public-webappsec@w3.org from January 2016 by author

Adrian Hope-Bailie

• Re: PDF alternative using HTML (proposal) (Tuesday, 12 January)

Anders Rundgren

• Signed JavaScript/JSON using ES6 + Google V8 (Friday, 15 January)

Andrew Sutherland

• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Monday, 25 January)
• In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)

Anne van Kesteren

• Re: Request for input on Foreign Fetch (Thursday, 28 January)
• Re: Request for input on Foreign Fetch (Thursday, 28 January)
• Re: Request for input on Foreign Fetch (Thursday, 28 January)
• Re: Request for input on Foreign Fetch (Wednesday, 27 January)
• Re: Request for input on Foreign Fetch (Wednesday, 27 January)
• Re: preflighted CORS requests and redirects: principally impossible? (Sunday, 24 January)
• Re: preflighted CORS requests and redirects: principally impossible? (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Request for input on Foreign Fetch (Friday, 22 January)
• Re: [powerful features] Secure Contexts and Framed Documents (Wednesday, 13 January)
• Re: [powerful features] Secure Contexts and Framed Documents (Wednesday, 13 January)
• Re: [powerful features] Secure Contexts and Framed Documents (Wednesday, 13 January)
• Re: Proposal to add a browsing context named "_private" (Tuesday, 12 January)

Ben Gidley

• Re: Request for input on Foreign Fetch (Thursday, 28 January)

Brad Hill

• Re: [webappsec] Face to Face meeting survey (Wednesday, 27 January)
• [webappsec] Face to Face meeting survey (Wednesday, 27 January)
• [webappsec] Teleconference Agenda: 27-Jan-2016 (Monday, 25 January)
• Re: [SRI] Increasing Cacheable Content as a goal (Wednesday, 20 January)
• [webappsec] Teleconference Agenda 13-Jan-2016 (Tuesday, 12 January)
• Call for Consensus: Mixed Content to Proposed Recommendation (Tuesday, 5 January)
• Call for Consensus: SRI to Proposed Recommendation (Tuesday, 5 January)

Brian Smith

• Re: Limiting requests from the internet to the intranet. (Saturday, 9 January)
• Re: Limiting requests from the internet to the intranet. (Friday, 8 January)

Chris Palmer

• Re: Proposal: Marking HTTP As Non-Secure (Friday, 29 January)
• Re: Proposal: Marking HTTP As Non-Secure (Thursday, 28 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: [powerful features] Secure Contexts and Framed Documents (Wednesday, 13 January)
• Re: Limiting requests from the internet to the intranet. (Wednesday, 6 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)

Conrad Irwin

• In-browser sanitization vs. a “Safe Node” in the DOM (Thursday, 21 January)

Craig Francis

• Allow auto-resize on iframe (Sunday, 31 January)
• Allow auto-resize on iframe (Sunday, 31 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: PDF alternative using HTML (proposal) (Tuesday, 19 January)
• Re: PDF alternative using HTML (proposal) (Monday, 18 January)
• Re: PDF alternative using HTML (proposal) (Monday, 18 January)
• Re: PDF alternative using HTML (proposal) (Monday, 18 January)
• Re: PDF alternative using HTML (proposal) (Sunday, 17 January)
• Re: PDF alternative using HTML (proposal) (Thursday, 14 January)
• Re: PDF alternative using HTML (proposal) (Tuesday, 12 January)
• PDF alternative using HTML (proposal) (Tuesday, 12 January)

Crispin Cowan

• RE: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• RE: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• RE: PDF alternative using HTML (proposal) (Monday, 18 January)
• RE: PDF alternative using HTML (proposal) (Sunday, 17 January)
• RE: PDF alternative using HTML (proposal) (Sunday, 17 January)
• RE: Proposal to add a browsing context named "_private" (Thursday, 14 January)
• RE: Proposal to add a browsing context named "_private" (Tuesday, 12 January)
• RE: Proposal to add a browsing context named "_private" (Tuesday, 12 January)
• RE: Proposal to add a browsing context named "_private" (Monday, 11 January)

