- From: Jim Manico <jim.manico@owasp.org>
- Date: Mon, 9 Feb 2015 22:03:07 +0100
- To: Crispin Cowan <crispin@microsoft.com>
- Cc: Brad Hill <hillbrad@gmail.com>, Mike West <mkwst@google.com>, Brian Smith <brian@briansmith.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>
I think there will need to be one standard for secure placement with multiple configurable options like CSP. -- Jim Manico @Manicode (808) 652-3805 > On Feb 9, 2015, at 8:37 PM, Crispin Cowan <crispin@microsoft.com> wrote: > > To be clear, are you saying that there is a need for secure placement? Or that there is actually a need for multiple competing versions of secure placement? > > -----Original Message----- > From: Jim Manico [mailto:jim.manico@owasp.org] > Sent: Monday, February 9, 2015 11:32 AM > To: Brad Hill > Cc: Mike West; Brian Smith; public-webappsec@w3.org > Subject: Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) > >> I don't think there is a realistic opportunity to create a market for >> N different and incompatible flavors of "secure" placement > > With respect, this is a core need from advertisers which heavily funds the free web. If this is not addressed, advertisers will try to circumvent standards and go for the holes. I'd rather see a more verbose standard that addresses this need so they stay "in the fold". > > Feeling dirty. > > Aloha, > -- > Jim Manico > @Manicode > (808) 652-3805 > >> On Feb 9, 2015, at 8:23 PM, Brad Hill <hillbrad@gmail.com> wrote: >> >> I don't think there is a realistic opportunity to create a market for >> N different and incompatible flavors of "secure" placement >
Received on Monday, 9 February 2015 21:03:38 UTC