W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2015

Re: [blink-dev] Proposal: Marking HTTP As Non-Secure

From: Jim Manico <jim.manico@owasp.org>
Date: Mon, 12 Jan 2015 10:59:39 -1000
Message-ID: <-6586571648380549507@unknownmsgid>
To: Daniel Veditz <dveditz@mozilla.com>
Cc: Craig Francis <craig.francis@gmail.com>, blink-dev <blink-dev@chromium.org>, Jiri Danek <softwaredevjirka@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, security-dev <security-dev@chromium.org>, "mozilla-dev-security@lists.mozilla.org" <mozilla-dev-security@lists.mozilla.org>
I'll pass this to my people and get back to you. Stoked that Firefox
is on route to supporting pinning!

Jim Manico
(808) 652-3805

> On Jan 11, 2015, at 4:17 PM, Daniel Veditz <dveditz@mozilla.com> wrote:
>> On 1/7/15 4:40 AM, Jim Manico wrote:
>> The experimental IETF Pinning headers in Chrome/Chromium are broken in
>> several ways, bugs have been submitted and it's being worked on. I can
>> put you in touch with the bug submitter if you like.
> Have you tried the same thing in Firefox Beta? We may have a similar
> interpretation of the specs and have similar bugs.
> https://www.mozilla.org/en-US/firefox/35.0beta/releasenotes/
> -Dan Veditz
Received on Monday, 12 January 2015 21:00:12 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:09 UTC