David Ross

• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Tuesday, 26 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Tuesday, 26 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Monday, 25 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Monday, 25 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Thursday, 21 January)
• In-browser sanitization vs. a “Safe Node” in the DOM (Thursday, 21 January)

Deian Stefan

• Re: Summary of major differences between COWL and Suborigins (Saturday, 23 January)

Devdatta Akhawe

• Re: Limiting requests from the internet to the intranet. (Saturday, 9 January)

Eduardo Robles Elvira

• Re: [CSP] "sri" source expression to enforce SRI (Saturday, 9 January)

Eitan Adler

• Re: Proposal: Marking HTTP As Non-Secure (Saturday, 30 January)

Eric Mill

• Re: Proposal: Marking HTTP As Non-Secure (Sunday, 31 January)
• Re: HSTS priming vs preloading (Monday, 18 January)
• Re: HSTS priming vs preloading (Monday, 18 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)

Erik Nygren

• Re: Limiting requests from the internet to the intranet. (Friday, 8 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)

Francois Marier

• Re: Security / Technical feedback on subresource integrity specification (Wednesday, 20 January)

Frederik Braun

• [SRI] Re: Security / Technical feedback on subresource integrity specification (Tuesday, 19 January)

Gabor Szathmari

• [sritest.io] New Website SRI Scanner Service (Wednesday, 13 January)

Harald Alvestrand

• Re: Permissions work - status and intent to update (Wednesday, 27 January)
• Permissions work - status and intent to update (Wednesday, 27 January)

James May

• Re: PDF alternative using HTML (proposal) (Monday, 18 January)

Jim Manico

• Re: Proposal: Marking HTTP As Non-Secure (Saturday, 30 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Saturday, 23 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)
• Re: HSTS priming vs preloading (Tuesday, 19 January)
• Re: HSTS priming vs preloading (Tuesday, 19 January)

jirkadanek7@gmail.com

• Re: Proposal: Marking HTTP As Non-Secure (Thursday, 28 January)

Joel Weinberger

• Summary of major differences between COWL and Suborigins (Thursday, 14 January)
• Re: Proposal to add a browsing context named "_private" (Thursday, 14 January)
• Re: [powerful features] Secure Contexts and Framed Documents (Wednesday, 13 January)
• Re: Proposal to add a browsing context named "_private" (Monday, 11 January)
• Re: Proposal to add a browsing context named "_private" (Monday, 11 January)
• Re: [CSP] "sri" source expression to enforce SRI (Wednesday, 6 January)

Jonathan Kingston

• Re: preflighted CORS requests and redirects: principally impossible? (Friday, 22 January)
• Re: Security / Technical feedback on subresource integrity specification (Wednesday, 20 January)
• Re: new CSP draft. (Tuesday, 12 January)
• Re: new CSP draft. (Sunday, 10 January)
• Header size and policy delivery (Thursday, 7 January)
• Re: [CSP] "sri" source expression to enforce SRI (Tuesday, 5 January)

Justin Schuh

• Re: Limiting requests from the internet to the intranet. (Friday, 8 January)
• Re: Limiting requests from the internet to the intranet. (Wednesday, 6 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)

Martin Thomson

• Re: Request for input on Foreign Fetch (Thursday, 28 January)
• Re: Request for input on Foreign Fetch (Thursday, 28 January)
• Re: Request for input on Foreign Fetch (Wednesday, 27 January)
• Re: Header size and policy delivery (Thursday, 7 January)
• Re: Header size and policy delivery (Thursday, 7 January)
• Re: Header size and policy delivery (Thursday, 7 January)

Mhano Harkness

• Re: Security / Technical feedback on subresource integrity specification (Wednesday, 20 January)
• Re: Security / Technical feedback on subresource integrity specification (Wednesday, 20 January)
• Security / Technical feedback on subresource integrity specification (Tuesday, 19 January)

Michaela Merz

• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Thursday, 21 January)

Michal Zalewski

• Re: In-browser sanitization vs. a “Safe Node” in the DOM (Friday, 22 January)

Mike O'Neill

• RE: Header size and policy delivery (Thursday, 7 January)
• RE: [CSP] "sri" source expression to enforce SRI (Tuesday, 5 January)
• RE: [CSP] "sri" source expression to enforce SRI (Tuesday, 5 January)

