public-webappsec@w3.org from June 2015: by thread

[webappsec] CfC: Proposed non-normative updates to CORS Brad Hill (Tuesday, 30 June)
UPGRADE: 'HTTPS' header causing compatibility issues. Mike West (Tuesday, 30 June)
- Re: UPGRADE: 'HTTPS' header causing compatibility issues. Nottingham, Mark (Tuesday, 30 June)
  - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Adrian Hope-Bailie (Tuesday, 30 June)
    - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Anne van Kesteren (Tuesday, 30 June)
    - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Mike West (Tuesday, 30 June)
    - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Richard Barnes (Tuesday, 30 June)
    - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Mike West (Tuesday, 30 June)
    - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Eric Mill (Tuesday, 30 June)
    - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Richard Barnes (Tuesday, 30 June)
    - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Mike West (Tuesday, 30 June)
    - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Richard Barnes (Tuesday, 30 June)
    - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Mike West (Tuesday, 30 June)
    - Re: UPGRADE: 'HTTPS' header causing compatibility issues. Richard Barnes (Tuesday, 30 June)
Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun) Mike West (Monday, 29 June)
- Re: Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun) Richard Barnes (Monday, 29 June)
  - Re: Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun) Mike West (Tuesday, 30 June)
    - Re: Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun) chaals@yandex-team.ru (Tuesday, 30 June)
    - Chrome. Re: Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun) Anders Rundgren (Tuesday, 30 June)
    - Re: Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun) Anders Rundgren (Tuesday, 30 June)
    - Re: Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun) Odin Hørthe Omdal (Tuesday, 30 June)
    - Re: Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun) Wendy Seltzer (Tuesday, 30 June)
    - Re: Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun) Brad Hill (Tuesday, 30 June)
    - Re: Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun) Brad Hill (Tuesday, 30 June)
[Bug 28861] New: Section 6.2 Preflight Request, step 10, second note: "Access-Control-Allow-Headers" instead of "Access-Control-Request-Headers" bugzilla@jessica.w3.org (Sunday, 28 June)
[webappsec] Teleconference Agenda 29-Jun Brad Hill (Friday, 26 June)
- Re: [webappsec] Teleconference Agenda 29-Jun Brad Hill (Friday, 26 June)
  - Re: [webappsec] Teleconference Agenda 29-Jun Wendy Seltzer (Saturday, 27 June)
    - Re: [webappsec] Teleconference Agenda 29-Jun Brad Hill (Monday, 29 June)
Is secure context enough of a guarantee? Anne van Kesteren (Thursday, 25 June)
[credential-management] initial feedback timeless (Tuesday, 23 June)
Berlin F2F Participation Brad Hill (Monday, 22 June)
CfC: Mixed Content to PR; deadline July 6th. Mike West (Monday, 22 June)
- Re: CfC: Mixed Content to PR; deadline July 6th. Anne van Kesteren (Monday, 22 June)
  - Re: CfC: Mixed Content to PR; deadline July 6th. Mike West (Monday, 22 June)
    - Where to file RFC 6455 bugs? [Was: Re: CfC: Mixed Content to PR; deadline July 6th.] Arthur Barstow (Monday, 22 June)
    - Re: Where to file RFC 6455 bugs? [Was: Re: CfC: Mixed Content to PR; deadline July 6th.] Mark Nottingham (Monday, 22 June)
    - Re: Where to file RFC 6455 bugs? [Was: Re: CfC: Mixed Content to PR; deadline July 6th.] Mike West (Tuesday, 23 June)
- Re: CfC: Mixed Content to PR; deadline July 6th. Brian Smith (Monday, 22 June)
  - Re: CfC: Mixed Content to PR; deadline July 6th. Anne van Kesteren (Monday, 22 June)
Re: some brief comments on mixedcontent Mike West (Monday, 22 June)
[webappsec] TPAC registration is open! Brad Hill (Friday, 19 June)
SRI: Shipped on tip-of-tree Chromium Joel Weinberger (Friday, 19 June)
- Re: SRI: Shipped on tip-of-tree Chromium Brad Hill (Friday, 19 June)
[webappsec] Reminder: Berlin F2F July 13-14 Brad Hill (Friday, 19 June)
[upgrade-insecure-requests] Strict-Transport-Security only for HTML document or any type files? Binyamin (Monday, 15 June)
