On Tue, 02 Aug 2011 14:37:31 +0200, Arthur Barstow <art.barstow@nokia.com> wrote: > The From-Origin spec is WebApps'; it is _not_ a joint deliverable with > the proposed WebAppSec WG. I assumed it was because of "Secure Cross-Domain Framing" and the significant overlap. >> I discussed this with Thomas on IRC (not logged) and he hopes that >> doing this work in a new group will open up new resources to get it >> moving along (e.g. to get a test suite). I am fairly skeptical, but we >> agreed that trying it out for half a year should be okay given the low >> activity of this work here in WebApps. If nothing much has changed the >> work moves back to WebApps, which should work per charters of both >> groups. > > Did you guys agree on the "which list will CORS use going forward?" > question? I was okay with trying out a new list for six months. It seems Maciej is not. Maciej's concern is exactly the one I had. > I agree it can be a bit painful to subscribe to YA list but I think it > has the advantage of getting some "new eyes" on the spec as well as the > advantages mentioned above. We'll see (or not, depending on how Maciej's concerns are addressed). -- Anne van Kesteren http://annevankesteren.nl/Received on Wednesday, 3 August 2011 08:22:34 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:13:23 UTC