Anne van Kesteren wrote:
I don't see a reason why we should call the member urn. URL is much more
consistent with other parts of the Web platform and works just as well.
I thought we agreed on this previously so I'm just mentioning it here
since it seems to have changed again.
"URN" seems to
On Wed, Nov 11, 2009 at 7:23 PM, Maciej Stachowiak wrote:
>
> On Nov 11, 2009, at 3:57 PM, Eric Uhrhane wrote:
>
>> On Wed, Nov 11, 2009 at 12:44 AM, Maciej Stachowiak wrote:
>>>
>>> On Nov 11, 2009, at 12:36 AM, Arve Bersvendsen wrote:
>>>
On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowi
On Wed, Nov 11, 2009 at 6:59 PM, Maciej Stachowiak wrote:
>
> On Nov 11, 2009, at 3:51 PM, Eric Uhrhane wrote:
>
>> On Mon, Nov 9, 2009 at 4:21 PM, Maciej Stachowiak wrote:
>>>
>>> On Nov 9, 2009, at 12:08 PM, Ian Hickson wrote:
>>>
On Mon, 2 Nov 2009, Doug Schepers wrote:
>
> Please
On Nov 11, 2009, at 3:57 PM, Eric Uhrhane wrote:
On Wed, Nov 11, 2009 at 12:44 AM, Maciej Stachowiak
wrote:
On Nov 11, 2009, at 12:36 AM, Arve Bersvendsen wrote:
On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowiak
wrote:
I think file writing (once the script has securely received a
On Nov 11, 2009, at 3:51 PM, Eric Uhrhane wrote:
On Mon, Nov 9, 2009 at 4:21 PM, Maciej Stachowiak
wrote:
On Nov 9, 2009, at 12:08 PM, Ian Hickson wrote:
On Mon, 2 Nov 2009, Doug Schepers wrote:
Please send in use cases, requirements, concerns, and concrete
suggestions about the general
On Wed, Nov 11, 2009 at 12:44 AM, Maciej Stachowiak wrote:
>
> On Nov 11, 2009, at 12:36 AM, Arve Bersvendsen wrote:
>
>> On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowiak
>> wrote:
>>
>>> I think file writing (once the script has securely received a file
>>> handle) has different security co
On Mon, Nov 9, 2009 at 4:21 PM, Maciej Stachowiak wrote:
>
> On Nov 9, 2009, at 12:08 PM, Ian Hickson wrote:
>
>> On Mon, 2 Nov 2009, Doug Schepers wrote:
>>>
>>> Please send in use cases, requirements, concerns, and concrete
>>> suggestions about the general topic (regardless of your opinion abou
Hi All,
Daniel Silva and Samuel Santos have completed Phase 1 of compatibility
testing. They've detailed their results as part of the conformance
matrix [1]. We would like to publish the results as a working group
note. Phase 2 will begin in about 3 weeks, in which we are hoping to
start working w
Gervase Markham wrote on 11/11/2009 6:28 AM:
> On 11/11/09 08:57, Adam Barth wrote:
>> Why do we need a browser mechanism for that? It seems like the site
>> can easily compute whatever max-age value it wishes to set.
>
> Not to mention the fact that you normally don't actually want the LockCA
>
I would be concerned with leaving file writing to DAP, because a
widely held view in DAP seems to be that security can be ignored while
designing APIs and added back later with an external "policy file"
mechanism.
From the F2F my understanding is that DAP will consider security as
an integr
Below is the draft agenda for the November 12 Widgets Voice
Conference (VC).
Inputs and discussion before the VC on all of the agenda topics via
public-webapps is encouraged (as it can result in a shortened meeting).
Please address Open/Raised Issues and Open Actions before the meeting:
h
On 11/11/09 08:57, Adam Barth wrote:
> Why do we need a browser mechanism for that? It seems like the site
> can easily compute whatever max-age value it wishes to set.
Not to mention the fact that you normally don't actually want the LockCA
to expire at exactly the same time as the cert, because
On Nov 11, 2009, at 7:30 AM, ext paul.dow...@bt.com wrote:
During our review we have one overall disappointment: whilst the
Use Cases describe saving local files programatically, the
specification does not provide any write methods.
We wondered if these were to be provided in a later version
o
At Osmosoft, we took some time to collectively read the File API
Editor's Working Draft 28 October 2009:
http://dev.w3.org/2006/webapi/FileAPI/
Our interest in this specification stems from our contribution
to the open source product TiddlyWiki -- an example of a
Single Page Application (SP
On Mon, 2 Nov 2009, Doug Schepers wrote:
>
> Please send in use cases, requirements, concerns, and concrete
> suggestions about the general topic (regardless of your opinion
> about my suggestion).
We presented a paper on behalf of TiddlyWiki, an example
Single Page Application at the devices w
On Wed, 11 Nov 2009 02:39:46 +0100, Maciej Stachowiak
wrote:
On Nov 10, 2009, at 5:29 PM, Anne van Kesteren wrote:
"The name of the file as a UTF8-encoded string." A DOMString is not
UTF-8-encoded. I think this should just say "Returns the filename".
It is not more complicated than that as fa
>> One idea to consider, especially for lockCA, is to somehow denote that STS
>> should expire at the same time
>> as the cert, perhaps by omitting max-age or allowing max-age=cert, etc.
>> This will prevent accidentally
>> causing STS to last longer or shorter than the cert expiration, especia
On Tue, Nov 10, 2009 at 7:40 PM, Bil Corry wrote:
> Gervase Markham wrote on 10/01/2009 5:51 PM:
>> I therefore propose a simple extension to the STS standard; a single
>> token to be appended to the end of the header:
>>
>> lockCA
>
> One idea to consider, especially for lockCA, is to somehow den
On Nov 10, 2009, at 11:45 PM, Charles McCathieNevile wrote:
On Tue, 10 Nov 2009 01:21:06 +0100, Maciej Stachowiak
wrote:
On Nov 9, 2009, at 12:08 PM, Ian Hickson wrote:
On Mon, 2 Nov 2009, Doug Schepers wrote:
Please send in use cases, requirements, concerns, and concrete
suggestions
On Nov 11, 2009, at 12:36 AM, Arve Bersvendsen wrote:
On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowiak
wrote:
I think file writing (once the script has securely received a file
handle) has different security considerations than directory
manipulation and opening of arbitrary files.
On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowiak
wrote:
I think file writing (once the script has securely received a file
handle) has different security considerations than directory
manipulation and opening of arbitrary files. File writing should be
designed with the browser secur
On Mon, 02 Nov 2009 21:48:58 +0100, Doug Schepers wrote:
Please send in use cases, requirements, concerns, and concrete
suggestions about the general topic (regardless of your opinion about my
suggestion).
One concern: There are historical vulnerabilities, such as
http://secunia.com/advi
22 matches
Mail list logo