W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2014

Re: [webappsec] Call for Consensus: Stop work on Content Security Policy 1.0, transition to WG Note

From: Devdatta Akhawe <dev.akhawe@gmail.com>
Date: Mon, 20 Oct 2014 19:36:54 -0700
Message-ID: <CAPfop_1gs0ZM69U8ugc3Xa-oJDipEzxjOzKJtmbUq6iO1kbdRw@mail.gmail.com>
To: Brad Hill <hillbrad@gmail.com>
Cc: public-webappsec@w3.org
+1
 On Oct 20, 2014 4:15 PM, "Brad Hill" <hillbrad@gmail.com> wrote:

> WebAppSec members,
>
>  We are on the verge of advancing Content Security Policy Level 2 to
> Candidate Recommendation, at which point it will be at the same
> maturity level as CSP 1.0.
>
>  Whereas:
>
> 1) the incompatible differences are small and implementer intent seems
> to be to apply Level 2 behavior exclusively going forward...
>
> 2) we already lack for resources in test suite development and it is
> unlikely we will build distinct 1.0 and Level 2 test suites as would
> be necessary to advance both reports, or to complete the 1.0 test
> suite before 1.0-specific behaviors become deprecated by user
> agents...
>
> I believe that we should formally abandon the intent to further
> advance 1.0 and transition its status to "Working Group Note"
> (http://www.w3.org/2014/Process-20140801/#Note) upon advancement of
> Level 2 to CR.  Whereafter we would concentrate our efforts on
> advancing, evangelizing and testing CSP Level 2 towards full
> Recommendation status.
>
> This Call for Consensus will conclude during our Monday session at
> TPAC, October 27th.
>
> Comments welcome, positive feedback encouraged, absence of comments
> will be considered assent.
>
> thank you,
>
> Brad Hill
>
>
Received on Tuesday, 21 October 2014 02:37:21 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC