W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2014

Re: [MIX] Is origin an authenticated origin?

From: Anne van Kesteren <annevk@annevk.nl>
Date: Tue, 28 Oct 2014 17:20:12 +0100
Message-ID: <CADnb78jJ3DWkr4TQTOd23rFsU-Y3mri8ye37UOi4X4QtAZNYmQ@mail.gmail.com>
To: Mike West <mkwst@google.com>
Cc: WebAppSec WG <public-webappsec@w3.org>
On Tue, Oct 28, 2014 at 5:09 PM, Mike West <mkwst@google.com> wrote:
> That said, one nit: Chrome has no need to distinguish between "deprecated"
> and "weak", but other browsers might.

Would be interesting to hear about. If we want this to converge at
some point it would be good to get some agreement on this.

Also, a synthetic Response can take its TLS state from the environment
it is created in, right? (Assuming environments get a TLS state as
well.)


-- 
https://annevankesteren.nl/
Received on Tuesday, 28 October 2014 16:20:39 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC