W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2011

Re: CORS/UMP to become joint WebApps and WebAppSec joint deliverable

From: Anne van Kesteren <annevk@opera.com>
Date: Wed, 03 Aug 2011 10:21:59 +0200
To: "Thomas Roessler" <tlr@w3.org>, "Arthur Barstow" <art.barstow@nokia.com>
Cc: "Maciej Stachowiak" <mjs@apple.com>, public-webapps <public-webapps@w3.org>, public-web-security <public-web-security@w3.org>
Message-ID: <op.vzmpixzm64w2qv@annevk-macbookpro.local>
On Tue, 02 Aug 2011 14:37:31 +0200, Arthur Barstow <art.barstow@nokia.com>  
> The From-Origin spec is WebApps'; it is _not_ a joint deliverable with  
> the proposed WebAppSec WG.

I assumed it was because of "Secure Cross-Domain Framing" and the  
significant overlap.

>> I discussed this with Thomas on IRC (not logged) and he hopes that  
>> doing this work in a new group will open up new resources to get it  
>> moving along (e.g. to get a test suite). I am fairly skeptical, but we  
>> agreed that trying it out for half a year should be okay given the low  
>> activity of this work here in WebApps. If nothing much has changed the  
>> work moves back to WebApps, which should work per charters of both  
>> groups.
> Did you guys agree on the "which list will CORS use going forward?"  
> question?

I was okay with trying out a new list for six months. It seems Maciej is  
not. Maciej's concern is exactly the one I had.

> I agree it can be a bit painful to subscribe to YA list but I think it  
> has the advantage of getting some "new eyes" on the spec as well as the  
> advantages mentioned above.

We'll see (or not, depending on how Maciej's concerns are addressed).

Anne van Kesteren
Received on Wednesday, 3 August 2011 08:22:34 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:13:23 UTC