public-webappsec@w3.org from February 2015 by author

=JeffH

• Re: Upgrade mixed content URLs through HTTP header (Monday, 23 February)

Aaron Colwell

• Re: Fetch, MSE, and MIX (Friday, 20 February)

Adam Langley

• Re: Private Devices and IoT (was Proposal: Marking HTTP As Non-Secure) (Monday, 23 February)

Alex Russell

• Re: BIKESHED: Rename "Powerful features"? (Thursday, 19 February)
• Re: WebAppSec re-charter status (Thursday, 5 February)

Andrei Popov

• RE: [Unbearable] IETF seeking feedback on proposed "Token Binding" Working Group (Wednesday, 11 February)

Anne van Kesteren

• Re: CORS performance (Wednesday, 25 February)
• Re: CORS performance (Tuesday, 24 February)
• Re: CORS performance (Monday, 23 February)
• Re: CORS performance proposal (Sunday, 22 February)
• Re: CORS performance proposal (Saturday, 21 February)
• Re: CORS explained simply (Friday, 20 February)
• Re: CORS performance proposal (Friday, 20 February)
• Re: CORS explained simply (Friday, 20 February)
• CORS performance proposal (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Tuesday, 17 February)
• CORS performance (Tuesday, 17 February)
• Re: WebAppSec re-charter status (Friday, 13 February)
• Re: WebAppSec re-charter status (Thursday, 12 February)
• Re: WebAppSec re-charter status (Thursday, 12 February)
• Re: WebAppSec re-charter status (Thursday, 12 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: WebAppSec re-charter status (Thursday, 12 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: [Unbearable] IETF seeking feedback on proposed "Token Binding" Working Group (Wednesday, 11 February)
• Re: UPGRADE: Feature detection? (Wednesday, 11 February)
• Re: IETF seeking feedback on proposed "Token Binding" Working Group (Wednesday, 11 February)
• Re: WebAppSec re-charter status (Friday, 6 February)
• Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison) (Thursday, 5 February)
• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Wednesday, 4 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Wednesday, 4 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Wednesday, 4 February)
• Re: Upgrade mixed content URLs through HTTP header (Wednesday, 4 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Tuesday, 3 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Monday, 2 February)
• Re: Upgrade mixed content URLs through HTTP header (Monday, 2 February)
• Upgrade mixed content URLs through HTTP header (Monday, 2 February)

Arthur Barstow

• RfC: Manifest for web application; review deadline March 5 (Friday, 13 February)
• IETF seeking feedback on proposed "Token Binding" Working Group (Wednesday, 11 February)
• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Wednesday, 4 February)

Austin William Wright

• Re: Upgrade mixed content URLs through HTTP header (Wednesday, 4 February)

Ben Wilson

• Always on SSL (Tuesday, 10 February)

Bjoern Hoehrmann

• Re: CORS performance proposal (Friday, 20 February)
• Re: CORS performance proposal (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Tuesday, 17 February)
• Re: CORS performance (Tuesday, 17 February)
• Re: WebAppSec re-charter status (Friday, 13 February)
• Re: WebAppSec re-charter status (Friday, 13 February)
• Re: WebAppSec re-charter status (Friday, 13 February)
• Re: UPGRADE: Feature detection? (Thursday, 12 February)
• Re: CfC: Transition CSP2 to CR. (Wednesday, 11 February)
• Re: CfC: Transition CSP2 to CR. (Wednesday, 11 February)
• Re: CfC approved: CSP Level 2 to Candidate Recommendation (Wednesday, 11 February)
• Re: CfC: Transition CSP2 to CR. (Monday, 9 February)
• Re: CfC: Transition CSP2 to CR. (Saturday, 7 February)
• Re: WebAppSec re-charter status (Thursday, 5 February)

