- From: Chris Palmer <palmer@google.com>
- Date: Tue, 2 Sep 2014 14:17:22 -0700
- To: Anne van Kesteren <annevk@annevk.nl>
- Cc: Jeffrey Yasskin <jyasskin@google.com>, Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Sun, Aug 31, 2014 at 10:02 AM, Anne van Kesteren <annevk@annevk.nl> wrote: >Some engines might > also have the certificate pinned to the origin so for TLS-origins an > additional comparison is made other than scheme/host/port. I don't know of any JavaScript execution context that treats key-pinned TLS as being a different origin than non-pinned; or treating pinned-but-different-keys as distinct origins. Do you mean to say that you do know of such JS execution contexts?
Received on Tuesday, 2 September 2014 21:17:49 UTC