IETF Logo Mail Archive

Re: [websec] WGLC feedback for X-Frame-Options

Tobias Gondrom <tobias.gondrom@gondrom.org> Thu, 08 November 2012 19:28 UTC

Return-Path: <tobias.gondrom@gondrom.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C837721F8944 for <websec@ietfa.amsl.com>; Thu, 8 Nov 2012 11:28:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -95.284
X-Spam-Level:
X-Spam-Status: No, score=-95.284 tagged_above=-999 required=5 tests=[AWL=0.078, BAYES_00=-2.599, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DE=0.35, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MNVVcMzsfqWG for <websec@ietfa.amsl.com>; Thu, 8 Nov 2012 11:28:53 -0800 (PST)
Received: from lvps176-28-13-69.dedicated.hosteurope.de (lvps176-28-13-69.dedicated.hosteurope.de [176.28.13.69]) by ietfa.amsl.com (Postfix) with ESMTP id A34DA21F84DD for <websec@ietf.org>; Thu, 8 Nov 2012 11:28:52 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=gondrom.org; b=rvNmTLOCMSgO7YgfYa7fr9KWloVhSqxpqwTuI/wXwOotu34kE61o0IpdVN/p4z92g0wQXOOWDYHGNR01RVC+U+/staGk5U3nrOyJGYnBqEUiiB2hT/Zk0fyBMSi5YFZs; h=Received:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding;
Received: (qmail 6083 invoked from network); 8 Nov 2012 20:28:50 +0100
Received: from dhcp-12d4.meeting.ietf.org (HELO ?130.129.18.212?) (130.129.18.212) by lvps176-28-13-69.dedicated.hosteurope.de with ESMTPSA (DHE-RSA-AES256-SHA encrypted, authenticated); 8 Nov 2012 20:28:49 +0100
Message-ID: <509C07EB.5090806@gondrom.org>
Date: Thu, 08 Nov 2012 14:28:43 -0500
From: Tobias Gondrom <tobias.gondrom@gondrom.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121028 Thunderbird/16.0.2
MIME-Version: 1.0
To: barryleiba@computer.org
References: <509BE1F0.4010701@KingsMountain.com> <CAC4RtVB73u==2kW8DudYT1AcWxqCEbQw3f_z0zfq5rvQ_OE8-A@mail.gmail.com>
In-Reply-To: <CAC4RtVB73u==2kW8DudYT1AcWxqCEbQw3f_z0zfq5rvQ_OE8-A@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: websec@ietf.org
Subject: Re: [websec] WGLC feedback for X-Frame-Options
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2012 19:28:54 -0000

On 08/11/12 14:22, Barry Leiba wrote:
>> I suggest an explicit statement such as..
>>
>>    The purpose of this specification is to document existing practice.
>>
>> ..should appear in the abstract and the intoduction.
> ...
>> I wonder if also a note will be necessary to explain the use of the "X-"
>> prefix in light of...
>>
>> 6648 Deprecating the "X-" Prefix and Similar Constructs in Application
>>       Protocols. P. Saint-Andre, D. Crocker, M. Nottingham. June 2012.
> These are, of course, related, and one statement can cover both.  I
> can pretty much guarantee you'll get DISCUSSes from the IESG if you
> don't do it.

Thank you Jeff for reminding me. Forgot to include them.
Well, as we already have PSA's RFC on that (which btw. inspired XFO, 
both (comment and reference) have been added to the text of working copy 
(released in next version after this week).


>
> Barry, as AD
> _______________________________________________
> websec mailing list
> websec@ietf.org
> https://www.ietf.org/mailman/listinfo/websec

v2.14.0 | Report a Bug | By Email