Brad Hill

• Re: why does plugin-types inherit to nested browsing contexts? (Wednesday, 25 February)
• Re: [MIX] Require HTTPS scripts to be able to anything HTTP scripts can do. (Wednesday, 25 February)
• Re: draft minutes from 23-Feb teleconference available (Monday, 23 February)
• draft minutes from 23-Feb teleconference available (Monday, 23 February)
• last charter update (Monday, 23 February)
• Re: CfC to publish FPWD of CSP Pinning; deadline Feb. 9th (Monday, 23 February)
• [webappsec] Teleconference Agenda, 23-Feb-2015 (Monday, 23 February)
• [webappsec] agenda - coming soon (Monday, 23 February)
• Re: Fetch, MSE, and MIX (Friday, 20 February)
• Re: CORS explained simply (Friday, 20 February)
• Re: CORS explained simply (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: Follow-up to TAG meeting on Powerful Features (Wednesday, 18 February)
• Re: CORS performance (Tuesday, 17 February)
• Re: Follow-up to TAG meeting on Powerful Features (Tuesday, 17 February)
• Re: WebAppSec re-charter status (Friday, 13 February)
• Re: UPGRADE: Goals? (was Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th.) (Wednesday, 11 February)
• Re: Process? (was Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th.) (Wednesday, 11 February)
• Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Tuesday, 10 February)
• Re: CfC approved: CSP Level 2 to Candidate Recommendation (Tuesday, 10 February)
• CfC approved: CSP Level 2 to Candidate Recommendation (Monday, 9 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Monday, 9 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Monday, 9 February)
• [webappsec] Teleconference Agenda, 09-Feb-2015 (Monday, 9 February)
• Re: WebAppSec re-charter status (Sunday, 8 February)
• Re: CfC: Transition CSP2 to CR. (Saturday, 7 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Thursday, 5 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Thursday, 5 February)
• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Wednesday, 4 February)
• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Wednesday, 4 February)

Brian Smith

• Re: Entry Point Regulation vs Simpler Solutions (was Re: WebAppSec re-charter status) (Thursday, 26 February)
• Re: Entry Point Regulation vs Simpler Solutions (was Re: WebAppSec re-charter status) (Wednesday, 25 February)
• Re: Fetch, MSE, and MIX (Wednesday, 25 February)
• Re: Fetch, MSE, and MIX (Friday, 20 February)
• Re: CORS performance proposal (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: Service Workers and MIX (was Re: MIX: Exiting last call?) (Tuesday, 17 February)
• Re: CfC: Transition Mixed Content to CR; deadline Feb 23rd. (Tuesday, 17 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Friday, 13 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Friday, 13 February)
• Entry Point Regulation vs Simpler Solutions (was Re: WebAppSec re-charter status) (Thursday, 12 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Wednesday, 11 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Wednesday, 11 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Wednesday, 11 February)
• Re: Proposal: A pinning mechanism for CSP? (Wednesday, 11 February)
• Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Wednesday, 11 February)
• Re: CfC approved: CSP Level 2 to Candidate Recommendation (Wednesday, 11 February)
• Re: CfC: Transition CSP2 to CR. (Wednesday, 11 February)
• Re: CfC: Transition CSP2 to CR. (Wednesday, 11 February)
• Re: Proposal: A pinning mechanism for CSP? (Monday, 9 February)
• Re: CfC: Transition CSP2 to CR. (Monday, 9 February)
• iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Monday, 9 February)
• Re: [CSP] Clarifications on nonces (Monday, 9 February)
• Re: [CSP] Clarifications on nonces (Monday, 9 February)
• Re: [SRI] unsupported hashes and invalid metadata (Monday, 9 February)
• Re: [SRI] unsupported hashes and invalid metadata (Monday, 9 February)
• Re: [SRI] unsupported hashes and invalid metadata (Monday, 9 February)
• Issues with reflected-xss (was Re: CfC: Transition CSP2 to CR.) (Monday, 9 February)
• Re: CfC: Transition CSP2 to CR. (Monday, 9 February)
• Re: CfC: Transition CSP2 to CR. (Friday, 6 February)
• Re: Proposal: A pinning mechanism for CSP? (Friday, 6 February)
• Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison) (Thursday, 5 February)

chaals@yandex-team.ru

• Re: CORS explained simply (Friday, 20 February)
• Re: WebAppSec re-charter status (Wednesday, 4 February)

