W3C home > Mailing lists > Public > public-webappsec@w3.org > September 2014

Re: CSP: Minimum cipher strength

From: Anne van Kesteren <annevk@annevk.nl>
Date: Mon, 15 Sep 2014 09:54:38 +0200
Message-ID: <CADnb78gz-obgEfq39LWHM7ONhgO63Uyz4H79+JfmaiG7nU9Mrw@mail.gmail.com>
To: Jim Manico <jim.manico@owasp.org>
Cc: Tom Ritter <tom@ritter.vg>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Sun, Sep 14, 2014 at 11:39 PM, Jim Manico <jim.manico@owasp.org> wrote:
> Is there some kind of "rolling standard" that could be set to that all
> UA's are on the same page? This seems fairly arbitrary as it stands
> today...

I've wondered why TLS is not a living standard of sorts. Letting all
UAs make their own judgment calls and reverse engineer each other
seems exactly the kind of reason we have standards...

Received on Monday, 15 September 2014 07:55:05 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:40 UTC