public-webappsec@w3.org from June 2013 by subject

[Bug 22256] New: Add a note regarding first line of defense.

• bugzilla@jessica.w3.org (Tuesday, 4 June)

[filter-effects][css-masking] Move security model for resources to CSP

• Dirk Schulze (Thursday, 6 June)
• Boris Zbarsky (Sunday, 2 June)
• Dirk Schulze (Sunday, 2 June)
• Boris Zbarsky (Sunday, 2 June)
• Dirk Schulze (Sunday, 2 June)
• Boris Zbarsky (Sunday, 2 June)
• Boris Zbarsky (Sunday, 2 June)
• Dirk Schulze (Saturday, 1 June)
• Boris Zbarsky (Saturday, 1 June)
• Dirk Schulze (Saturday, 1 June)
• Anne van Kesteren (Saturday, 1 June)

[webappsec-testsuite] New test server for CSP testing.

• Brad Hill (Sunday, 23 June)
• Adam Barth (Sunday, 23 June)
• Hill, Brad (Thursday, 13 June)
• Hill, Brad (Tuesday, 11 June)

[webappsec] CSP reporting and sandbox directive

• Daniel Veditz (Thursday, 27 June)
• Adam Barth (Thursday, 27 June)
• Hill, Brad (Wednesday, 26 June)

[webappsec] No TPAC meeting in Shenzhen

• Hill, Brad (Thursday, 6 June)

[webappsec] plugin-types directive for CLSIDs in IE

• Hill, Brad (Tuesday, 4 June)

[whatwg] Cross-Origin Cookies Sharing Proposal

• Charlie Du (Tuesday, 25 June)
• Mountie Lee (Tuesday, 25 June)
• Huan Du (Monday, 24 June)
• Mountie Lee (Monday, 24 June)
• Huan Du (Saturday, 22 June)
• Nils Dagsson Moskopp (Friday, 21 June)

Agenda for June 4 Teleconference

• Eric Rescorla (Tuesday, 4 June)
• Adam Barth (Tuesday, 4 June)
• Eric Rescorla (Tuesday, 4 June)

broadening default-src semantics

• Hill, Brad (Sunday, 2 June)
• Adam Barth (Saturday, 1 June)
• Devdatta Akhawe (Saturday, 1 June)
• Daniel Veditz (Saturday, 1 June)

Content Security Policy

• Joel Weinberger (Tuesday, 18 June)
• Yoav Weiss (Tuesday, 18 June)
• Mountie Lee (Tuesday, 18 June)
• Mountie Lee (Tuesday, 18 June)
• Евнгений Яременко (Monday, 17 June)
• Brad Hill (Monday, 17 June)
• Bryan McQuade (Monday, 17 June)
• Neil Matatall (Monday, 17 June)
• Brad Hill (Monday, 17 June)
• Bryan McQuade (Monday, 17 June)
• Joel Weinberger (Monday, 17 June)
• Yoav Weiss (Monday, 17 June)
• Neil Matatall (Saturday, 15 June)
• Евнгений Яременко (Friday, 14 June)

Content Security Policy 1.1 : script-nonce or script-hash

• Mountie Lee (Wednesday, 19 June)
• Olivier Jaquemet (Tuesday, 18 June)

Content Security Policy: inline style blocking, CSSOM and unsafe-eval

• Ian Melven (Monday, 24 June)

CORS Allow header in preflight response

• Anne van Kesteren (Thursday, 20 June)

Cross-domain information leak with UI Security Directives

• Devdatta Akhawe (Tuesday, 11 June)
• David Lin-Shung Huang (Tuesday, 11 June)
• Devdatta Akhawe (Tuesday, 11 June)
• David Lin-Shung Huang (Monday, 3 June)
• Hill, Brad (Sunday, 2 June)

Cross-Origin Cookies Sharing Proposal

• Huan Du (Saturday, 22 June)
• Daniel Veditz (Friday, 21 June)
• Daniel Veditz (Friday, 21 June)
• Huan Du (Friday, 21 June)

