IETF Logo Mail Archive

Re: [websec] WGLC feedback for X-Frame-Options

Peter Saint-Andre <stpeter@stpeter.im> Thu, 08 November 2012 19:31 UTC

Return-Path: <stpeter@stpeter.im>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07F9321F84DD for <websec@ietfa.amsl.com>; Thu, 8 Nov 2012 11:31:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.513
X-Spam-Level:
X-Spam-Status: No, score=-102.513 tagged_above=-999 required=5 tests=[AWL=0.086, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OHfr6-tis1Ni for <websec@ietfa.amsl.com>; Thu, 8 Nov 2012 11:31:13 -0800 (PST)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 5A10121F84D2 for <websec@ietf.org>; Thu, 8 Nov 2012 11:31:13 -0800 (PST)
Received: from [130.129.84.156] (unknown [130.129.84.156]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 1D23B40062; Thu, 8 Nov 2012 12:35:04 -0700 (MST)
Message-ID: <509C0888.5000406@stpeter.im>
Date: Thu, 08 Nov 2012 14:31:20 -0500
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:16.0) Gecko/20121026 Thunderbird/16.0.2
MIME-Version: 1.0
To: Tobias Gondrom <tobias.gondrom@gondrom.org>
References: <509BE1F0.4010701@KingsMountain.com> <CAC4RtVB73u==2kW8DudYT1AcWxqCEbQw3f_z0zfq5rvQ_OE8-A@mail.gmail.com> <509C07EB.5090806@gondrom.org>
In-Reply-To: <509C07EB.5090806@gondrom.org>
X-Enigmail-Version: 1.4.5
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: barryleiba@computer.org, websec@ietf.org
Subject: Re: [websec] WGLC feedback for X-Frame-Options
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2012 19:31:14 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/8/12 2:28 PM, Tobias Gondrom wrote:
> On 08/11/12 14:22, Barry Leiba wrote:
>>> I suggest an explicit statement such as..
>>> 
>>> The purpose of this specification is to document existing
>>> practice.
>>> 
>>> ..should appear in the abstract and the intoduction.
>> ...
>>> I wonder if also a note will be necessary to explain the use of
>>> the "X-" prefix in light of...
>>> 
>>> 6648 Deprecating the "X-" Prefix and Similar Constructs in
>>> Application Protocols. P. Saint-Andre, D. Crocker, M.
>>> Nottingham. June 2012.
>> These are, of course, related, and one statement can cover both.
>> I can pretty much guarantee you'll get DISCUSSes from the IESG if
>> you don't do it.
> 
> Thank you Jeff for reminding me. Forgot to include them. Well, as
> we already have PSA's RFC on that (which btw. inspired XFO, both
> (comment and reference) have been added to the text of working
> copy (released in next version after this week).

I'm happy to look at that text when it is released.

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlCcCIgACgkQNL8k5A2w/vwkugCfR/41ujZQEe6R1laO/OMRsaD1
QrAAnRSUZkRg4gp5IorUZj9UfyTUq05l
=sBSk
-----END PGP SIGNATURE-----

v2.23.0 | Report a Bug | By Email