BCC: www-tag@, public-webapps@, public-privacy@, public-geolocation@, public-review-announce@.
Hello, WebAppSec! Two weeks ago, I noted that Secure Contexts was pretty much done, and ready to review ( https://lists.w3.org/Archives/Public/public-webappsec/2015Sep/0068.html). I've made some changes to the doc based on feedback during that period (thanks mostly to Anne), and I think we're close enough to call it done and see if anyone points out crazy things I've missed. :) This is a call for consensus to transition to Candidate Recommendation with the document at: https://w3c.github.io/webappsec/specs/powerfulfeatures/published/2015-10-CR.html The core of the specification is already implemented in Chrome and Firefox, and is used in a number of specifications to gate certain features (like Service Workers) to contexts which offer guarantees about their usage. I expect those implementations can align with the specification fairly quickly, and I don't believe anything in the document needs to be marked as "at risk". As discussed on public-webapps@, this document references WHATWG documents in several places where the W3C version is out of date. A list of the referenced terms are available for review at https://w3c.github.io/webappsec/specs/powerfulfeatures/#index-defined-elsewhere . The deadline for this CfC is one week from today, October 1st. As always, explicit (positive!) feedback to public-webapp...@w3.org is appreciated! -- Mike West <mk...@google.com>, @mikewest Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth Flores (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)