W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2015

Re: CSP: Drop IP-matching? (was Re: [CSP] URI/IRI normalization and comparison)

From: Brian Smith <brian@briansmith.org>
Date: Mon, 26 Jan 2015 11:46:01 -0800
Message-ID: <CAFewVt79amPF6b8DyRoEn03gMLpixu60tMijyAZy9osfnHi6xQ@mail.gmail.com>
To: Brad Hill <hillbrad@gmail.com>
Cc: Mike West <mkwst@google.com>, Anne van Kesteren <annevk@annevk.nl>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Brad Hill <hillbrad@gmail.com> wrote:
> Public CAs are only to stop issuing for IP addresses in reserved ranges, I
> believe. (10.0.0.0, 171.16.0.0, 192.168.0.0, 127.0.0.1)

Yes, unfortunately, that does seem to be the case.

I still think it is fine for CSP to restrict itself to 127.0.0.1 and ::1.

Cheers,
Brian
Received on Monday, 26 January 2015 19:46:28 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:09 UTC