public-webappsec@w3.org from September 2014: by subject

[CSP] compatibility between CSP1.1 and CSP2

Hatter Jiang (Saturday, 13 September)
Devdatta Akhawe (Friday, 12 September)
Hatter Jiang OWS (Friday, 12 September)

[CSP] Compatibility with 1.1 or 1.0

Mike West (Monday, 1 September)

[CSP] kill or delay child-src?

Mike West (Monday, 1 September)
Anne van Kesteren (Monday, 1 September)

[CSP] may we have script-ancestors to protect JSONP call

Anne van Kesteren (Monday, 1 September)

[CSP] Regarding style-src unsafe-eval and CSSOM

Mike West (Wednesday, 3 September)
Frederik Braun (Monday, 1 September)

[CSP] why we do it!

Kevin Hill (Monday, 8 September)

[Integrity] hash in HTTP header field

Julian Reschke (Tuesday, 16 September)

[Integrity] Some comments on Cross-Origin leakage and content types

Devdatta Akhawe (Thursday, 25 September)
Ángel González (Thursday, 25 September)
Ilya Grigorik (Tuesday, 23 September)
Devdatta Akhawe (Tuesday, 23 September)
Brad Hill (Tuesday, 23 September)
Arjan Veenstra (Monday, 22 September)
Arjan Veenstra (Monday, 22 September)
Devdatta Akhawe (Monday, 22 September)
Anne van Kesteren (Sunday, 21 September)
Arjan Veenstra (Saturday, 20 September)

[Integrity] Some comments on Subresource Integrity draft

Ángel González (Monday, 15 September)

[MIX] Feedback on the private origin & self-signed certificate requirements

Devdatta Akhawe (Wednesday, 17 September)
Brad Hill (Wednesday, 17 September)
Chen, Zhigao (Wednesday, 17 September)
Hill, Brad (Tuesday, 16 September)
Mike West (Tuesday, 16 September)
Hill, Brad (Monday, 15 September)
Chen, Zhigao (Sunday, 14 September)
Chen, Zhigao (Monday, 15 September)
Mike West (Sunday, 14 September)

[webappsec] Agenda: WebAppSec WG Teleconference 10-September-2014 08:00 PDT

Brad Hill (Tuesday, 9 September)

[webappsec] Changing my organizational hats

Brad Hill (Friday, 26 September)

[webappsec] Concluding the Last Call period for CSP Level 2

Mike West (Wednesday, 3 September)
Mike West (Monday, 1 September)

[webappsec] Poll: new teleconference time

Hill, Brad (Monday, 15 September)

[webappsec] Re-chartering discussions at TPAC

Brad Hill (Wednesday, 17 September)

[webappsec] tomorrow's call CANCELLED

Brad Hill (Wednesday, 24 September)

CfC: Publish a new WD of MIX.

Kevin Hill (Wednesday, 10 September)
Brad Hill (Wednesday, 10 September)
Mike West (Wednesday, 3 September)

CSP for WebRTC

Martin Thomson (Saturday, 6 September)
Mike West (Wednesday, 3 September)
Martin Thomson (Tuesday, 2 September)
Anne van Kesteren (Monday, 1 September)

CSP Level 2 last call comment

Boris Zbarsky (Wednesday, 3 September)
Mike West (Wednesday, 3 September)
Anne van Kesteren (Wednesday, 3 September)
Mike West (Wednesday, 3 September)
Brad Hill (Tuesday, 2 September)
Brad Hill (Tuesday, 2 September)
Devdatta Akhawe (Monday, 1 September)
Mike West (Monday, 1 September)

CSP reports on eval() and inline

Neil Matatall (Tuesday, 16 September)
Pete Freitag (Friday, 5 September)
Pawel Krawczyk (Thursday, 4 September)
Neil Matatall (Thursday, 4 September)
Hill, Brad (Thursday, 4 September)
Neil Matatall (Thursday, 4 September)
Neil Matatall (Thursday, 4 September)
Hill, Brad (Thursday, 4 September)
Mike West (Thursday, 4 September)
Pawel Krawczyk (Wednesday, 3 September)

CSP: Minimum cipher strength

Hill, Brad (Monday, 15 September)
Austin William Wright (Monday, 15 September)
Anne van Kesteren (Monday, 15 September)
Jim Manico (Sunday, 14 September)
Tom Ritter (Sunday, 14 September)
Ryan Sleevi (Wednesday, 10 September)
Daniel Kahn Gillmor (Wednesday, 10 September)
Frederik Braun (Wednesday, 10 September)
Mike West (Wednesday, 10 September)
Frederik Braun (Tuesday, 9 September)
John Yeuk Hon Wong (Tuesday, 9 September)
Ángel González (Monday, 8 September)
Jeffrey Walton (Monday, 8 September)
Erlend Oftedal (Monday, 8 September)

Defining secure-enough origins.

