On Tue, Oct 20, 2009 at 3:21 PM, Lucas Adamski <lu...@mozilla.com> wrote: > I've been a firm believer that CSP will evolve over time but that's an > argument for versioning though, not modularity. We are as likely to have to > modify existing behaviors as introduce whole new sets. It's also not a > reason to split the existing functionality into modules.
I'm not sure versioning is the best approach for web technologies. For example, versioning has been explicitly rejected for HTML, ECMAScript, and cookies. In fact, I can't really think of a successful web technology that uses versioning instead of extensibility. Maybe SSL/TLS? Even there, the modern approach is to advance the protocol with extensions (e.g., SNI). Adam _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security