Chris Palmer

• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Thursday, 5 February)

Crispin Cowan

• RE: BIKESHED: Rename "Powerful features"? (Monday, 23 February)
• RE: BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• RE: BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• RE: Follow-up to TAG meeting on Powerful Features (Tuesday, 17 February)
• RE: Signed CSP (Monday, 16 February)
• RE: Signed CSP (Monday, 16 February)
• RE: Signed CSP (Sunday, 15 February)
• RE: Signed CSP (Sunday, 15 February)
• RE: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Wednesday, 11 February)
• RE: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Tuesday, 10 February)
• RE: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Monday, 9 February)
• RE: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Tuesday, 3 February)
• RE: [CSP] Dynamic CSP (Monday, 2 February)

Dale Harvey

• Re: CORS performance proposal (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)

Daniel Appelquist

• Re: Follow-up to TAG meeting on Powerful Features (Tuesday, 17 February)

Daniel Kahn Gillmor

• Re: UPGRADE: Feature detection? (Wednesday, 11 February)
• Re: UPGRADE: Feature detection? (Wednesday, 11 February)
• Re: UPGRADE: Goals? (was Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th.) (Wednesday, 11 February)
• Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Wednesday, 11 February)
• Re: [MIX] 4 possible solutions to the problem of Mixed Content Blocking stalling HTTPS deployment (Thursday, 5 February)
• Re: [CSP] Dynamic CSP (Wednesday, 4 February)
• Re: [CSP] Dynamic CSP (Wednesday, 4 February)
• Re: Upgrade mixed content URLs through HTTP header (Wednesday, 4 February)
• Re: Upgrade mixed content URLs through HTTP header (Monday, 2 February)

Daniel Veditz

• Re: CfC approved: CSP Level 2 to Candidate Recommendation (Tuesday, 10 February)
• Re: Proposal: A pinning mechanism for CSP? (Sunday, 1 February)

David Bruant

• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)

David Ross

• Re: Entry Point Regulation vs Simpler Solutions (was Re: WebAppSec re-charter status) (Thursday, 26 February)
• Re: WebAppSec re-charter status (Thursday, 12 February)
• Re: Entry Point Regulation vs Simpler Solutions (was Re: WebAppSec re-charter status) (Thursday, 12 February)
• Re: WebAppSec re-charter status (Thursday, 12 February)
• Re: WebAppSec re-charter status (Wednesday, 11 February)

David Walp

• RE: Upgrade mixed content URLs through HTTP header (Tuesday, 17 February)

Deian Stefan

• Re: CfC to publish FPWD of CSP Pinning; deadline Feb. 9th (Monday, 16 February)
• Re: CfC to publish FPWD of CSP Pinning; deadline Feb. 9th (Monday, 16 February)
• Re: WebAppSec re-charter status (Monday, 9 February)
• Re: WebAppSec re-charter status (Monday, 9 February)
• Re: WebAppSec re-charter status (Monday, 9 February)
• Re: WebAppSec re-charter status (Monday, 9 February)
• Re: WebAppSec re-charter status (Thursday, 5 February)
• Re: [CSP] Dynamic CSP (Wednesday, 4 February)

Devdatta Akhawe

• Re: why does plugin-types inherit to nested browsing contexts? (Friday, 27 February)
• Re: why does plugin-types inherit to nested browsing contexts? (Thursday, 26 February)
• Re: why does plugin-types inherit to nested browsing contexts? (Thursday, 26 February)
• Re: CORS performance (Tuesday, 17 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Friday, 13 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Friday, 13 February)
• Re: referrer spec and backwards compatibility (Tuesday, 10 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Monday, 9 February)
• Re: referrer spec and backwards compatibility (Monday, 9 February)
• Re: WebAppSec re-charter status (Monday, 9 February)
• Re: WebAppSec re-charter status (Monday, 9 February)
• referrer spec and backwards compatibility (Monday, 9 February)
• Re: [SRI] unsupported hashes and invalid metadata (Monday, 9 February)
• Re: WebAppSec re-charter status (Monday, 9 February)
• Re: [SRI] unsupported hashes and invalid metadata (Monday, 9 February)
• Re: CfC: Transition CSP2 to CR. (Monday, 9 February)
• Re: WebAppSec re-charter status (Monday, 9 February)
• Re: [SRI] unsupported hashes and invalid metadata (Sunday, 8 February)
• Re: Upgrade mixed content URLs through HTTP header (Friday, 6 February)
• Re: Upgrade mixed content URLs through HTTP header (Friday, 6 February)

Eduardo' Vela\

• Re: Entry Point Regulation vs Simpler Solutions (was Re: WebAppSec re-charter status) (Thursday, 26 February)
• Re: Entry Point Regulation vs Simpler Solutions (was Re: WebAppSec re-charter status) (Wednesday, 25 February)
• Re: BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• Re: Entry Point Regulation vs Simpler Solutions (was Re: WebAppSec re-charter status) (Friday, 13 February)
• Re: WebAppSec re-charter status (Friday, 13 February)
• Re: WebAppSec re-charter status (Friday, 13 February)
• Re: WebAppSec re-charter status (Thursday, 12 February)
• Re: WebAppSec re-charter status (Thursday, 12 February)
• Re: WebAppSec re-charter status (Thursday, 12 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Tuesday, 3 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)

Emily Stark

• Re: why does plugin-types inherit to nested browsing contexts? (Thursday, 26 February)
• why does plugin-types inherit to nested browsing contexts? (Wednesday, 25 February)
• Re: Upgrade mixed content URLs through HTTP header (Wednesday, 4 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)

Eric Mill

• Re: CORS performance (Wednesday, 18 February)
• Re: Proposal: A pinning mechanism for CSP? (Saturday, 7 February)
• Re: [MIX] 4 possible solutions to the problem of Mixed Content Blocking stalling HTTPS deployment (Wednesday, 4 February)

Francois Marier

• Re: draft minutes from 23-Feb teleconference available (Monday, 23 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Friday, 13 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Friday, 13 February)
• [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: CfC: Transition CSP2 to CR. (Monday, 9 February)
• Re: CfC: Transition CSP2 to CR. (Monday, 9 February)
• Re: [SRI] unsupported hashes and invalid metadata (Monday, 9 February)

Frederik Braun

• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Thursday, 5 February)
• Asynchronous decision making (Re: WebAppSec re-charter status) (Wednesday, 4 February)

Henri Sivonen

• Re: CORS performance (Monday, 23 February)

henry.story@bblfish.net

• CORS explained simply (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)

Jacob Hoffman-Andrews

• Re: UPGRADE: Feature detection? (Wednesday, 11 February)
• Re: [MIX] 4 possible solutions to the problem of Mixed Content Blocking stalling HTTPS deployment (Wednesday, 4 February)
• Re: Upgrade mixed content URLs through HTTP header (Wednesday, 4 February)

James M Snell

• Re: CORS performance (Thursday, 19 February)

Jeffrey Walton

• Re: Private Devices and IoT (was Proposal: Marking HTTP As Non-Secure) (Monday, 23 February)
• Private Devices and IoT (was Proposal: Marking HTTP As Non-Secure) (Sunday, 22 February)
• Server Certificates, Internal Names, and Browser support after October 2016 (Monday, 2 February)

Jeffrey Yasskin

• Re: BIKESHED: Rename "Powerful features"? (Tuesday, 24 February)
• Re: BIKESHED: Rename "Powerful features"? (Monday, 23 February)
• Re: BIKESHED: Rename "Powerful features"? (Monday, 23 February)
• Re: BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• Re: WebAppSec re-charter status (Friday, 6 February)

Jim Manico

• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Tuesday, 10 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Monday, 9 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Monday, 9 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Monday, 9 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Monday, 9 February)
• Re: [CSP] Clarifications on nonces (Monday, 9 February)
• Re: [SRI] unsupported hashes and invalid metadata (Monday, 9 February)
• Re: Upgrade mixed content URLs through HTTP header (Monday, 2 February)
• Re: Upgrade mixed content URLs through HTTP header (Monday, 2 February)

Joel Weinberger

• Re: Requiring Authenticated Origins for Geolocation API's: Status (Friday, 27 February)
• Intent to deprecate: Insecure usage of powerful features (Thursday, 26 February)

John Wong

• Re: Upgrade mixed content URLs through HTTP header (Friday, 6 February)

Jonas Sicking

• Re: CORS performance (Tuesday, 24 February)
• Re: CORS performance (Monday, 23 February)
• Re: CORS performance proposal (Monday, 23 February)
• Re: CORS performance proposal (Monday, 23 February)
• Re: CORS performance (Monday, 23 February)
• Re: CORS performance proposal (Friday, 20 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance proposal (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance (Thursday, 19 February)

Julian Reschke

• Re: UPGRADE: Feature detection? (Thursday, 12 February)

Mandyam, Giridhar

• Requiring Authenticated Origins for Geolocation API's: Status (Wednesday, 25 February)

Mark Watson

• Re: BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• Re: BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• Re: BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• Re: Follow-up to TAG meeting on Powerful Features (Tuesday, 17 February)

Martin Thomson

• Re: CORS performance proposal (Saturday, 21 February)
• Re: CORS performance proposal (Friday, 20 February)
• Re: CORS performance (Thursday, 19 February)
• Re: CORS performance proposal (Thursday, 19 February)
• Re: UPGRADE: Feature detection? (Thursday, 12 February)
• Re: UPGRADE: Feature detection? (Thursday, 12 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: WebAppSec re-charter status (Monday, 9 February)
• Re: WebAppSec re-charter status (Monday, 9 February)
• Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison) (Thursday, 5 February)
• Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison) (Wednesday, 4 February)
• Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison) (Wednesday, 4 February)

Michal Zalewski

• Re: BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• Re: Signed CSP (Monday, 16 February)

