- From: Daniel Veditz <dveditz@mozilla.com>
- Date: Thu, 20 Mar 2014 18:34:48 -0700
- To: Wendy Seltzer <wseltzer@w3.org>, "Henry S. Thompson" <ht@inf.ed.ac.uk>, "Hill\, Brad" <bhill@paypal.com>
- CC: Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On 3/20/2014 7:11 AM, Wendy Seltzer wrote: > On 03/20/2014 09:32 AM, Henry S. Thompson wrote: >> So I'm curious, perhaps even concerned, about the overlap between this >> work and the IETF. Is the WG, or are you personally, regularly in >> touch with the right people at the IETF to be sure you're not stepping >> on toes over there, with respect to WebAppSec in general, and this >> document's proposals in particular? We once tried to get this concept done in the IETF, in the form of "link fingerprints". http://www.gerv.net/security/link-fingerprints/ Mozilla even had an experimental implementation https://bugzilla.mozilla.org/show_bug.cgi?id=377245 It got shut down in the IETF, with the suggestion that it didn't belong in URLs but should rather be done as document metadata in the W3C. The concept took a vacation for half a decade but that's where we now are: in the W3C at the request of the IETF. -Dan Veditz
Received on Friday, 21 March 2014 01:35:16 UTC