W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2016

Re: CfC: Republish "Mixed Content" as CR; deadline July 27th.

From: Brad Hill <hillbrad@gmail.com>
Date: Wed, 20 Jul 2016 20:06:40 +0000
Message-ID: <CAEeYn8iAf3JYKoiydTvG=bSA6P88NWZxZSwLqSeg9Wn0jWHjGQ@mail.gmail.com>
To: Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Cc: Wendy Seltzer <wseltzer@w3.org>, Dan Veditz <dveditz@mozilla.com>
<hat="individual">  I support this republication, thanks, Mike!

On Wed, Jul 20, 2016 at 2:34 AM Mike West <mkwst@google.com> wrote:

> Hello, webappsec!
>
> Based on the discussion in the public-webappsec thread starting at [1],
> our face-to-face at [2], and our recent call at [3], I'd like to refresh
> the Mixed Content CR with the following document that aligns mixed
> content's checks with Secure Context's definition of
> potentially trustworthy URLs:
>
> https://w3c.github.io/webappsec-mixed-content/CR.html
>
> Among other things, this means that `http://127.0.0.1/`
> <http://127.0.0.1/> will not be considered mixed content when loaded in
> an otherwise secure page.
>
> The deadline for this CfC is in one week, July 27th, with as short a CR
> period as possible in the hopes of taking it to PR in the TPAC timeframe. Feedback,
> both positive and negative is welcome, either directly to the list, or via
> some sort of clever emoji response to *https://github.com/w3c/webappsec-mixed-content/issues/6
> <https://github.com/w3c/webappsec-mixed-content/issues/6>*.
>
> [1]:
> https://lists.w3.org/Archives/Public/public-webappsec/2016Apr/0044.html
> [2]: https://www.w3.org/2016/05/16-webappsec-minutes.html#item05
> [3]: https://www.w3.org/2016/07/13-webappsec-minutes.html#item05
>
>
>
> -mike
>
Received on Wednesday, 20 July 2016 20:07:20 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:20 UTC