Mike West

• Re: why does plugin-types inherit to nested browsing contexts? (Friday, 27 February)
• Re: why does plugin-types inherit to nested browsing contexts? (Thursday, 26 February)
• Re: BIKESHED: Rename "Powerful features"? (Monday, 23 February)
• Re: BIKESHED: Rename "Powerful features"? (Monday, 23 February)
• Re: CORS performance (Thursday, 19 February)
• Re: BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• Re: CfC: Transition Mixed Content to CR; deadline Feb 23rd. (Wednesday, 18 February)
• Re: Service Workers and MIX (was Re: MIX: Exiting last call?) (Wednesday, 18 February)
• Re: Follow-up to TAG meeting on Powerful Features (Wednesday, 18 February)
• Re: CfC to publish FPWD of CSP Pinning; deadline Feb. 9th (Monday, 16 February)
• Re: CfC to publish FPWD of CSP Pinning; deadline Feb. 9th (Monday, 16 February)
• Re: CfC to publish FPWD of CSP Pinning; deadline Feb. 9th (Monday, 16 February)
• Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Monday, 16 February)
• CfC: Transition Mixed Content to CR; deadline Feb 23rd. (Monday, 16 February)
• Re: UPGRADE: Feature detection? (Friday, 13 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Friday, 13 February)
• Re: UPGRADE: Feature detection? (Thursday, 12 February)
• Re: Credentials Management API & multiple-credentials. (Thursday, 12 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: Proposal: A pinning mechanism for CSP? (Thursday, 12 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)
• Re: UPGRADE: Feature detection? (Thursday, 12 February)
• Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Thursday, 12 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Thursday, 12 February)
• Re: UPGRADE: Feature detection? (Thursday, 12 February)
• Re: UPGRADE: Goals? (was Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th.) (Thursday, 12 February)
• Re: UPGRADE: Feature detection? (Wednesday, 11 February)
• UPGRADE: Feature detection? (Wednesday, 11 February)
• Re: Process? (was Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th.) (Wednesday, 11 February)
• Process? (was Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th.) (Wednesday, 11 February)
• UPGRADE: Goals? (was Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th.) (Wednesday, 11 February)
• Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Wednesday, 11 February)
• Re: CfC approved: CSP Level 2 to Candidate Recommendation (Wednesday, 11 February)
• Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Wednesday, 11 February)
• Re: referrer spec and backwards compatibility (Wednesday, 11 February)
• Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Tuesday, 10 February)
• CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Tuesday, 10 February)
• Re: CfC to publish FPWD of CSP Pinning; deadline Feb. 9th (Tuesday, 10 February)
• Re: referrer spec and backwards compatibility (Tuesday, 10 February)
• Re: CfC approved: CSP Level 2 to Candidate Recommendation (Tuesday, 10 February)
• Re: CfC: Transition CSP2 to CR. (Tuesday, 10 February)
• Re: Proposal: A pinning mechanism for CSP? (Monday, 9 February)
• Re: iframe sandbox for third-party widgets and ads (was Re: [CSP] Clarifications on nonces) (Monday, 9 February)
• Re: CfC: Transition CSP2 to CR. (Monday, 9 February)
• Re: [CSP] Clarifications on nonces (Monday, 9 February)
• Re: [CSP] Clarifications on nonces (Monday, 9 February)
• Re: referrer spec and backwards compatibility (Monday, 9 February)
• Re: CfC: Transition CSP2 to CR. (Monday, 9 February)
• Re: Proposal: A pinning mechanism for CSP? (Monday, 9 February)
• Re: Upgrade mixed content URLs through HTTP header (Monday, 9 February)
• Re: CfC: Transition CSP2 to CR. (Saturday, 7 February)
• Re: CfC: Transition CSP2 to CR. (Saturday, 7 February)
• Re: Proposal: A pinning mechanism for CSP? (Saturday, 7 February)
• Re: CfC: Transition CSP2 to CR. (Friday, 6 February)
• Re: Upgrade mixed content URLs through HTTP header (Friday, 6 February)
• Re: Upgrade mixed content URLs through HTTP header (Friday, 6 February)
• Re: Upgrade mixed content URLs through HTTP header (Friday, 6 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Thursday, 5 February)
• Re: WebAppSec re-charter status (Thursday, 5 February)
• Re: [CSP] Dynamic CSP (Thursday, 5 February)
• Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison) (Thursday, 5 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Thursday, 5 February)
• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Thursday, 5 February)
• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Wednesday, 4 February)
• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Wednesday, 4 February)
• Re: [CSP] Dynamic CSP (Wednesday, 4 February)
• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Wednesday, 4 February)
• Re: Upgrade mixed content URLs through HTTP header (Wednesday, 4 February)
• Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison) (Wednesday, 4 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Wednesday, 4 February)
• Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison) (Wednesday, 4 February)
• Re: [CSP] Dynamic CSP (Wednesday, 4 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Wednesday, 4 February)
• Re: Upgrade mixed content URLs through HTTP header (Wednesday, 4 February)
• Re: [MIX] 4 possible solutions to the problem of Mixed Content Blocking stalling HTTPS deployment (Wednesday, 4 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Tuesday, 3 February)
• An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Monday, 2 February)
• Re: Upgrade mixed content URLs through HTTP header (Monday, 2 February)
• Re: Upgrade mixed content URLs through HTTP header (Monday, 2 February)
• CfC to publish FPWD of CSP Pinning; deadline Feb. 9th (Monday, 2 February)
• Re: Proposal: A pinning mechanism for CSP? (Monday, 2 February)

