- From: Devdatta Akhawe <dev.akhawe@gmail.com>
- Date: Mon, 18 May 2015 08:33:35 -0700
- To: Gervase Markham <gerv@mozilla.org>
- Cc: Joel Weinberger <jww@chromium.org>, public-webappsec@w3.org
Received on Monday, 18 May 2015 15:34:03 UTC
I thought the MAY gave flexibility to UAs. Does it not? On May 18, 2015 6:16 AM, "Gervase Markham" <gerv@mozilla.org> wrote: On 17/05/15 08:51, Devdatta Akhawe wrote: > "User agents MAY deprecate support (by blocking loads) for integrity > validation using hash functions deemed insecure. Web application authors > SHOULD update integrity metadata to remove use of insecure hash functions." No problem with the second sentence. The first seems fairly specific; I thought you were arguing for flexibility in how UAs handle "deprecation"? Gerv
Received on Monday, 18 May 2015 15:34:03 UTC