[websec] Last Call: <draft-ietf-websec-origin-04.txt> (The Web Origin Concept) to Proposed Standard
The IESG <iesg-secretary@ietf.org> Tue, 23 August 2011 21:19 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1356321F8D7B; Tue, 23 Aug 2011 14:19:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.535
X-Spam-Level:
X-Spam-Status: No, score=-102.535 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6-aUs1Fn9Zn5; Tue, 23 Aug 2011 14:19:53 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3A1521F8B35; Tue, 23 Aug 2011 14:19:53 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 3.59
Message-ID: <20110823211953.14482.9265.idtracker@ietfa.amsl.com>
Date: Tue, 23 Aug 2011 14:19:53 -0700
Cc: websec@ietf.org
Subject: [websec] Last Call: <draft-ietf-websec-origin-04.txt> (The Web Origin Concept) to Proposed Standard
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ietf@ietf.org
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Aug 2011 21:19:54 -0000
The IESG has received a request from the Web Security WG (websec) to consider the following document: - 'The Web Origin Concept' <draft-ietf-websec-origin-04.txt> as a Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2011-09-06. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document defines the concept of an "origin", which is often used as the scope of authority or privilege by user agents. Typically, user agents isolate content retrieved from different origins to prevent malicious web site operators from interfering with the operation of benign web sites. In addition to outlining the principles that underlie the concept of origin, this document defines how to determine the origin of a URI, how to serialize an origin into a string, and an HTTP header, named "Origin", that indicates which origins are associated with an HTTP request. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-websec-origin/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-websec-origin/ No IPR declarations have been submitted directly on this I-D.
- [websec] Last Call: <draft-ietf-websec-origin-04.… The IESG
- Re: [websec] Last Call: <draft-ietf-websec-origin… Julian Reschke
- Re: [websec] Last Call: <draft-ietf-websec-origin… Adam Barth
- Re: [websec] Last Call: <draft-ietf-websec-origin… Julian Reschke
- Re: [websec] Last Call: <draft-ietf-websec-origin… Roy T. Fielding
- Re: [websec] Last Call: <draft-ietf-websec-origin… Roy T. Fielding
- Re: [websec] Last Call: <draft-ietf-websec-origin… Frank Ellermann
- Re: [websec] Last Call: <draft-ietf-websec-origin… Frank Ellermann
- Re: [websec] Last Call: <draft-ietf-websec-origin… Adam Barth
- Re: [websec] Last Call: <draft-ietf-websec-origin… Adam Barth
- Re: [websec] Last Call: <draft-ietf-websec-origin… Julian Reschke