IETF Logo Mail Archive

Re: [websec] WGLC for X-Frame-Options

Yoav Nir <ynir@checkpoint.com> Wed, 14 November 2012 08:09 UTC

Return-Path: <ynir@checkpoint.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5048021F86AD for <websec@ietfa.amsl.com>; Wed, 14 Nov 2012 00:09:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rCZ+hSGRVaqF for <websec@ietfa.amsl.com>; Wed, 14 Nov 2012 00:09:36 -0800 (PST)
Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id D6D3F21F85A4 for <websec@ietf.org>; Wed, 14 Nov 2012 00:09:34 -0800 (PST)
Received: from IL-EX10.ad.checkpoint.com ([194.29.34.147]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id qAE89UMQ024831 for <websec@ietf.org>; Wed, 14 Nov 2012 10:09:30 +0200
X-CheckPoint: {50A34EB6-1-1B221DC2-1FFFF}
Received: from IL-EX10.ad.checkpoint.com ([169.254.2.194]) by IL-EX10.ad.checkpoint.com ([169.254.2.194]) with mapi id 14.02.0318.004; Wed, 14 Nov 2012 10:09:29 +0200
From: Yoav Nir <ynir@checkpoint.com>
To: IETF WebSec WG <websec@ietf.org>
Thread-Topic: WGLC for X-Frame-Options
Thread-Index: Ac2xb0zTHb33hMtRQwuRaMJzUgzEDQQv02sA
Date: Wed, 14 Nov 2012 08:09:29 +0000
Message-ID: <4613980CFC78314ABFD7F85CC3027721015E74@IL-EX10.ad.checkpoint.com>
References: <D418C856-1FA9-4FA3-805D-6A44042B5A36@checkpoint.com>
In-Reply-To: <D418C856-1FA9-4FA3-805D-6A44042B5A36@checkpoint.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [91.90.139.85]
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
x-cpdlp: 11af8b1d98a356cb9215df355922dbefed55f6be47
Content-Type: text/plain; charset="us-ascii"
Content-ID: <F402EF8D1AE1B74A993B1C42AA7278F0@ad.checkpoint.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [websec] WGLC for X-Frame-Options
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Nov 2012 08:09:37 -0000

Reminder: WGLC ends this Friday. Please send in your reviews.

On Oct 24, 2012, at 12:39 AM, Yoav Nir wrote:

> Hi all
> 
> This is to initiate WGLC for the X-Frame-Options draft (not to be confused with the Frame-Options draft).
> 
> Please go to http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-01, read the draft and send comments.
> 
> As usual, we would very much like to hear comments about clarity, thoroughness and applicability. Since this draft documents existing behavior, rather than prescribing future behavior, we would especially like to hear from people familiar with current implementations that support the X-Frame-Option header about whether the draft accurately describes the behavior of those implementations.
> 
> WGLC is usually for two weeks. However, the following two weeks include an IETF meeting, so I am extending this period to a little over three weeks. WGLC will end on Friday, November 16th. Please send your comments early, so that we might use our session in Atlanta to discuss issues that come up.
> 
> Yoav

v2.23.0 | Report a Bug | By Email