Sunava - as requested by several members of the WG, please send a PDF
version of this document directly to the public-webapps mail list.
-Thanks, Art Barstow
On Jun 11, 2008, at 11:36 PM, ext Sunava Dutta wrote:
Try this link instead: http://code.msdn.microsoft.com/xdsecuritywp
________________________________________
From: Sunava Dutta
Sent: Wednesday, June 11, 2008 8:24 PM
To: Sunava Dutta; Arthur Barstow; ext Jonas Sicking; Marc Silbey;
[EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; public-webapi@w3.org WG (public); public-
[EMAIL PROTECTED]; Eric Lawrence; Chris Wilson; David Ross; Mark
Shlimovich (SWI); Doug Stamper; Zhenbin Xu
Subject: RE: Seeking earlier feedback from MS [Was: IE Team's
Proposal for Cross Site Requests]
Woo hooo, my first mail to the new webapps alias! -:)
Thanks for waiting for us to get feedback in from people across
MSFT. As promised, here is the whitepaper on client side cross
domain security articulating the security principles and challenges
(high level and specifics ) of the current CS-XHR draft.
I've also addressed the questions members raised in the FAQ.
As Jonas and Art mention, in order to provide the opportunity for
members to research and usefully discuss the contents and other
issues, lets talk about our concerns among other items F2F in the
first week of July.
https://mail.windows.microsoft.com/OWA/redir.aspx?
C=7165bcd1f09048ac9fdcd34d2f9556b1&URL=http%3a%2f%
2fcode.msdn.microsoft.com%2fxdsecuritywp%2fRelease%
2fProjectReleases.aspx%3fReleaseId%3d1157
Look forward to hosting the members here in Redmond.
________________________________________
From: [EMAIL PROTECTED] [EMAIL PROTECTED]
On Behalf Of Sunava Dutta [EMAIL PROTECTED]
Sent: Friday, June 06, 2008 2:54 PM
To: Arthur Barstow; ext Jonas Sicking; Marc Silbey
Cc: [EMAIL PROTECTED]; public-webapi@w3.org WG (public); public-
[EMAIL PROTECTED]; Eric Lawrence; Chris Wilson; David Ross; Mark
Shlimovich (SWI); Doug Stamper; Zhenbin Xu
Subject: RE: Seeking earlier feedback from MS [Was: IE Team's
Proposal for Cross Site Requests]
Art, Jonas,
Just a quick update. We've put a lot of effort into the paper and
the good news is we're nearly done. It's going through a final peer-
review to make sure we've received feedback from experts in the
company including our security gurus. (Yes, they do exist at MSFT -:))
I'll be sending out the paper on Tuesday evening or Wednesday the
latest. Thanks for waiting.
-----Original Message-----
From: Arthur Barstow [mailto:[EMAIL PROTECTED]
Sent: Friday, May 16, 2008 5:06 AM
To: ext Jonas Sicking; Sunava Dutta
Cc: [EMAIL PROTECTED]; public-webapi@w3.org WG (public); public-
[EMAIL PROTECTED]; IE8 Core AJAX SWAT Team; Eric Lawrence; Chris
Wilson;
David Ross; Mark Shlimovich (SWI); Doug Stamper; Zhenbin Xu
Subject: Seeking earlier feedback from MS [Was: IE Team's Proposal
for
Cross Site Requests]
Sunava - I tend to agree with Jonas re the timing of MS' response/
feedback.
Given the f2f meeting is now about six weeks away, can you commit to
and deliver on an earlier deadline, no later than June 6?
-Regards, Art Barstow
On May 15, 2008, at 10:39 PM, ext Jonas Sicking wrote:
Sunava Dutta wrote:
This message is not attempting to set forth in detail all the
objections we have had; Sunava will >deliver that in a concise
form.
Can you give us a ballpark ETA on this?
[Sunava Dutta] Sure, I'm compiling this as we speak. I expect
this to
be ready and available to the Web API by mid June in the latest.
Wow, this is really bad news that we won't get this feedback until
just two weeks before the face to face meeting. Especially given
the numerous delays in getting this feedback in the past I am very
worried that there will be further delays. Are you absolutely
certain that won't happen again?
Even just having two weeks in order to discuss this feedback prior
to the meeting seems like very short on time.
I would really encourage you to consider providing this feedback
more promptly. I do not wish to attend a face to face meeting
solely to discuss new feedback which we have not had the
opportunity to research and cannot usefully discuss. I also hope to
cover much more than microsofts feedback during the meeting.