CSP: connect-src

• Adam Barth (Wednesday, 26 June)
• Anne van Kesteren (Tuesday, 25 June)
• Adam Barth (Sunday, 23 June)
• Anne van Kesteren (Thursday, 20 June)
• Anne van Kesteren (Thursday, 20 June)

CSP: error handling

• Adam Barth (Wednesday, 26 June)
• Anne van Kesteren (Tuesday, 25 June)

CSP: origin from a URL

• Adam Barth (Friday, 28 June)
• Daniel Veditz (Friday, 28 June)
• Anne van Kesteren (Thursday, 27 June)
• Adam Barth (Wednesday, 26 June)
• Anne van Kesteren (Wednesday, 26 June)
• Adam Barth (Wednesday, 26 June)
• Anne van Kesteren (Tuesday, 25 June)

cspBuilder Wizard

• Daniel Veditz (Tuesday, 18 June)
• Ken Lee (Monday, 17 June)

Fetching contexts

• Boris Zbarsky (Monday, 24 June)
• Anne van Kesteren (Monday, 24 June)
• Anne van Kesteren (Monday, 24 June)
• Boris Zbarsky (Monday, 24 June)
• Anne van Kesteren (Monday, 24 June)
• Adam Barth (Sunday, 23 June)
• Dirk Schulze (Sunday, 23 June)
• Adam Barth (Sunday, 23 June)
• Dirk Schulze (Sunday, 23 June)
• Boris Zbarsky (Sunday, 23 June)
• Adam Barth (Sunday, 23 June)
• Anne van Kesteren (Friday, 21 June)
• Anne van Kesteren (Friday, 21 June)
• Dirk Schulze (Thursday, 20 June)
• Boris Zbarsky (Thursday, 20 June)
• Anne van Kesteren (Thursday, 20 June)
• Boris Zbarsky (Thursday, 6 June)
• Anne van Kesteren (Thursday, 6 June)

Fwd: webappsec tests moved to GitHub

• Arthur Barstow (Wednesday, 5 June)

meta restrictions (ACTION 109)

• Adam Barth (Sunday, 23 June)
• Daniel Veditz (Tuesday, 18 June)

policy-uri proposal (ACTION 97)

• Anne van Kesteren (Wednesday, 26 June)
• Bjoern Hoehrmann (Wednesday, 26 June)
• Anne van Kesteren (Wednesday, 26 June)
• Adam Barth (Wednesday, 26 June)
• Anne van Kesteren (Wednesday, 26 June)
• Anne van Kesteren (Wednesday, 26 June)
• Daniel Veditz (Wednesday, 26 June)
• Adam Barth (Wednesday, 26 June)
• Anne van Kesteren (Tuesday, 25 June)
• Adam Barth (Monday, 24 June)
• Anne van Kesteren (Monday, 24 June)
• Daniel Veditz (Monday, 24 June)
• Anne van Kesteren (Monday, 24 June)
• Adam Barth (Sunday, 23 June)
• Daniel Veditz (Tuesday, 18 June)

Possible bug in algorithm to match a source expression?

• Adam Barth (Sunday, 23 June)

Specifying nonce-source for every directive

• Garrett Robinson (Tuesday, 11 June)
• Adam Barth (Sunday, 2 June)
• Devdatta Akhawe (Sunday, 2 June)
• Adam Barth (Sunday, 2 June)
• Garrett Robinson (Friday, 31 May)

Supporting base64 in nonce-value

• Adam Barth (Saturday, 29 June)

Today's call cancelled

• Eric Rescorla (Tuesday, 18 June)

Web Developer Security 1.0 - Training Tues 6/18

• Tanvi Vyas (Thursday, 13 June)

webappsec tests moved to GitHub

• Arthur Barstow (Thursday, 6 June)
• Hill, Brad (Thursday, 6 June)

Last message date: Saturday, 29 June 2013 02:07:06 UTC