Mike West

• Re: Request for input on Foreign Fetch (Wednesday, 27 January)
• Secure Contexts to CR? (Re: [webappsec] Teleconference Agenda: 27-Jan-2016) (Tuesday, 26 January)
• Re: HSTS priming vs preloading (Monday, 18 January)
• Re: HSTS priming vs preloading (Monday, 18 January)
• Re: new CSP draft. (Tuesday, 12 January)
• Re: new CSP draft. (Monday, 11 January)
• Re: Limiting requests from the internet to the intranet. (Friday, 8 January)
• CfC: CSP3 to FPWD; deadline January 15th. (Friday, 8 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)
• Limiting requests from the internet to the intranet. (Monday, 4 January)

Nico Schlömer

• Re: preflighted CORS requests and redirects: principally impossible? (Friday, 22 January)
• preflighted CORS requests and redirects: principally impossible? (Friday, 22 January)

Nottingham, Mark

• Re: [CSP] "sri" source expression to enforce SRI (Tuesday, 5 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)

Oda, Terri

• Re: new CSP draft. (Monday, 11 January)
• Re: Limiting requests from the internet to the intranet. (Wednesday, 6 January)

Patrick Toomey

• Re: Proposal to add a browsing context named "_private" (Monday, 11 January)
• Re: Proposal to add a browsing context named "_private" (Monday, 11 January)
• Re: Header size and policy delivery (Thursday, 7 January)
• Re: Header size and policy delivery (Thursday, 7 January)
• Re: [CSP] "sri" source expression to enforce SRI (Monday, 4 January)

Rich Tibbett

• Re: [powerful features] Secure Contexts and Framed Documents (Wednesday, 13 January)
• Re: [powerful features] Secure Contexts and Framed Documents (Wednesday, 13 January)
• [powerful features] Secure Contexts and Framed Documents (Wednesday, 13 January)

Richard Barnes

• Re: Security / Technical feedback on subresource integrity specification (Wednesday, 20 January)
• Re: HSTS priming vs preloading (Tuesday, 19 January)
• Re: HSTS priming vs preloading (Monday, 18 January)
• Re: Limiting requests from the internet to the intranet. (Wednesday, 13 January)
• Re: Proposal to add a browsing context named "_private" (Monday, 11 January)
• Re: Limiting requests from the internet to the intranet. (Friday, 8 January)
• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)

Sergey Shekyan

• Re: Limiting requests from the internet to the intranet. (Monday, 4 January)

Slim Amamou

• Re: [SRI] Increasing Cacheable Content as a goal (Wednesday, 20 January)
• [SRI] Increasing Cacheable Content as a goal (Wednesday, 20 January)

timeless

• Re: Proposal to add a browsing context named "_private" (Monday, 11 January)

Utkarsh Upadhyay

• Re: Proposal to add a browsing context named "_private" (Sunday, 24 January)
• Re: preflighted CORS requests and redirects: principally impossible? (Sunday, 24 January)
• Re: preflighted CORS requests and redirects: principally impossible? (Friday, 22 January)
• Re: Proposal to add a browsing context named "_private" (Thursday, 14 January)
• Re: Proposal to add a browsing context named "_private" (Tuesday, 12 January)
• Re: Proposal to add a browsing context named "_private" (Tuesday, 12 January)
• Re: Proposal to add a browsing context named "_private" (Monday, 11 January)
• Proposal to add a browsing context named "_private" (Monday, 11 January)

Wendy Seltzer

• Re: PDF alternative using HTML (proposal) (Tuesday, 12 January)
• Fwd: HTTPS/HSTS support on www.w3.org servers (Monday, 11 January)
• Re: Call for Consensus: Mixed Content to Proposed Recommendation (Tuesday, 5 January)

Xueyuan Jia

• Call for Exclusions: Content Security Policy Level 3 (Tuesday, 26 January)
• Call for Exclusions (Update): Confinement with Origin Web Labels (Thursday, 14 January)

Ángel González

• Re: PDF alternative using HTML (proposal) (Saturday, 16 January)

Last message date: Sunday, 31 January 2016 19:02:13 UTC