- From: Anne van Kesteren <annevk@opera.com>
- Date: Wed, 03 Aug 2011 10:21:59 +0200
- To: "Thomas Roessler" <tlr@w3.org>, "Arthur Barstow" <art.barstow@nokia.com>
- Cc: "Maciej Stachowiak" <mjs@apple.com>, public-webapps <public-webapps@w3.org>, public-web-security <public-web-security@w3.org>
On Tue, 02 Aug 2011 14:37:31 +0200, Arthur Barstow <art.barstow@nokia.com> wrote: > The From-Origin spec is WebApps'; it is _not_ a joint deliverable with > the proposed WebAppSec WG. I assumed it was because of "Secure Cross-Domain Framing" and the significant overlap. >> I discussed this with Thomas on IRC (not logged) and he hopes that >> doing this work in a new group will open up new resources to get it >> moving along (e.g. to get a test suite). I am fairly skeptical, but we >> agreed that trying it out for half a year should be okay given the low >> activity of this work here in WebApps. If nothing much has changed the >> work moves back to WebApps, which should work per charters of both >> groups. > > Did you guys agree on the "which list will CORS use going forward?" > question? I was okay with trying out a new list for six months. It seems Maciej is not. Maciej's concern is exactly the one I had. > I agree it can be a bit painful to subscribe to YA list but I think it > has the advantage of getting some "new eyes" on the spec as well as the > advantages mentioned above. We'll see (or not, depending on how Maciej's concerns are addressed). -- Anne van Kesteren http://annevankesteren.nl/
Received on Wednesday, 3 August 2011 08:22:34 UTC