Hi there, At IETF 92, we discussed the previously-mentioned <https://lists.w3.org/Archives/Public/public-webappsec/2015Feb/0202.html> Token Binding proposals, where they were officially adopted by the IETF Token Binding WG. One of the feedbacks we received there was that IETF I-Ds should stay silent on new DOM APIs, and that those APIs should be developed in other places. Currently, one of the proposed I-Ds <http://tools.ietf.org/html/draft-balfanz-https-token-binding> mentions a new DOM API, and I will remove that mention in the next revision. Which then brings up the question of what to do about the DOM API, which will no longer be mentioned in the I-D. I was asked to gather comments and feedback from this group, and for that purpose I wrote a doc that explains the problem and summarizes what the DOM API would have to do: https://docs.google.com/document/d/1x_3KI_v35NQFEsAbGGjNcyTw3Waoy1mL3YfTaQbyyuM/view?rm=minimal&pli=1 Comments/Feedback welcome, in particular comments on where this API should be discussed/developed. Dirk.
Received on Thursday, 26 March 2015 16:08:23 UTC