[Bug 25972] Please require a secure origin from bugzilla@jessica.w3.org on 2014-06-04 (public-webcrypto@w3.org from June 2014)

From: <bugzilla@jessica.w3.org>
Date: Wed, 04 Jun 2014 13:01:40 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-25972-7213-RgdHXtcrsA@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25972

Boris Zbarsky <bzbarsky@mit.edu> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |bzbarsky@mit.edu,
                   |                            |jonas@sicking.cc

--- Comment #1 from Boris Zbarsky <bzbarsky@mit.edu> ---
Some implementations want to do this.  Not all.  

> Secure origin is defined by https://w3c.github.io/webappsec/specs/mixedcontent/

Fwiw, this doesn't match Blink's definition at
<http://www.chromium.org/Home/chromium-security/security-faq#TOC-Which-origins-are-secure->
in various ways.  Are they willing to change their behavior?  Should this spec
change?

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Wednesday, 4 June 2014 13:01:45 UTC