public-webappsec@w3.org from January 2014 by author

Adam Langley

• Re: Subresource Integrity Length Extension? (Monday, 27 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• [integrity]: latency tradeoffs (Tuesday, 14 January)

Andrew

• Subresource Integrity Length Extension? (Monday, 27 January)

Anne van Kesteren

• Re: referrer directive expressiveness (Thursday, 30 January)
• Re: referrer directive expressiveness (Thursday, 30 January)
• Re: Beacon and CSP (Wednesday, 29 January)
• Re: CSP formal objection. (Tuesday, 28 January)
• Re: CSP and Fetch (Friday, 24 January)
• Re: CSP and Fetch (Friday, 24 January)
• Re: Beacon and CSP (Friday, 17 January)
• Re: Origin-scoped cache/cookie/storage context (Thursday, 16 January)
• Re: Origin-scoped cache/cookie/storage context (Wednesday, 15 January)
• Re: [cors] Add 'Range' to simple headers (Monday, 13 January)
• Re: [cors] Add 'Range' to simple headers (Monday, 13 January)
• Re: Comments on Subresource Integrity (Monday, 13 January)
• Re: Origin-scoped cache/cookie/storage context (Saturday, 11 January)
• Comments on Subresource Integrity (Saturday, 11 January)
• Re: [CORS] Does the Authorization header qualify as a CORS credential? (Friday, 10 January)
• Re: Origin-scoped cache/cookie/storage context (Friday, 10 January)
• Re: [CORS] Does the Authorization header qualify as a CORS credential? (Friday, 10 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Origin-scoped cache/cookie/storage context (Thursday, 9 January)

Ben Toews

• Re: [integrity]: Origin confusion attacks. (Friday, 10 January)
• Re: Subresource Integrity strawman. (Wednesday, 8 January)

Bjoern Hoehrmann

• Re: CSP formal objection. (Thursday, 30 January)
• Re: CSP formal objection. (Wednesday, 29 January)
• Re: CSP formal objection. (Wednesday, 29 January)
• Re: CSP formal objection. (Wednesday, 29 January)
• Re: CSP formal objection. (Wednesday, 29 January)

Boris Zbarsky

• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: Origin-scoped cache/cookie/storage context (Wednesday, 15 January)

Brad Hill

• [webappsec] Informal meetup at AppSec California? (Thursday, 23 January)
• [webappsec] New WG Teleconference Time (Thursday, 23 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 22 January)
• [webappsec] Disambiguating some subresource integrity use-cases (Friday, 17 January)
• Re: Comments on Subresource Integrity (Tuesday, 14 January)
• Re: "Subresource Integrity" spec up for review. (Tuesday, 14 January)
• [webappsec] Agenda for Teleconference, 14 Jan 2014 (Monday, 13 January)
• Re: "Subresource Integrity" spec up for review. (Sunday, 12 January)
• Re: [integrity]: Origin confusion attacks. (Thursday, 9 January)
• New poll: Europe-friendly teleconference time (Tuesday, 7 January)

Brian Smith

• Re: CSP formal objection. (Tuesday, 28 January)

Danesh Irani

• Re: CfC to publish new WD of CSP 1.1 (Wednesday, 22 January)

David Bruant

• Re: referrer directive expressiveness (Thursday, 30 January)
• Re: referrer directive expressiveness (Thursday, 30 January)
• referrer directive expressiveness (Thursday, 30 January)
• Re: Processing of meta element (Thursday, 30 January)
• Re: CSP 1.1 referrer + meta >= <meta name="referrer"> ? (Thursday, 30 January)
• Re: CSP 1.1 referrer + meta >= <meta name="referrer"> ? (Thursday, 30 January)
• Processing of meta element (Thursday, 30 January)
• CSP 1.1 referrer + meta >= <meta name="referrer"> ? (Thursday, 30 January)
• Re: Sub-origins (Thursday, 23 January)

Devdatta Akhawe

• Re: CSP formal objection. (Monday, 27 January)
• Re: CfC to publish new WD of CSP 1.1 (Monday, 20 January)
• Re: [webappsec] Disambiguating some subresource integrity use-cases (Saturday, 18 January)
• Re: [integrity]: latency tradeoffs (Thursday, 16 January)
• Re: [integrity]: latency tradeoffs (Thursday, 16 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: Comments on Subresource Integrity (Monday, 13 January)
• Re: [integrity]: Origin confusion attacks. (Friday, 10 January)
• Re: [integrity]: Origin confusion attacks. (Thursday, 9 January)
• Re: [integrity]: Origin confusion attacks. (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity strawman. (Wednesday, 8 January)
• Re: Holiday changes to the CSP 1.1 editor's draft. (Wednesday, 8 January)

Eric Rescorla

• Agenda for 2014-01-28 Telecon. NOTE: new time, 1600 UTC (Wednesday, 29 January)

