- From: Nathan <nathan@webr3.org>
- Date: Wed, 02 Feb 2011 20:12:52 +0000
- To: Anne van Kesteren <annevk@opera.com>
- CC: Karl Dubost <karld@opera.com>, "www-tag@w3.org WG" <www-tag@w3.org>
Anne van Kesteren wrote: > On Wed, 02 Feb 2011 19:07:47 +0100, Nathan <nathan@webr3.org> wrote: >> http://amundsen.com/blog/archives/1090 > > Fundamentally changing the essentials of the web security model is like > hoping XHTML 2.0 or Cookie2 will succeed. It will not happen unless > everything changes. Can you send me a link to "the web security model" please, somehow I've managed never to see that spec or any definition of it. (embarrassing!) I'd certainly be interested in reading all about why Cookies and stateful HTTP usage are good for security and to be adopted heavily, whilst reading the comments in a publicly available javascript embedded from a "cross-origin" is big security concern to be prevented at all costs. Should be a great read and very enlightening. Thanks much for pointing it out, Nathan
Received on Wednesday, 2 February 2011 20:15:05 UTC