W3C home > Mailing lists > Public > public-webappsec@w3.org > March 2014

Re: subresource integrity and browser extensions

From: Anne van Kesteren <annevk@annevk.nl>
Date: Thu, 27 Mar 2014 14:25:20 +0000
Message-ID: <CADnb78iSynBKRukBk-QZDGx+CsFYrphScPJnamoamRPqfaQj2A@mail.gmail.com>
To: Mike West <mkwst@google.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, Glenn Adams <glenn@skynav.com>, yan@eff.org
On Wed, Mar 26, 2014 at 12:00 PM, Mike West <mkwst@google.com> wrote:
> As Yan noted in her email, I agree with this position. Given the
> conversations around similar topics for CSP, I think it probably reflects
> the conensus of the group, and I've added non-normative language to this
> effect in
> https://github.com/w3c/webappsec/commit/b85f0fad4a1d38f57f3bcc457c6f32ad703f3ee8.
> CCing Glenn explicitly, since Cox seems concerned about this sort of
> language in general. If another formal objection is coming, I'd like to know
> about it sooner rather than later. :)

I don't really understand why we note this down at all. We don't do
this in other specifications. Specifications are about the default
user experience. It's well understood that people can have their own
user agent or a modified one that does something else. We don't cover
those scenarios as they are complex and an area of active research and

Received on Thursday, 27 March 2014 14:25:51 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:38 UTC