W3C home > Mailing lists > Public > public-webappsec@w3.org > September 2014

Re: CSP: Minimum cipher strength

From: Anne van Kesteren <annevk@annevk.nl>
Date: Mon, 15 Sep 2014 09:54:38 +0200
Message-ID: <CADnb78gz-obgEfq39LWHM7ONhgO63Uyz4H79+JfmaiG7nU9Mrw@mail.gmail.com>
To: Jim Manico <jim.manico@owasp.org>
Cc: Tom Ritter <tom@ritter.vg>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Sun, Sep 14, 2014 at 11:39 PM, Jim Manico <jim.manico@owasp.org> wrote:
> Is there some kind of "rolling standard" that could be set to that all
> UA's are on the same page? This seems fairly arbitrary as it stands
> today...

I've wondered why TLS is not a living standard of sorts. Letting all
UAs make their own judgment calls and reverse engineer each other
seems exactly the kind of reason we have standards...


-- 
http://annevankesteren.nl/
Received on Monday, 15 September 2014 07:55:05 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:06 UTC