[websec] Fwd: I-D Action: draft-nir-websec-extended-origin-02.txt
Yoav Nir <ynir@checkpoint.com> Tue, 06 March 2012 08:43 UTC
Return-Path: <ynir@checkpoint.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 715A621F8762 for <websec@ietfa.amsl.com>; Tue, 6 Mar 2012 00:43:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.46
X-Spam-Level:
X-Spam-Status: No, score=-10.46 tagged_above=-999 required=5 tests=[AWL=0.138, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lHpBYSFFC7Zs for <websec@ietfa.amsl.com>; Tue, 6 Mar 2012 00:43:23 -0800 (PST)
Received: from michael.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id EEF2E21F87B0 for <websec@ietf.org>; Tue, 6 Mar 2012 00:43:19 -0800 (PST)
X-CheckPoint: {4F55C983-0-1B221DC2-1FFFF}
Received: from il-ex01.ad.checkpoint.com (il-ex01.ad.checkpoint.com [194.29.34.26]) by michael.checkpoint.com (8.13.8/8.13.8) with ESMTP id q268hIC3005432 for <websec@ietf.org>; Tue, 6 Mar 2012 10:43:18 +0200
Received: from il-ex03.ad.checkpoint.com (194.29.34.71) by il-ex01.ad.checkpoint.com (194.29.34.26) with Microsoft SMTP Server (TLS) id 8.3.213.0; Tue, 6 Mar 2012 10:43:17 +0200
Received: from il-ex01.ad.checkpoint.com ([126.0.0.2]) by il-ex03.ad.checkpoint.com ([194.29.34.71]) with mapi; Tue, 6 Mar 2012 10:43:17 +0200
From: Yoav Nir <ynir@checkpoint.com>
To: "websec@ietf.org WG" <websec@ietf.org>
Date: Tue, 06 Mar 2012 10:43:19 +0200
Thread-Topic: I-D Action: draft-nir-websec-extended-origin-02.txt
Thread-Index: Acz7dS0ITZx6TBa1REWoTA6fQg4JVg==
Message-ID: <F902E640-864A-46B8-A319-4F45C2FA8ACC@checkpoint.com>
References: <20120306075340.16237.26975.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
Content-Type: multipart/alternative; boundary="_000_F902E640864A46B8A3194F45C2FA8ACCcheckpointcom_"
MIME-Version: 1.0
X-KSE-AntiSpam-Interceptor-Info: protection disabled
Subject: [websec] Fwd: I-D Action: draft-nir-websec-extended-origin-02.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Mar 2012 08:43:24 -0000
Hi I've submitted version -02 of the draft. It includes changes based on comments by James Manger, Adam Barth, and Tobias. I'm looking forward to discussing this on the mailing list and in Paris. Yoav Begin forwarded message: From: "internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>" <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> Subject: I-D Action: draft-nir-websec-extended-origin-02.txt Date: March 6, 2012 9:53:40 AM GMT+02:00 To: "i-d-announce@ietf.org<mailto:i-d-announce@ietf.org>" <i-d-announce@ietf.org<mailto:i-d-announce@ietf.org>> Reply-To: "internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>" <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : A More Granular Web Origin Concept Author(s) : Yoav Nir Filename : draft-nir-websec-extended-origin-02.txt Pages : 9 Date : 2012-03-05 This document defines an HTTP header that allows the partitioning of a single origin (as defined in RFC 6454) into multiple origins, so that the same origin policy applies among them. The header introduced in this document allows a portal to specify that resources that appear to be from the same origin should, in fact, be treated as though they are from different origins, by extending the 3-tuple of the origin to a 4-tuple. A compliant user agent is expected to apply the same-origin policy according to the 4-tuple rather than the 3-tuple. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-nir-websec-extended-origin-02.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ This Internet-Draft can be retrieved at: ftp://ftp.ietf.org/internet-drafts/draft-nir-websec-extended-origin-02.txt _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Scanned by Check Point Total Security Gateway.