Last Call: <draft-ietf-websec-x-frame-options-07.txt> (HTTP Header Field X-Frame-Options) to Informational RFC
The IESG <iesg-secretary@ietf.org> Mon, 29 July 2013 09:38 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7334A21F9CEF; Mon, 29 Jul 2013 02:38:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.496
X-Spam-Level:
X-Spam-Status: No, score=-102.496 tagged_above=-999 required=5 tests=[AWL=0.104, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 110aSo-Rodtq; Mon, 29 Jul 2013 02:38:00 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AED621F9A37; Mon, 29 Jul 2013 02:37:55 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Last Call: <draft-ietf-websec-x-frame-options-07.txt> (HTTP Header Field X-Frame-Options) to Informational RFC
X-Test-IDTracker: no
X-IETF-IDTracker: 4.60p1
Sender: iesg-secretary@ietf.org
Message-ID: <20130729093755.20677.91084.idtracker@ietfa.amsl.com>
Date: Mon, 29 Jul 2013 02:37:55 -0700
Cc: websec@ietf.org
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jul 2013 09:38:07 -0000
The IESG has received a request from the Web Security WG (websec) to consider the following document: - 'HTTP Header Field X-Frame-Options' <draft-ietf-websec-x-frame-options-07.txt> as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2013-08-12. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract To improve the protection of web applications against Clickjacking, this specification describes the X-Frame-Options HTTP response header field that declares a policy communicated from the server to the client browser on whether the browser may display the transmitted content in frames that are part of other web pages. This informational document serves to document the existing use and specification of this X-Frame-Options HTTP response header field. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options/ballot/ No IPR declarations have been submitted directly on this I-D.