W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2014

Re: [SRI] To trust or not to trust a CDN

From: Frederik Braun <fbraun@mozilla.com>
Date: Fri, 21 Nov 2014 14:29:22 +0100
Message-ID: <546F3E32.7080209@mozilla.com>
To: Brian Smith <brian@briansmith.org>
CC: Devdatta Akhawe <dev.akhawe@gmail.com>, Joel Weinberger <jww@chromium.org>, Hatter Jiang OWS <hatter@openwebsecurity.org>, Ben Toews <btoews@github.com>, Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On 20.11.2014 23:00, Brian Smith wrote:
> On Thu, Nov 20, 2014 at 7:24 AM, Frederik Braun <fbraun@mozilla.com> wrote:
>>> "Brian Smith" <brian@briansmith.org>
>>> ... With this in mind, I am surprised that the
>>> current editor's draft cut out support for stylesheets ...
>> Styles are actually included.
>> The current editor's draft is not yet inline with my previous work towards the minimum viable SRI - the markdown file is updated whereas the HTML is not (and that's my fault). I'm currently out of office, so I'll promise to fix this tomorrow morning (CET), unless someone beats me to it (*winking at the co-editors*).
> Great! Which of the use cases are going to get cut for the MVP? 
> ..

The currentt working draft should reflect this. I published an updated
version earlier.
Received on Friday, 21 November 2014 13:29:50 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:43 UTC