Frederick.Hirsch@nokia.com

• Security Review of Network Service Discovery (Tuesday, 28 January)

Frederik Braun

• Re: Subresource Integrity Length Extension? (Wednesday, 29 January)
• Re: Subresource Integrity Length Extension? (Tuesday, 28 January)
• Re: Subresource Integrity Length Extension? (Tuesday, 28 January)
• Re: [integrity] Downloads (Friday, 17 January)
• Re: [integrity]: latency tradeoffs (Thursday, 16 January)
• Re: CSP Transition Tools (Wednesday, 15 January)
• Re: [integrity]: Origin confusion attacks. (Friday, 10 January)
• How CSP is affected by HTML Imports (or vice versa) (Thursday, 9 January)

Garrett Robinson

• Re: CSP formal objection. (Thursday, 30 January)
• Re: Beacon and CSP (Wednesday, 29 January)
• Re: CfC to publish new WD of CSP 1.1 (Tuesday, 21 January)
• CSP Transition Tools (Monday, 13 January)

Glenn Adams

• Re: CSP formal objection. (Thursday, 30 January)
• Re: CSP formal objection. (Wednesday, 29 January)
• Re: CSP formal objection. (Wednesday, 29 January)
• Re: CSP formal objection. (Monday, 27 January)
• Fwd: CSP formal objection. (Monday, 27 January)

Henri Sivonen

• Re: Origin-scoped cache/cookie/storage context (Friday, 10 January)

Hill, Brad

• Re: CSP formal objection. (Wednesday, 29 January)
• Re: Beacon and CSP (Wednesday, 29 January)
• Re: CSP formal objection. (Wednesday, 29 January)
• Re: CSP formal objection. (Wednesday, 29 January)
• W3C WebAppSec WG Meeting (Thursday, 23 January)

Ian Melven

• Re: CfC to publish new WD of CSP 1.1 (Wednesday, 22 January)
• Re: Beacon and CSP (Friday, 17 January)
• Beacon and CSP (Wednesday, 15 January)
• Re: Holiday changes to the CSP 1.1 editor's draft. (Monday, 13 January)
• Re: Holiday changes to the CSP 1.1 editor's draft. (Tuesday, 7 January)

Ilya Grigorik

• Re: Subresource Integrity strawman. (Wednesday, 8 January)
• Re: Subresource Integrity strawman. (Wednesday, 8 January)
• Re: Subresource Integrity strawman. (Wednesday, 8 January)

Joel Weinberger

• Re: [webappsec] Informal meetup at AppSec California? (Saturday, 25 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: "Subresource Integrity" spec up for review. (Tuesday, 14 January)
• Re: [integrity]: latency tradeoffs (Tuesday, 14 January)
• Re: "Subresource Integrity" spec up for review. (Tuesday, 14 January)
• Re: Comments on Subresource Integrity (Tuesday, 14 January)
• Re: Subresource Integrity strawman. (Wednesday, 8 January)
• Re: Subresource Integrity strawman. (Wednesday, 8 January)
• Re: Subresource Integrity strawman. (Wednesday, 8 January)

John Wong

• Re: Are CSP directives case insensitive? (Friday, 17 January)
• Re: CSP Transition Tools (Tuesday, 14 January)

Joshua Peek

• Re: Subresource Integrity strawman. (Wednesday, 8 January)

Ken Lee

• Re: CSP Transition Tools (Saturday, 18 January)
• Re: CSP Transition Tools (Tuesday, 14 January)

Mark Nottingham

• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity strawman. (Thursday, 9 January)

Michal Zalewski

• Re: [integrity] Downloads (Thursday, 16 January)
• [integrity] Downloads (Thursday, 16 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: [integrity]: Origin confusion attacks. (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity strawman. (Thursday, 9 January)
• Re: Subresource Integrity strawman. (Thursday, 9 January)
• Re: Subresource Integrity strawman. (Wednesday, 8 January)
• Re: Subresource Integrity strawman. (Wednesday, 8 January)

