- From: Mike West <mkwst@google.com>
- Date: Fri, 7 Nov 2014 15:31:57 +0100
- To: "public-webappsec@w3.org" <public-webappsec@w3.org>
- Cc: Anne van Kesteren <annevk@annevk.nl>, Mark Nottingham <mnot@mnot.net>, Brad Hill <hillbrad@gmail.com>, Dan Veditz <dveditz@mozilla.com>, Wendy Seltzer <wseltzer@w3.org>
- Message-ID: <CAKXHy=dxr9T9us55UoSEfVGA=HH_92CSPrKapWxDLazwxLMrJg@mail.gmail.com>
No one objected, and I think we're close enough to resolution of the other threads that it makes sense to move to LC. Brad, Dan, Wendy, WDYT? May we proceed to publishing a LCWD? I'd suggest a month or so to get feedback, and I'll be sure to poke at related groups. If that sounds reasonable, do you think we could get http://w3c.github.io/webappsec/specs/mixedcontent/published/2014-11-11-MIX-LCWD.html published on Tuesday? (I've run it through pubrules, linkchecker, and the validator, which should be enough for anyone. :) ). -mike -- Mike West <mkwst@google.com> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91 Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg Geschäftsführer: Graham Law, Christine Elizabeth Flores (Sorry; I'm legally required to add this exciting detail to emails. Bleh.) On Wed, Oct 29, 2014 at 4:06 PM, Mike West <mkwst@google.com> wrote: > I think we're getting pretty close to pushing the mixed content spec to > Last Call. The interesting bits I know of have been resolved by: > > 1. Dropping the public/private distinction from MIX, kicking it out to > "Secure Introduction of Internet-Connected Things"[1] which folks are > discussing separately. > > 2. Moving the TLS checks to a new attribute on the Request's client, and > on the Response, which Anne was kind enough to add to Fetch for me. It's > currently named "authentication state", which probably needs some > bikeshedding, but the name shouldn't block progress on MIX. > > 3. The TAG's substantive feedback (handcrafted and delivered by mnot@) > has been addressed, and we can discuss resolution of the nits during the > last call phase. > > I don't believe there are any substantive controversies remaining, but if > I've missed anything, this CfC is a nice forcing function to get it out > into the open. :) > > Please read through the current draft, up for review at > https://w3c.github.io/webappsec/specs/mixedcontent/, and send comments to > public-webappsec@w3.org. Positive feedback is encouraged! > > This CfC will end in a week, on November 5th, 2014. > > Thanks! > > [1]: > https://readable-email.org/list/public-webappsec/topic/secure-introduction-of-internet-connected-things-was-re-webappsec-agenda-for-monday-teleconference-2014-10-20-12-00-pdt > > -- > Mike West <mkwst@google.com> > Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91 > > Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany > Registergericht und -nummer: Hamburg, HRB 86891 > Sitz der Gesellschaft: Hamburg > Geschäftsführer: Graham Law, Christine Elizabeth Flores > (Sorry; I'm legally required to add this exciting detail to emails. Bleh.) >
Received on Friday, 7 November 2014 14:32:45 UTC