- From: Thomas Roessler <tlr@w3.org>
- Date: Sat, 5 May 2012 12:18:07 +0200
- To: public-webappsec@w3.org
- Cc: Thomas Roessler <tlr@w3.org>, Andrew Sullivan <ajs@anvilwalrusden.com>
For your information: http://tools.ietf.org/html/draft-sullivan-domain-origin-assert-00 This seems targeted at situations where different domain names want to assert that they're something like same-origin, and for use by security policies implemented in browsers. I suggest to direct review comments either to the apps-discuss list, or to public-web-security@w3.org. Thanks, -- Thomas Roessler, W3C <tlr@w3.org> (@roessler) Begin forwarded message: > From: Andrew Sullivan <ajs@anvilwalrusden.com> > Subject: [apps-discuss] draft-sullivan-domain-origin-assert-00 > Date: May 4, 2012 23:08:53 +0200 > To: apps-discuss@ietf.org > List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org> > > Dear colleagues, > > I posted today draft-sullivan-domain-origin-assert-00.txt. The point > of this draft is to outline a way of publishing records in the DNS, so > that one can figure out what names have some sort of administrative > link to one another (I've called this the "administrative realm", > although probably not consistently, and I'm not too happy with the > term). The idea is that you'd be able to use the mechanism in order > either to consider different DNS names as somehow linked together (so > that, for instance, cookie policies or other such things could be > adapted accordingly), or (more often) to determine that names are > _not_ linked together in order to foil illegitimate attempts to assert > links. > > I can't think of any other list that is appropriate, but if people > have an alternative I'm all ears. I haven't explicitly pointed > commenters at this list yet, pending permission from the list > moderators. > > Comments (shredding, &c. &c.) are eagerly solicited. > > Best regards, > > A > > -- > Andrew Sullivan > ajs@anvilwalrusden.com > _______________________________________________ > apps-discuss mailing list > apps-discuss@ietf.org > https://www.ietf.org/mailman/listinfo/apps-discuss >
Received on Saturday, 5 May 2012 10:18:11 UTC