- From: =JeffH <Jeff.Hodges@KingsMountain.com>
- Date: Mon, 6 Nov 2017 14:33:39 -0800
- To: W3C WebAppSec WG <public-webappsec@w3.org>
wrt affiliated domains, there has been thought on the problem over the past few years. For example, here is the problem statement draft from the (stillborn, unfortunately) IETF DBound working group: DBOUND: DNS Administrative Boundaries Problem Statement https://tools.ietf.org/html/draft-sullivan-dbound-problem-statement Additionally, Andrew Sullivan and I propose this resolution approach: Asserting DNS Administrative Boundaries Within DNS Zones https://tools.ietf.org/html/draft-sullivan-domain-policy-authority The DBound working group folded (IMHO) due to gridlock, lack of a dedicated champion(s) to consistently drive the process, and lack of browser vendor interest. Essentially, this is a tough, subtle-but-important problem which does not have to be solved _today_. I.e., the present approach is "good enough (for now)". However, this problem may be becoming more immediately salient? HTH, =JeffH
Received on Monday, 6 November 2017 22:34:21 UTC