Re: CORS/UMP to become joint WebApps and WebAppSec joint deliverable

On Aug 3, 2011, at 07:48 , Maciej Stachowiak wrote:

> At Apple we have a somewhat lengthy internal process for joining new Working Groups, so if feedback has to go to a new WG's list, you will likely miss out on Apple feedback for at least a few months.

Is the hold-up over "feedback has to go to a new WG's list", or is it "Apple has to sign up to a new group"?

(I realize that you may have an internal policy that makes the latter a prerequisite to the former.)

From a purely technical W3C perspective, both Webapps and WebAppSec make IPR commitments to CORS and UMP.  Therefore, no reason to obtain additional commitments in order to take future (even substantive) comments from members of the WebApps WG on CORS and UMP into account.

Input on CSP would be a different story.

> In addition to this, I'd personally prefer to have discussion remain on public-webapps because we've managed to gather all the stakeholders here, and gathering them again will just add disruption and delay. Perhaps WebAppSec could be focused on new deliverables instead of taking over a deliverable that is relatively on track as it is. This could include a hypothetical CORS 2, or even production of the CORS test suite.

Care to elaborate on the CORS 2 idea?

Received on Wednesday, 3 August 2011 11:09:02 UTC