W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2014

Re: [webappsec] Rechartering: COWL

From: Deian Stefan <deian@cs.stanford.edu>
Date: Sun, 09 Nov 2014 22:37:48 -0800
To: Brad Hill <hillbrad@fb.com>, Web Application Security Working Group <public-webappsec@w3.org>
Message-ID: <87r3xblfwj.fsf@cs.stanford.edu>
Brad Hill <hillbrad@fb.com> writes:

> Rechartering Thread 12: COWL
> Though not on our survey, Deian Stefan of Stanford introduced his COWL
> proposal to the group at TPAC.
> http://cowl.ws 
> My nutshell summary is that COWL is an efficient and backwards compatible
> way to apply mandatory access controls using origin labels to webapp
> information flows, opening very interesting new possibilities in mashups
> and security reasoning about new features.
> There was strong positive sentiment towards the proposal at TPAC.
> Implementation requires a few new features as part of CSP, and
> additionally, Deian would need to outline what a normative specification
> would look like.  My call on the consensus so far is that if he is willing
> to serve as an editor the group is interested in advancing the proposal.
> Please reply to this thread with comments or objections, if you are
> interested in serving as a co-editor, or have additional relevant input
> documents.

I would love to serve as an editor and will start on the normative spec
outline this week.


Received on Monday, 10 November 2014 06:38:17 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC