W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2015

Re: [blink-dev] Proposal: Marking HTTP As Non-Secure

From: Daniel Veditz <dveditz@mozilla.com>
Date: Sun, 11 Jan 2015 18:17:30 -0800
Message-ID: <54B32EBA.8070303@mozilla.com>
To: Jim Manico <jim.manico@owasp.org>, Craig Francis <craig.francis@gmail.com>
CC: blink-dev <blink-dev@chromium.org>, Jiri Danek <softwaredevjirka@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, security-dev <security-dev@chromium.org>, "mozilla-dev-security@lists.mozilla.org" <mozilla-dev-security@lists.mozilla.org>
On 1/7/15 4:40 AM, Jim Manico wrote:
> The experimental IETF Pinning headers in Chrome/Chromium are broken in
> several ways, bugs have been submitted and it's being worked on. I can
> put you in touch with the bug submitter if you like.

Have you tried the same thing in Firefox Beta? We may have a similar
interpretation of the specs and have similar bugs.
https://www.mozilla.org/en-US/firefox/35.0beta/releasenotes/

-Dan Veditz
Received on Monday, 12 January 2015 02:17:55 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:09 UTC