Oda, Terri

• Re: BIKESHED: Rename "Powerful features"? (Saturday, 21 February)
• Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison) (Thursday, 5 February)
• Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison) (Wednesday, 4 February)

Odin Hørthe Omdal

• Re: CORS explained simply (Friday, 20 February)

Peter Eckersley

• Re: [MIX] 4 possible solutions to the problem of Mixed Content Blocking stalling HTTPS deployment (Friday, 6 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Thursday, 5 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Wednesday, 4 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Wednesday, 4 February)
• Re: An HTTP->HTTPS upgrading strawman. (was Re: Upgrade mixed content URLs through HTTP header) (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)
• [MIX] 4 possible solutions to the problem of Mixed Content Blocking stalling HTTPS deployment (Tuesday, 3 February)

rektide@voodoowarez.com

• Credentials Management API & multiple-credentials. (Tuesday, 10 February)

Ryan Sleevi

• Re: Fetch, MSE, and MIX (Wednesday, 25 February)
• Re: Fetch, MSE, and MIX (Friday, 20 February)
• Fetch, MSE, and MIX (Friday, 20 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 17 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)

Scott Arciszewski

• Re: Signed CSP (Monday, 16 February)
• Re: Signed CSP (Monday, 16 February)
• Re: Signed CSP (Monday, 16 February)
• Re: Signed CSP (Sunday, 15 February)
• Re: Signed CSP (Sunday, 15 February)
• Signed CSP (Sunday, 15 February)

Scott Beardsley

• Re: [Referrer] Adding a referrer attribute delivery mechanism (Friday, 13 February)
• RE: [Referrer] Adding a referrer attribute delivery mechanism (Thursday, 12 February)

Tanvi Vyas

• Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th. (Tuesday, 10 February)
• Re: Upgrade mixed content URLs through HTTP header (Friday, 6 February)

Tim Berners-Lee

• Re: [MIX] Require HTTPS scripts to be able to anything HTTP scripts can do. (Wednesday, 25 February)

Tom Ritter

• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 17 February)
• Re: [MIX] 4 possible solutions to the problem of Mixed Content Blocking stalling HTTPS deployment (Wednesday, 4 February)
• Re: Upgrade mixed content URLs through HTTP header (Wednesday, 4 February)
• Re: Server Certificates, Internal Names, and Browser support after October 2016 (Monday, 2 February)

Web Application Security Working Group Issue Tracker

• webappsec-ACTION-214: Ask mozilla ac rep about the current status of their charter objections (Monday, 23 February)
• webappsec-ACTION-213: Reply to brian smith re: csp2 to cr (Monday, 9 February)
• webappsec-ACTION-212: Issue cfc to take mixed content to cr (Monday, 9 February)

Wendy Seltzer

• Re: Follow-up to TAG meeting on Powerful Features (Wednesday, 18 February)
• Follow-up to TAG meeting on Powerful Features (Monday, 16 February)
• Re: Process? (was Re: CfC to publish FPWD of "Upgrade Insecure Resources"; Deadline Feb 17th.) (Wednesday, 11 February)
• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Wednesday, 4 February)
• Re: Asynchronous decision making (Re: WebAppSec re-charter status) (Wednesday, 4 February)
• WebAppSec re-charter status (Wednesday, 4 February)
• Re: Upgrade mixed content URLs through HTTP header (Tuesday, 3 February)

Xiaoyin Liu

• RE: Upgrade mixed content URLs through HTTP header (Friday, 6 February)

Yan Zhu

• Re: BIKESHED: Rename "Powerful features"? (Monday, 23 February)
• Re: BIKESHED: Rename "Powerful features"? (Wednesday, 18 February)
• Re: Signed CSP (Tuesday, 17 February)
• Re: Follow-up to TAG meeting on Powerful Features (Tuesday, 17 February)

Yoav Weiss

• Re: [CSP] Dynamic CSP (Monday, 2 February)

Last message date: Friday, 27 February 2015 18:21:56 UTC