W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2014

Re: [integrity]: Origin confusion attacks.

From: Devdatta Akhawe <dev.akhawe@gmail.com>
Date: Thu, 9 Jan 2014 15:52:51 -0800
Message-ID: <CAPfop_1uVws9VK+7+-C3AvE5F0uJ3n+-QZjNHMejCxmVw-mO_A@mail.gmail.com>
To: Brad Hill <hillbrad@gmail.com>
Cc: Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, btoews <btoews@github.com>, Joel Weinberger <jww@google.com>, Frederik Braun <fbraun@mozilla.com>

> maybe it's still too soon to just give up?  :)

hahahaha yes. That definitely wasn't what I was suggesting.

> How about we start by marking it as "at risk" in the FPWD?

Yeah, if we don't come up with a clean solution before FPWD then
marking it "at risk" seems like a good plan.

--Dev

Received on Thursday, 9 January 2014 23:53:38 UTC

This message: [ Message body ]
Next message: Devdatta Akhawe: "Re: [integrity]: Origin confusion attacks."
Previous message: Brad Hill: "Re: [integrity]: Origin confusion attacks."
In reply to: Brad Hill: "Re: [integrity]: Origin confusion attacks."

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
Help: [ How to use the archives ] [ Search in the archives ]

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:36 UTC