- From: Tyler Close <tyler.close@gmail.com>
- Date: Mon, 7 Dec 2009 10:35:50 -0800
- To: Arthur Barstow <art.barstow@nokia.com>
- Cc: "Mark S. Miller" <erights@google.com>, public-webapps <public-webapps@w3.org>
Hi Art, For the "Status of this Document" section, I just copied the text recommended at: http://www.w3.org/2005/03/28-editor-style.html I did not mean to obfuscate any patent disclosure issues. I personally do not know of any relevant patents. --Tyler On Sun, Dec 6, 2009 at 5:27 AM, Arthur Barstow <art.barstow@nokia.com> wrote: > Mark, Tyler, > > *IF* this proposal was a WG document, its Status of the Document section > would include a patent disclosure requirement like the one in CORS: > > [[ > http://www.w3.org/TR/2009/WD-widgets-access-20090804/ > > An individual who has actual knowledge of a patent which the individual > believes contains Essential Claim(s) must disclose the information in > accordance with section 6 of the W3C Patent Policy. > ]] > > Would you two (and anyone else that contributed to the UniMess proposal) > please make a patent disclosure for your proposal? > > -Art Barstow > > > On Nov 23, 2009, at 12:33 PM, ext Tyler Close wrote: > >> I made some minor edits and formatting improvements to the document >> sent out on Friday. The new version is attached. If you read the prior >> version, there's no need to review the new one. If you're just getting >> started, use the attached copy. >> >> Thanks, >> --Tyler >> >> On Fri, Nov 20, 2009 at 5:04 PM, Tyler Close <tyler.close@gmail.com> >> wrote: >>> >>> MarkM and I have produced a draft specification for the GuestXHR >>> functionality we've been advocating. The W3C style specification >>> document is attached. We look forward to any feedback on it. >>> >>> We agree with others that "GuestXHR" was not a good name and so have >>> named the proposal "Uniform Messaging" for reasons elaborated in the >>> specification. >>> >>> To parallel the CORS separation of policy from API, this first >>> document is the policy specification with an XMLHttpRequest-like API >>> yet to follow. >>> >>> Abstract: >>> """ >>> This document defines a mechanism to enable requests that are >>> independent of the client's context. Using this mechanism, a client >>> can engage in cross-site messaging without the danger of >>> Cross-Site-Request-Forgery and similar attacks that abuse the cookies >>> and other HTTP headers that form a client's context. For example, code >>> from customer.example.org can use this mechanism to send requests to >>> resources determined by service.example.com without further need to >>> protect the client's context. >>> """ >>> >>> Thanks, >>> --Tyler >>> >> >> >> >> -- >> "Waterken News: Capability security on the Web" >> http://waterken.sourceforge.net/recent.html<draft.html> > > -- "Waterken News: Capability security on the Web" http://waterken.sourceforge.net/recent.html
Received on Monday, 7 December 2009 18:36:23 UTC