W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2014

Re: [webappsec] Rechartering: force secure-only child browsing contexts

From: Mike West <mkwst@google.com>
Date: Fri, 14 Nov 2014 08:53:06 +0100
Message-ID: <CAKXHy=cFkPRGz=FVOnezfA3FmFMsNvMQBaKbj91BmPmpU1605g@mail.gmail.com>
To: Brian Smith <brian@briansmith.org>
Cc: Ryan Sleevi <sleevi@google.com>, Brad Hill <hillbrad@fb.com>, Anne van Kesteren <annevk@annevk.nl>, Brad Hill <hillbrad@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Fri, Nov 14, 2014 at 5:34 AM, Brian Smith <brian@briansmith.org> wrote:

> > Since I like security more than complexity, consider it a +1 to spec'ing
> it,
> > and then we revisit during whenever that point during the revised W3C
> > process where people actually implement and discover it might need to be
> > opt-in for some time before (eventually) becoming default.
> I think this can be specified by just adding a couple of sentences
> and/or bullet points to the existing Mixed Content draft. I am happy
> to write that up, if people agree.

I would be happy for you to do the work. :)

Received on Friday, 14 November 2014 07:53:54 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:42 UTC