RFC 6454 on The Web Origin Concept

rfc-editor@rfc-editor.org Sun, 11 December 2011 22:18 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEDE521F846B; Sun, 11 Dec 2011 14:18:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.154
X-Spam-Level:
X-Spam-Status: No, score=-102.154 tagged_above=-999 required=5 tests=[AWL=-0.154, BAYES_00=-2.599, J_CHICKENPOX_93=0.6, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4WbyGI9d1rAq; Sun, 11 Dec 2011 14:18:45 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1890:123a::1:2f]) by ietfa.amsl.com (Postfix) with ESMTP id 78FDF21F8446; Sun, 11 Dec 2011 14:18:45 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 372A462179; Sun, 11 Dec 2011 14:17:56 -0800 (PST)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
Subject: RFC 6454 on The Web Origin Concept
From: rfc-editor@rfc-editor.org
Message-Id: <20111211221756.372A462179@rfc-editor.org>
Date: Sun, 11 Dec 2011 14:17:56 -0800 (PST)
Cc: websec@ietf.org, rfc-editor@rfc-editor.org
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Dec 2011 22:18:45 -0000

A new Request for Comments is now available in online RFC libraries.

        
        RFC 6454

        Title:      The Web Origin Concept 
        Author:     A. Barth
        Status:     Standards Track
        Stream:     IETF
        Date:       December 2011
        Mailbox:    ietf@adambarth.com
        Pages:      20
        Characters: 41363
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-websec-origin-06.txt

        URL:        http://www.rfc-editor.org/rfc/rfc6454.txt

This document defines the concept of an "origin", which is often used
as the scope of authority or privilege by user agents.  Typically,
user agents isolate content retrieved from different origins to
prevent malicious web site operators from interfering with the
operation of benign web sites.  In addition to outlining the
principles that underlie the concept of origin, this document details
how to determine the origin of a URI and how to serialize an origin
into a string.  It also defines an HTTP header field, named "Origin",
that indicates which origins are associated with an HTTP request.  
[STANDARDS-TRACK]

This document is a product of the Web Security Working Group of the IETF.

This is now a Proposed Standard Protocol.

STANDARDS TRACK: This document specifies an Internet standards track
protocol for the Internet community,and requests discussion and suggestions
for improvements.  Please refer to the current edition of the Internet
Official Protocol Standards (STD 1) for the standardization state and
status of this protocol.  Distribution of this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  http://www.ietf.org/mailman/listinfo/ietf-announce
  http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html.
For downloading RFCs, see http://www.rfc-editor.org/rfc.html.

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC