public-webappsec@w3.org from August 2013 by subject

[CORS] Understanding the definition of simple headers

• Monsur Hossain (Thursday, 22 August)
• Brad Hill (Wednesday, 21 August)
• Anne van Kesteren (Wednesday, 21 August)
• Monsur Hossain (Wednesday, 21 August)

[webappsec + webapps] CORS to PR plans

• Brad Hill (Friday, 16 August)
• Brad Hill (Monday, 12 August)
• Brad Hill (Monday, 12 August)
• Anne van Kesteren (Tuesday, 6 August)
• Arthur Barstow (Tuesday, 6 August)
• Brad Hill (Monday, 5 August)

[webappsec] CSP: are blob uri's really just origin='self'?

• Ian Melven (Friday, 30 August)
• Kyle Huey (Friday, 30 August)
• Ian Melven (Friday, 30 August)
• Ian Melven (Friday, 30 August)
• Brad Hill (Friday, 30 August)
• Brad Hill (Friday, 30 August)
• Brad Hill (Friday, 30 August)

[webappsec] Proposed Agenda for 13-Aug-2013 WebAppSec WG Teleconference

• Brad Hill (Monday, 12 August)

ACTION-147 RFC script-hash proposal v2

• Neil Matatall (Monday, 12 August)

Agenda for 8/27/13 Conference Call

• Eric Rescorla (Tuesday, 27 August)

Audio & security

• Yoav Weiss (Friday, 16 August)
• Boris Smus (Tuesday, 13 August)
• Yoav Weiss (Friday, 9 August)

CORS to PR

• Brad Hill (Thursday, 29 August)

CSP 1.1 and image loading elements/attributes

• Anne van Kesteren (Tuesday, 27 August)
• Yoav Weiss (Monday, 26 August)

CSP 1.1: Nonce-source and unsafe-inline

• Garrett Robinson (Wednesday, 7 August)
• Garrett Robinson (Wednesday, 7 August)

De-duplicating violation reports?

• Mike West (Monday, 5 August)
• Pete Freitag (Thursday, 1 August)
• Daniel Veditz (Saturday, 3 August)
• Mike West (Thursday, 1 August)
• Devdatta Akhawe (Thursday, 1 August)
• Neil Matatall (Thursday, 1 August)
• Hill, Brad (Thursday, 1 August)
• Mike West (Thursday, 1 August)

Fwd: [webappsec + webapps] CORS to PR plans

• Brad Hill (Friday, 16 August)

Including the Javascript stack trace in the ContentSecurityPolicy report

• David Bruant (Friday, 2 August)
• Boris Zbarsky (Friday, 2 August)
• Boris Zbarsky (Friday, 2 August)
• David Bruant (Friday, 2 August)
• Boris Zbarsky (Friday, 2 August)
• David Bruant (Friday, 2 August)
• Henry Wong (Friday, 2 August)
• David Bruant (Friday, 2 August)
• Boris Zbarsky (Friday, 2 August)
• Henry Wong (Friday, 2 August)

Proposed CSRF countermeasure

• Michael Shema (Tuesday, 27 August)
• Brad Hill (Tuesday, 27 August)
• Michael Shema (Tuesday, 27 August)
• Brad Hill (Monday, 26 August)
• Michael Shema (Tuesday, 20 August)
• John Wilander (Tuesday, 20 August)
• Michael Shema (Monday, 19 August)
• Michael Shema (Monday, 19 August)
• Alex Russell (Sunday, 18 August)
• Michal Zalewski (Sunday, 18 August)
• Mike Shema (Thursday, 15 August)

Sub-origins

• Daniel Veditz (Friday, 30 August)
• Brad Hill (Thursday, 29 August)
• Michal Zalewski (Thursday, 29 August)
• Joel Weinberger (Thursday, 29 August)
• Brad Hill (Thursday, 29 August)
• Michal Zalewski (Thursday, 29 August)
• Joel Weinberger (Thursday, 29 August)
• Brad Hill (Monday, 26 August)
• Devdatta Akhawe (Monday, 26 August)
• Brad Hill (Monday, 26 August)
• Devdatta Akhawe (Monday, 26 August)
• Brad Hill (Monday, 26 August)
• Mike West (Monday, 5 August)
• Daniel Veditz (Saturday, 3 August)

Supporting base64 in nonce-value

• Joel Weinberger (Wednesday, 7 August)
• Garrett Robinson (Wednesday, 7 August)
• Mike West (Monday, 5 August)

Last message date: Friday, 30 August 2013 22:11:23 UTC