Mike West

• Re: CSP 1.1 referrer + meta >= <meta name="referrer"> ? (Thursday, 30 January)
• Re: Processing of meta element (Thursday, 30 January)
• Re: CSP 1.1 referrer + meta >= <meta name="referrer"> ? (Thursday, 30 January)
• Re: (nonce | hash) (Wednesday, 29 January)
• Re: CSP formal objection. (Wednesday, 29 January)
• Re: CSP formal objection. (Wednesday, 29 January)
• Re: Beacon and CSP (Wednesday, 29 January)
• Re: CSP and Fetch (Friday, 24 January)
• CfC to publish new WD of CSP 1.1 (Monday, 20 January)
• Re: Are CSP directives case insensitive? (Saturday, 18 January)
• Re: [integrity]: latency tradeoffs (Friday, 17 January)
• Re: [integrity] Downloads (Friday, 17 January)
• Re: [integrity]: Origin confusion attacks. (Thursday, 16 January)
• Re: [integrity]: CSS-loaded resources. (Thursday, 16 January)
• CSP 1.1: What remains open (and important)? (Thursday, 16 January)
• Re: Holiday changes to the CSP 1.1 editor's draft. (Thursday, 16 January)
• Re: webappsec-ISSUE-56 (child src navigation): Should we restrict subsequent navigation within child-src? [CSP 1.1] (Thursday, 16 January)
• Re: Beacon and CSP (Thursday, 16 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: Comments on Subresource Integrity (Tuesday, 14 January)
• [integrity]: CSS-loaded resources. (Saturday, 11 January)
• Re: Comments on Subresource Integrity (Saturday, 11 January)
• Re: "Subresource Integrity" spec up for review. (Saturday, 11 January)
• Re: Holiday changes to the CSP 1.1 editor's draft. (Friday, 10 January)
• Re: Origin-scoped cache/cookie/storage context (Friday, 10 January)
• Re: [integrity]: Origin confusion attacks. (Friday, 10 January)
• Re: Subresource Integrity and fingerprinting (Friday, 10 January)
• Re: [integrity]: Origin confusion attacks. (Friday, 10 January)
• Re: [integrity]: Origin confusion attacks. (Thursday, 9 January)
• Re: Subresource Integrity strawman. (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• [integrity]: Origin confusion attacks. (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity and fingerprinting (Thursday, 9 January)
• Re: Subresource Integrity strawman. (Wednesday, 8 January)
• Subresource Integrity strawman. (Wednesday, 8 January)
• Holiday changes to the CSP 1.1 editor's draft. (Friday, 3 January)
• Re: GitHub? GitHub. (Friday, 3 January)

Nasko Oskov

• Re: Origin-scoped cache/cookie/storage context (Thursday, 16 January)
• Re: Origin-scoped cache/cookie/storage context (Wednesday, 15 January)
• Re: Origin-scoped cache/cookie/storage context (Tuesday, 14 January)
• Re: Origin-scoped cache/cookie/storage context (Friday, 10 January)

Neil Matatall

• (nonce | hash) (Wednesday, 29 January)
• Re: CSP formal objection. (Wednesday, 29 January)
• Re: [webappsec] Informal meetup at AppSec California? (Thursday, 23 January)
• Re: CfC to publish new WD of CSP 1.1 (Tuesday, 21 January)
• Re: CSP Transition Tools (Friday, 17 January)
• Re: CSP Transition Tools (Friday, 17 January)
• Re: Hashes/Nonce Source and unsafe-inline (Tuesday, 14 January)

Oda, Terri

• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)

Pete Freitag

• Re: [integrity]: latency tradeoffs (Wednesday, 15 January)
• Re: [integrity]: Origin confusion attacks. (Friday, 10 January)
• Re: [integrity]: Origin confusion attacks. (Friday, 10 January)
• Re: [integrity]: Origin confusion attacks. (Friday, 10 January)
• Re: [integrity]: Origin confusion attacks. (Thursday, 9 January)

qll

• Re: CSP Transition Tools (Friday, 17 January)

Ryan Sleevi

• Re: "Subresource Integrity" spec up for review. (Tuesday, 14 January)
• Re: "Subresource Integrity" spec up for review. (Monday, 13 January)

Sandeep Kamble

• Re: CfC to publish new WD of CSP 1.1 (Tuesday, 21 January)
• Invitation to connect on LinkedIn (Friday, 17 January)
• Re: CSP Transition Tools (Wednesday, 15 January)
• Re: [integrity]: Origin confusion attacks. (Friday, 10 January)

Steve Faulkner

• errata link broken (Thursday, 16 January)

Steven Robertson

• Re: [cors] Add 'Range' to simple headers (Monday, 13 January)
• [cors] Add 'Range' to simple headers (Monday, 13 January)

Tab Atkins

• Re: [integrity]: CSS-loaded resources. (Thursday, 16 January)
• Re: [integrity]: CSS-loaded resources. (Monday, 13 January)

Taras Ivashchenko

• Re: CSP Transition Tools (Tuesday, 14 January)

Tim Brown

• Re: CSP Transition Tools (Wednesday, 15 January)

Vladimir Dzhuvinov

• [CORS] Does the Authorization header qualify as a CORS credential? (Friday, 10 January)

Web Application Security Working Group Issue Tracker

• webappsec-ISSUE-56 (child src navigation): Should we restrict subsequent navigation within child-src? [CSP 1.1] (Tuesday, 14 January)

Wendy Seltzer

• Re: errata link broken (Friday, 17 January)

Yoav Weiss

• Re: CSP Transition Tools (Friday, 17 January)
• Re: CSP Transition Tools (Friday, 17 January)
• Re: CSP Transition Tools (Friday, 17 January)

Last message date: Thursday, 30 January 2014 23:23:12 UTC