2/10 8:11 AM, Peter Saint-Andre wrote:
>>>>     
>>>>> I've received a proposal to hold a birds of a feather (BoF) session at
>>>>> IETF 78 in Maastricht on the topic of HTTP Application Security.  A
>>>>> draft charter and agenda can be found below.  Please discuss on the
>>>>> apps-discuss@ietf.org list:
> 

Received on Wednesday, 9 June 2010 15:45:31 UTC