Anne van Kesteren (Wednesday, 3 September)
Chris Palmer (Tuesday, 2 September)
Chris Palmer (Tuesday, 2 September)

Feature-detecting a Content Security Policy

Marijn Haverbeke (Sunday, 28 September)
Devdatta Akhawe (Saturday, 27 September)
Jim Manico (Saturday, 27 September)
Marijn Haverbeke (Friday, 26 September)

Fwd: Verified Javascript for WebAppSec re-chartering?

Harry Halpin (Wednesday, 24 September)

HTML Imports vs unsafe-inline

Mike West (Thursday, 11 September)
Jeffrey Yasskin (Thursday, 11 September)
Mike West (Thursday, 11 September)
Jeffrey Yasskin (Thursday, 11 September)

ISSUE-65: Does "no referrer" specify a state or is it a token? is a token with a space problematic?

Mike West (Monday, 1 September)

Looking for a home for a proposed Credential Management API.

Mike West (Wednesday, 24 September)

Proposal: not-a-scheme digest URI scheme, with graceful degradation

Eduardo Robles Elvira (Saturday, 20 September)
Brad Hill (Saturday, 20 September)
Eduardo Robles Elvira (Saturday, 20 September)
Julian Reschke (Saturday, 20 September)
Eduardo Robles Elvira (Saturday, 20 September)

Proposal: Prefer secure origins for powerful new web platform features

Mark Watson (Friday, 26 September)
Anne van Kesteren (Friday, 26 September)

Redirects and HSTS

Daniel Kahn Gillmor (Monday, 29 September)
Anne van Kesteren (Saturday, 27 September)
Anne van Kesteren (Saturday, 27 September)
Anne van Kesteren (Saturday, 27 September)
Ryan Sleevi (Saturday, 27 September)
Anne van Kesteren (Saturday, 27 September)
Daniel Veditz (Saturday, 27 September)
=JeffH (Friday, 26 September)
Ryan Sleevi (Friday, 26 September)
Anne van Kesteren (Friday, 26 September)
Anne van Kesteren (Friday, 26 September)
=JeffH (Friday, 26 September)
Tanvi Vyas (Friday, 26 September)
Tanvi Vyas (Friday, 26 September)
Ryan Sleevi (Friday, 26 September)
Anne van Kesteren (Friday, 26 September)
Chris Palmer (Friday, 26 September)
Tanvi Vyas (Friday, 26 September)
Mike West (Friday, 26 September)
Anne van Kesteren (Friday, 26 September)
Mike West (Friday, 26 September)
Anne van Kesteren (Friday, 26 September)
Mike West (Friday, 26 September)
Anne van Kesteren (Friday, 26 September)

Review request for a few WebAppSec specs.

Hill, Brad (Tuesday, 16 September)
Mike West (Friday, 12 September)

SRI: <a> vs integrity

Julian Reschke (Thursday, 4 September)

Subresource integrity in Chromium

Ilya Grigorik (Wednesday, 24 September)
Ilya Grigorik (Wednesday, 24 September)
Mike West (Wednesday, 24 September)
Mike West (Wednesday, 24 September)
Hill, Brad (Wednesday, 24 September)
Joel Weinberger (Tuesday, 23 September)

Verified Javascript for WebAppSec re-chartering?

Harry Halpin (Wednesday, 24 September)

webappsec-ISSUE-67: WebRTC via 'connect-src'?

Web Application Security Working Group Issue Tracker (Wednesday, 3 September)

XMLHttpRequest. Support for "OPTIONS *" method.

Boris Zbarsky (Friday, 5 September)
Julian Reschke (Friday, 5 September)
Anne van Kesteren (Friday, 5 September)
Mark Nottingham (Friday, 5 September)
Anne van Kesteren (Friday, 5 September)

Last message date: Monday, 29 September 2014 14:01:40 UTC