On 3/13/10 6:13 AM, Nick Kralevich wrote:
> On Fri, Mar 12, 2010 at 5:24 PM, Brandon Sterne
> wrote:
>> 2) How does one specify a wildcard for any protocol?
>>
>> I don't think we should allow that. Do you have a reason to
>> believe we should?
>
> IMHO, any policy language needs to cover the e
On 03/13/2010 06:13 AM, Nick Kralevich wrote:
> I'm not sure if this clarifies things
>
> 1) There are now two ways to specify an "inherited-scheme / any port"
> policy, "*" and "*:*". Having two ways to express the same concept may
> lead to more confusion, not less.
Sid addressed the overl
Hi Nick,
On 03/13/2010 06:13 AM, Nick Kralevich wrote:
> I'm not sure if this clarifies things
>
> 1) There are now two ways to specify an "inherited-scheme / any port"
> policy, "*" and "*:*". Having two ways to express the same concept may lead
> to more confusion, not less.
>
> 2) This i
On Fri, Mar 12, 2010 at 5:24 PM, Brandon Sterne wrote:
> On 03/12/2010 04:38 PM, Nick Kralevich wrote:
> > While reading through the Formal Policy Syntax of the CSP, it occurred to
> me
> > that the meaning of "allow *" might be confusing. The wildcard seems to
> > correspond to a hostname only,
On 03/12/2010 04:38 PM, Nick Kralevich wrote:
> While reading through the Formal Policy Syntax of the CSP, it occurred to me
> that the meaning of "allow *" might be confusing. The wildcard seems to
> correspond to a hostname only, and not to a scheme or port.
Another great question. I've made a
While reading through the Formal Policy Syntax of the CSP, it occurred to me
that the meaning of "allow *" might be confusing. The wildcard seems to
correspond to a hostname only, and not to a scheme or port.
::= "'self'"
|
::=