Hey Mike, Mike West <mkwst@google.com> writes: > Let's extend this CfC to next week's call as well. The only actionable > feedback has been Brian's questions around whether this is something > we should be focusing on[1]. I hope I've responded to that adequately, > but delaying publication until there's more positive response seems > prudent. > > In the meantime, I've updated > https://w3c.github.io/webappsec/specs/csp-pinning/published/2015-02-FPWD.html > a bit. Feedback welcome. :) > > [1]: https://lists.w3.org/Archives/Public/public-webappsec/2015Feb/0223.html > [2]: https://lists.w3.org/Archives/Public/public-webappsec/2015Feb/0246.html I share Brian's other 2 concerns: - Pinning directives that are not purely restrictive. Are you open to excluding them for now? - Is there a reason to not limiting pinning to ServiceWork path? Thanks, DeianReceived on Monday, 16 February 2015 18:38:49 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:46 UTC