Re: F2F Meeting? Yan Zhu (Monday, 15 June)
- Re: F2F Meeting? Brad Hill (Monday, 15 June)
[REFERRER] updating referrer policy and request caching Franziskus Kiefer (Monday, 15 June)
- Re: [REFERRER] updating referrer policy and request caching Nottingham, Mark (Tuesday, 16 June)
[webappsec] Teleconference Agenda 15-June-2015 12:00 PDT Brad Hill (Friday, 12 June)
Proposal: a "clear site data" API. Mike West (Friday, 12 June)
- Re: Proposal: a "clear site data" API. Anne van Kesteren (Friday, 12 June)
  - Re: Proposal: a "clear site data" API. Richard Barnes (Friday, 12 June)
    - Re: Proposal: a "clear site data" API. Mike West (Friday, 12 June)
    - Re: Proposal: a "clear site data" API. Martin Thomson (Friday, 12 June)
    - Re: Proposal: a "clear site data" API. Jonathan Kingston (Saturday, 13 June)
    - Re: Proposal: a "clear site data" API. Alex Russell (Saturday, 13 June)
    - Re: Proposal: a "clear site data" API. Mike West (Saturday, 13 June)
    - Re: Proposal: a "clear site data" API. Alex Russell (Saturday, 13 June)
    - Re: Proposal: a "clear site data" API. Mike West (Saturday, 13 June)
    - Re: Proposal: a "clear site data" API. Jonathan Kingston (Saturday, 13 June)
    - Re: Proposal: a "clear site data" API. Mike West (Sunday, 14 June)
    - Re: Proposal: a "clear site data" API. Jonathan Kingston (Sunday, 14 June)
    - Re: Proposal: a "clear site data" API. Mike West (Monday, 15 June)
    - Re: Proposal: a "clear site data" API. Jonathan Kingston (Tuesday, 16 June)
    - Re: Proposal: a "clear site data" API. Mike West (Tuesday, 16 June)
    - Re: Proposal: a "clear site data" API. Mike West (Tuesday, 16 June)
  - Re: Proposal: a "clear site data" API. Jake Archibald (Friday, 12 June)
    - Re: Proposal: a "clear site data" API. Anne van Kesteren (Friday, 12 June)
SRI: Behavior when a developer fails to specify CORS Joel Weinberger (Thursday, 11 June)
- Re: SRI: Behavior when a developer fails to specify CORS Anne van Kesteren (Thursday, 11 June)
  - Re: SRI: Behavior when a developer fails to specify CORS Joel Weinberger (Friday, 12 June)
    - Re: SRI: Behavior when a developer fails to specify CORS Anne van Kesteren (Friday, 12 June)
    - Re: SRI: Behavior when a developer fails to specify CORS Joel Weinberger (Friday, 12 June)
    - Re: SRI: Behavior when a developer fails to specify CORS Anne van Kesteren (Saturday, 13 June)
Every example fails Andrea Giammarchi (Wednesday, 10 June)
- Re: Every example fails Mike West (Friday, 12 June)
  - Re: Every example fails Andrea Giammarchi (Friday, 12 June)
Call for Exclusions: Entry Point Regulation Coralie Mercier (Tuesday, 9 June)
Re: CORS performance proposal Nottingham, Mark (Tuesday, 9 June)
- Re: CORS performance proposal Martin Thomson (Tuesday, 9 June)
  - Re: CORS performance proposal Nottingham, Mark (Tuesday, 9 June)
  - Re: CORS performance proposal Anne van Kesteren (Tuesday, 9 June)
    - Re: CORS performance proposal Nottingham, Mark (Tuesday, 9 June)
CSP unsafe-inline DOM access Jonathan Kingston (Tuesday, 2 June)
Re: [credential management] Cross-origin credentials (was: Identity Credentials API Extension) Mike West (Monday, 1 June)
Re: [credential management] Identity Credentials API Extension Manu Sporny (Monday, 1 June)
- Re: [credential management] Identity Credentials API Extension Manu Sporny (Monday, 1 June)
  - Re: [credential management] Identity Credentials API Extension Anders Rundgren (Monday, 1 June)
- Re: [credential management] Identity Credentials API Extension Mike West (Monday, 1 June)
  - Re: [credential management] Identity Credentials API Extension Manu Sporny (Monday, 1 June)
    - Re: [credential management] Identity Credentials API Extension Brad Hill (Monday, 1 June)
    - Re: [credential management] Identity Credentials API Extension Dave Longley (Monday, 8 June)
    - Re: [credential management] Identity Credentials API Extension Mike West (Friday, 12 June)
Re: [credential management] Cross-origin credentials Manu Sporny (Monday, 1 June)
- Re: [credential management] Cross-origin credentials Brad Hill (Monday, 1 June)

public-webappsec@w3.org from June 2015 by thread