same-origin assertions in the DNS (Fwd: [apps-discuss] draft-sullivan-domain-origin-assert-00)

For your information:

This seems targeted at situations where different domain names want to assert that they're something like same-origin, and for use by security policies implemented in browsers.
Thomas Roessler, W3C  <>  (@roessler)

Begin forwarded message:

> From: Andrew Sullivan <>
> Subject: [apps-discuss] draft-sullivan-domain-origin-assert-00
> Date: May 4, 2012 23:08:53 +0200
> To:
> List-Id: General discussion of application-layer protocols <>
> Dear colleagues,
> I posted today draft-sullivan-domain-origin-assert-00.txt.  The point
> of this draft is to outline a way of publishing records in the DNS, so
> that one can figure out what names have some sort of administrative
> link to one another (I've called this the "administrative realm",
> although probably not consistently, and I'm not too happy with the
> term).  The idea is that you'd be able to use the mechanism in order
> either to consider different DNS names as somehow linked together (so
> that, for instance, cookie policies or other such things could be
> adapted accordingly), or (more often) to determine that names are
> _not_ linked together in order to foil illegitimate attempts to assert
> links.  
> I can't think of any other list that is appropriate, but if people
> have an alternative I'm all ears.  I haven't explicitly pointed
> commenters at this list yet, pending permission from the list
> moderators.
> Comments (shredding, &c. &c.) are eagerly solicited.  
> Best regards,
> A
> -- 
> Andrew Sullivan
> _______________________________________________
> apps-discuss mailing list

Received on Saturday, 5 May 2012 10:17:27 UTC