W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2014

Re: CfC: Mixed Content to Last Call?

From: Wendy Seltzer <wseltzer@w3.org>
Date: Fri, 07 Nov 2014 12:51:34 -0500
Message-ID: <545D06A6.10800@w3.org>
To: Brad Hill <hillbrad@gmail.com>, Mike West <mkwst@google.com>
CC: "public-webappsec@w3.org" <public-webappsec@w3.org>, Anne van Kesteren <annevk@annevk.nl>, Dan Veditz <dveditz@mozilla.com>
Sounds great to me -- except that Tuesday is a holiday. Since MIT is
closed for Veterans' Day, can we schedule publication for Thursday, Nov.
13?

Thanks Mike!
--Wendy

On 11/07/2014 12:48 PM, Brad Hill wrote:
> Sounds great to me, thanks, Mike!
> 
> On Fri, Nov 7, 2014 at 6:31 AM, Mike West <mkwst@google.com> wrote:
>> No one objected, and I think we're close enough to resolution of the other
>> threads that it makes sense to move to LC. Brad, Dan, Wendy, WDYT? May we
>> proceed to publishing a LCWD?
>>
>> I'd suggest a month or so to get feedback, and I'll be sure to poke at
>> related groups.
>>
>> If that sounds reasonable, do you think we could get
>> http://w3c.github.io/webappsec/specs/mixedcontent/published/2014-11-11-MIX-LCWD.html
>> published on Tuesday? (I've run it through pubrules, linkchecker, and the
>> validator, which should be enough for anyone. :) ).
>>
>> -mike
>>
>> --
>> Mike West <mkwst@google.com>
>> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
>>
>> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
>> Registergericht und -nummer: Hamburg, HRB 86891
>> Sitz der Gesellschaft: Hamburg
>> Geschäftsführer: Graham Law, Christine Elizabeth Flores
>> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
>>
>> On Wed, Oct 29, 2014 at 4:06 PM, Mike West <mkwst@google.com> wrote:
>>>
>>> I think we're getting pretty close to pushing the mixed content spec to
>>> Last Call. The interesting bits I know of have been resolved by:
>>>
>>> 1. Dropping the public/private distinction from MIX, kicking it out to
>>> "Secure Introduction of Internet-Connected Things"[1] which folks are
>>> discussing separately.
>>>
>>> 2. Moving the TLS checks to a new attribute on the Request's client, and
>>> on the Response, which Anne was kind enough to add to Fetch for me. It's
>>> currently named "authentication state", which probably needs some
>>> bikeshedding, but the name shouldn't block progress on MIX.
>>>
>>> 3. The TAG's substantive feedback (handcrafted and delivered by mnot@) has
>>> been addressed, and we can discuss resolution of the nits during the last
>>> call phase.
>>>
>>> I don't believe there are any substantive controversies remaining, but if
>>> I've missed anything, this CfC is a nice forcing function to get it out into
>>> the open. :)
>>>
>>> Please read through the current draft, up for review at
>>> https://w3c.github.io/webappsec/specs/mixedcontent/, and send comments to
>>> public-webappsec@w3.org. Positive feedback is encouraged!
>>>
>>> This CfC will end in a week, on November 5th, 2014.
>>>
>>> Thanks!
>>>
>>> [1]:
>>> https://readable-email.org/list/public-webappsec/topic/secure-introduction-of-internet-connected-things-was-re-webappsec-agenda-for-monday-teleconference-2014-10-20-12-00-pdt
>>>
>>> --
>>> Mike West <mkwst@google.com>
>>> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
>>>
>>> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
>>> Registergericht und -nummer: Hamburg, HRB 86891
>>> Sitz der Gesellschaft: Hamburg
>>> Geschäftsführer: Graham Law, Christine Elizabeth Flores
>>> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
>>
>>
> 


-- 
Wendy Seltzer -- wseltzer@w3.org +1.617.715.4883 (office)
Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
http://wendy.seltzer.org/        +1.617.863.0613 (mobile)
Received on Friday, 7 November 2014 17:51:40 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC