W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2014

Re: CfC: Mixed Content to Last Call?

From: Brad Hill <hillbrad@gmail.com>
Date: Mon, 10 Nov 2014 12:34:13 -0800
Message-ID: <CAEeYn8jWfyOXn94xMGH-rYU2yow0ZmTqJwfG6AA2rHykio1BZg@mail.gmail.com>
To: Wendy Seltzer <wseltzer@w3.org>
Cc: Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Anne van Kesteren <annevk@annevk.nl>, Dan Veditz <dveditz@mozilla.com>
I'll send the transition announcement later today.

Thank you, Mike and Wendy!

On Mon, Nov 10, 2014 at 12:28 PM, Wendy Seltzer <wseltzer@w3.org> wrote:
> Thanks Mike! I've installed the document at
> http://www.w3.org/TR/2014/WD-mixed-content-20141113/
> (and fixed a few instances of w3c.org -> w3.org )
>
> Brad or Dan, do you want to prepare the transition announcement to be
> sent to the chairs' list after publication?
> <http://services.w3.org/xslt?xmlfile=http://www.w3.org/2005/08/01-transitions.html&xslfile=http://www.w3.org/2005/08/transitions.xsl&docstatus=lc-wd-tr>
>
> That should call attention to places we'd particularly want review. For
> example, I'd expect we want to hear from people outside the WG on "6.
> Secure Contexts for Powerful Features."
>
> Best,
> --Wendy
>
>
> On 11/10/2014 12:19 AM, Mike West wrote:
>> Moved and updated the dates:
>> https://w3c.github.io/webappsec/specs/mixedcontent/published/2014-11-13-MIX-LCWD.html
>>
>> WDYT?
>>
>> --
>> Mike West <mkwst@google.com>
>> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
>>
>> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
>> Registergericht und -nummer: Hamburg, HRB 86891
>> Sitz der Gesellschaft: Hamburg
>> Geschäftsführer: Graham Law, Christine Elizabeth Flores
>> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
>>
>> On Fri, Nov 7, 2014 at 6:51 PM, Wendy Seltzer <wseltzer@w3.org> wrote:
>>
>>> Sounds great to me -- except that Tuesday is a holiday. Since MIT is
>>> closed for Veterans' Day, can we schedule publication for Thursday, Nov.
>>> 13?
>>>
>>> Thanks Mike!
>>> --Wendy
>>>
>>> On 11/07/2014 12:48 PM, Brad Hill wrote:
>>>> Sounds great to me, thanks, Mike!
>>>>
>>>> On Fri, Nov 7, 2014 at 6:31 AM, Mike West <mkwst@google.com> wrote:
>>>>> No one objected, and I think we're close enough to resolution of the
>>> other
>>>>> threads that it makes sense to move to LC. Brad, Dan, Wendy, WDYT? May
>>> we
>>>>> proceed to publishing a LCWD?
>>>>>
>>>>> I'd suggest a month or so to get feedback, and I'll be sure to poke at
>>>>> related groups.
>>>>>
>>>>> If that sounds reasonable, do you think we could get
>>>>>
>>> http://w3c.github.io/webappsec/specs/mixedcontent/published/2014-11-11-MIX-LCWD.html
>>>>> published on Tuesday? (I've run it through pubrules, linkchecker, and
>>> the
>>>>> validator, which should be enough for anyone. :) ).
>>>>>
>>>>> -mike
>>>>>
>>>>> --
>>>>> Mike West <mkwst@google.com>
>>>>> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
>>>>>
>>>>> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
>>>>> Registergericht und -nummer: Hamburg, HRB 86891
>>>>> Sitz der Gesellschaft: Hamburg
>>>>> Geschäftsführer: Graham Law, Christine Elizabeth Flores
>>>>> (Sorry; I'm legally required to add this exciting detail to emails.
>>> Bleh.)
>>>>>
>>>>> On Wed, Oct 29, 2014 at 4:06 PM, Mike West <mkwst@google.com> wrote:
>>>>>>
>>>>>> I think we're getting pretty close to pushing the mixed content spec to
>>>>>> Last Call. The interesting bits I know of have been resolved by:
>>>>>>
>>>>>> 1. Dropping the public/private distinction from MIX, kicking it out to
>>>>>> "Secure Introduction of Internet-Connected Things"[1] which folks are
>>>>>> discussing separately.
>>>>>>
>>>>>> 2. Moving the TLS checks to a new attribute on the Request's client,
>>> and
>>>>>> on the Response, which Anne was kind enough to add to Fetch for me.
>>> It's
>>>>>> currently named "authentication state", which probably needs some
>>>>>> bikeshedding, but the name shouldn't block progress on MIX.
>>>>>>
>>>>>> 3. The TAG's substantive feedback (handcrafted and delivered by mnot@)
>>> has
>>>>>> been addressed, and we can discuss resolution of the nits during the
>>> last
>>>>>> call phase.
>>>>>>
>>>>>> I don't believe there are any substantive controversies remaining, but
>>> if
>>>>>> I've missed anything, this CfC is a nice forcing function to get it
>>> out into
>>>>>> the open. :)
>>>>>>
>>>>>> Please read through the current draft, up for review at
>>>>>> https://w3c.github.io/webappsec/specs/mixedcontent/, and send
>>> comments to
>>>>>> public-webappsec@w3.org. Positive feedback is encouraged!
>>>>>>
>>>>>> This CfC will end in a week, on November 5th, 2014.
>>>>>>
>>>>>> Thanks!
>>>>>>
>>>>>> [1]:
>>>>>>
>>> https://readable-email.org/list/public-webappsec/topic/secure-introduction-of-internet-connected-things-was-re-webappsec-agenda-for-monday-teleconference-2014-10-20-12-00-pdt
>>>>>>
>>>>>> --
>>>>>> Mike West <mkwst@google.com>
>>>>>> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
>>>>>>
>>>>>> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
>>>>>> Registergericht und -nummer: Hamburg, HRB 86891
>>>>>> Sitz der Gesellschaft: Hamburg
>>>>>> Geschäftsführer: Graham Law, Christine Elizabeth Flores
>>>>>> (Sorry; I'm legally required to add this exciting detail to emails.
>>> Bleh.)
>>>>>
>>>>>
>>>>
>>>
>>>
>>> --
>>> Wendy Seltzer -- wseltzer@w3.org +1.617.715.4883 (office)
>>> Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
>>> http://wendy.seltzer.org/        +1.617.863.0613 (mobile)
>>>
>>>
>>
>
>
> --
> Wendy Seltzer -- wseltzer@w3.org +1.617.715.4883 (office)
> Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
> http://wendy.seltzer.org/        +1.617.863.0613 (mobile)
>
Received on Monday, 10 November 2014 20:34:40 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC