W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2014

Re: CfC: Mixed Content to Last Call?

From: Wendy Seltzer <wseltzer@w3.org>
Date: Mon, 10 Nov 2014 15:28:36 -0500
Message-ID: <54611FF4.5090309@w3.org>
To: Mike West <mkwst@google.com>
CC: Brad Hill <hillbrad@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Anne van Kesteren <annevk@annevk.nl>, Dan Veditz <dveditz@mozilla.com>
Thanks Mike! I've installed the document at
http://www.w3.org/TR/2014/WD-mixed-content-20141113/
(and fixed a few instances of w3c.org -> w3.org )

Brad or Dan, do you want to prepare the transition announcement to be
sent to the chairs' list after publication?
<http://services.w3.org/xslt?xmlfile=http://www.w3.org/2005/08/01-transitions.html&xslfile=http://www.w3.org/2005/08/transitions.xsl&docstatus=lc-wd-tr>

That should call attention to places we'd particularly want review. For
example, I'd expect we want to hear from people outside the WG on "6.
Secure Contexts for Powerful Features."

Best,
--Wendy


On 11/10/2014 12:19 AM, Mike West wrote:
> Moved and updated the dates:
> https://w3c.github.io/webappsec/specs/mixedcontent/published/2014-11-13-MIX-LCWD.html
> 
> WDYT?
> 
> --
> Mike West <mkwst@google.com>
> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
> 
> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
> Registergericht und -nummer: Hamburg, HRB 86891
> Sitz der Gesellschaft: Hamburg
> Geschäftsführer: Graham Law, Christine Elizabeth Flores
> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
> 
> On Fri, Nov 7, 2014 at 6:51 PM, Wendy Seltzer <wseltzer@w3.org> wrote:
> 
>> Sounds great to me -- except that Tuesday is a holiday. Since MIT is
>> closed for Veterans' Day, can we schedule publication for Thursday, Nov.
>> 13?
>>
>> Thanks Mike!
>> --Wendy
>>
>> On 11/07/2014 12:48 PM, Brad Hill wrote:
>>> Sounds great to me, thanks, Mike!
>>>
>>> On Fri, Nov 7, 2014 at 6:31 AM, Mike West <mkwst@google.com> wrote:
>>>> No one objected, and I think we're close enough to resolution of the
>> other
>>>> threads that it makes sense to move to LC. Brad, Dan, Wendy, WDYT? May
>> we
>>>> proceed to publishing a LCWD?
>>>>
>>>> I'd suggest a month or so to get feedback, and I'll be sure to poke at
>>>> related groups.
>>>>
>>>> If that sounds reasonable, do you think we could get
>>>>
>> http://w3c.github.io/webappsec/specs/mixedcontent/published/2014-11-11-MIX-LCWD.html
>>>> published on Tuesday? (I've run it through pubrules, linkchecker, and
>> the
>>>> validator, which should be enough for anyone. :) ).
>>>>
>>>> -mike
>>>>
>>>> --
>>>> Mike West <mkwst@google.com>
>>>> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
>>>>
>>>> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
>>>> Registergericht und -nummer: Hamburg, HRB 86891
>>>> Sitz der Gesellschaft: Hamburg
>>>> Geschäftsführer: Graham Law, Christine Elizabeth Flores
>>>> (Sorry; I'm legally required to add this exciting detail to emails.
>> Bleh.)
>>>>
>>>> On Wed, Oct 29, 2014 at 4:06 PM, Mike West <mkwst@google.com> wrote:
>>>>>
>>>>> I think we're getting pretty close to pushing the mixed content spec to
>>>>> Last Call. The interesting bits I know of have been resolved by:
>>>>>
>>>>> 1. Dropping the public/private distinction from MIX, kicking it out to
>>>>> "Secure Introduction of Internet-Connected Things"[1] which folks are
>>>>> discussing separately.
>>>>>
>>>>> 2. Moving the TLS checks to a new attribute on the Request's client,
>> and
>>>>> on the Response, which Anne was kind enough to add to Fetch for me.
>> It's
>>>>> currently named "authentication state", which probably needs some
>>>>> bikeshedding, but the name shouldn't block progress on MIX.
>>>>>
>>>>> 3. The TAG's substantive feedback (handcrafted and delivered by mnot@)
>> has
>>>>> been addressed, and we can discuss resolution of the nits during the
>> last
>>>>> call phase.
>>>>>
>>>>> I don't believe there are any substantive controversies remaining, but
>> if
>>>>> I've missed anything, this CfC is a nice forcing function to get it
>> out into
>>>>> the open. :)
>>>>>
>>>>> Please read through the current draft, up for review at
>>>>> https://w3c.github.io/webappsec/specs/mixedcontent/, and send
>> comments to
>>>>> public-webappsec@w3.org. Positive feedback is encouraged!
>>>>>
>>>>> This CfC will end in a week, on November 5th, 2014.
>>>>>
>>>>> Thanks!
>>>>>
>>>>> [1]:
>>>>>
>> https://readable-email.org/list/public-webappsec/topic/secure-introduction-of-internet-connected-things-was-re-webappsec-agenda-for-monday-teleconference-2014-10-20-12-00-pdt
>>>>>
>>>>> --
>>>>> Mike West <mkwst@google.com>
>>>>> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
>>>>>
>>>>> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
>>>>> Registergericht und -nummer: Hamburg, HRB 86891
>>>>> Sitz der Gesellschaft: Hamburg
>>>>> Geschäftsführer: Graham Law, Christine Elizabeth Flores
>>>>> (Sorry; I'm legally required to add this exciting detail to emails.
>> Bleh.)
>>>>
>>>>
>>>
>>
>>
>> --
>> Wendy Seltzer -- wseltzer@w3.org +1.617.715.4883 (office)
>> Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
>> http://wendy.seltzer.org/        +1.617.863.0613 (mobile)
>>
>>
> 


-- 
Wendy Seltzer -- wseltzer@w3.org +1.617.715.4883 (office)
Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
http://wendy.seltzer.org/        +1.617.863.0613 (mobile)
Received on Monday, 10 November 2014 20:28:42 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC