On Mon, 02 Nov 2009 21:48:58 +0100, Doug Schepers schep...@w3.org wrote:
Please send in use cases, requirements, concerns, and concrete
suggestions about the general topic (regardless of your opinion about my
suggestion).
One concern: There are historical vulnerabilities, such as
On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowiak m...@apple.com
wrote:
I think file writing (once the script has securely received a file
handle) has different security considerations than directory
manipulation and opening of arbitrary files. File writing should be
designed with
On Nov 11, 2009, at 12:36 AM, Arve Bersvendsen wrote:
On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowiak
m...@apple.com wrote:
I think file writing (once the script has securely received a file
handle) has different security considerations than directory
manipulation and opening of
On Nov 10, 2009, at 11:45 PM, Charles McCathieNevile wrote:
On Tue, 10 Nov 2009 01:21:06 +0100, Maciej Stachowiak
m...@apple.com wrote:
On Nov 9, 2009, at 12:08 PM, Ian Hickson wrote:
On Mon, 2 Nov 2009, Doug Schepers wrote:
Please send in use cases, requirements, concerns, and
On Tue, Nov 10, 2009 at 7:40 PM, Bil Corry b...@corry.biz wrote:
Gervase Markham wrote on 10/01/2009 5:51 PM:
I therefore propose a simple extension to the STS standard; a single
token to be appended to the end of the header:
lockCA
One idea to consider, especially for lockCA, is to somehow
One idea to consider, especially for lockCA, is to somehow denote that STS
should expire at the same time
as the cert, perhaps by omitting max-age or allowing max-age=cert, etc.
This will prevent accidentally
causing STS to last longer or shorter than the cert expiration, especially
On Wed, 11 Nov 2009 02:39:46 +0100, Maciej Stachowiak m...@apple.com
wrote:
On Nov 10, 2009, at 5:29 PM, Anne van Kesteren wrote:
The name of the file as a UTF8-encoded string. A DOMString is not
UTF-8-encoded. I think this should just say Returns the filename.
It is not more complicated than
On Mon, 2 Nov 2009, Doug Schepers wrote:
Please send in use cases, requirements, concerns, and concrete
suggestions about the general topic (regardless of your opinion
about my suggestion).
We presented a paper on behalf of TiddlyWiki, an example
Single Page Application at the devices
At Osmosoft, we took some time to collectively read the File API
Editor's Working Draft 28 October 2009:
http://dev.w3.org/2006/webapi/FileAPI/
Our interest in this specification stems from our contribution
to the open source product TiddlyWiki -- an example of a
Single Page Application
On Nov 11, 2009, at 7:30 AM, ext paul.dow...@bt.com wrote:
During our review we have one overall disappointment: whilst the
Use Cases describe saving local files programatically, the
specification does not provide any write methods.
We wondered if these were to be provided in a later version
On 11/11/09 08:57, Adam Barth wrote:
Why do we need a browser mechanism for that? It seems like the site
can easily compute whatever max-age value it wishes to set.
Not to mention the fact that you normally don't actually want the LockCA
to expire at exactly the same time as the cert, because
Below is the draft agenda for the November 12 Widgets Voice
Conference (VC).
Inputs and discussion before the VC on all of the agenda topics via
public-webapps is encouraged (as it can result in a shortened meeting).
Please address Open/Raised Issues and Open Actions before the meeting:
I would be concerned with leaving file writing to DAP, because a
widely held view in DAP seems to be that security can be ignored while
designing APIs and added back later with an external policy file
mechanism.
From the F2F my understanding is that DAP will consider security as
an
Gervase Markham wrote on 11/11/2009 6:28 AM:
On 11/11/09 08:57, Adam Barth wrote:
Why do we need a browser mechanism for that? It seems like the site
can easily compute whatever max-age value it wishes to set.
Not to mention the fact that you normally don't actually want the LockCA
to
Hi All,
Daniel Silva and Samuel Santos have completed Phase 1 of compatibility
testing. They've detailed their results as part of the conformance
matrix [1]. We would like to publish the results as a working group
note. Phase 2 will begin in about 3 weeks, in which we are hoping to
start working
On Mon, Nov 9, 2009 at 4:21 PM, Maciej Stachowiak m...@apple.com wrote:
On Nov 9, 2009, at 12:08 PM, Ian Hickson wrote:
On Mon, 2 Nov 2009, Doug Schepers wrote:
Please send in use cases, requirements, concerns, and concrete
suggestions about the general topic (regardless of your opinion
On Wed, Nov 11, 2009 at 12:44 AM, Maciej Stachowiak m...@apple.com wrote:
On Nov 11, 2009, at 12:36 AM, Arve Bersvendsen wrote:
On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowiak m...@apple.com
wrote:
I think file writing (once the script has securely received a file
handle) has
On Nov 11, 2009, at 3:57 PM, Eric Uhrhane wrote:
On Wed, Nov 11, 2009 at 12:44 AM, Maciej Stachowiak m...@apple.com
wrote:
On Nov 11, 2009, at 12:36 AM, Arve Bersvendsen wrote:
On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowiak
m...@apple.com
wrote:
I think file writing (once the
On Wed, Nov 11, 2009 at 6:59 PM, Maciej Stachowiak m...@apple.com wrote:
On Nov 11, 2009, at 3:51 PM, Eric Uhrhane wrote:
On Mon, Nov 9, 2009 at 4:21 PM, Maciej Stachowiak m...@apple.com wrote:
On Nov 9, 2009, at 12:08 PM, Ian Hickson wrote:
On Mon, 2 Nov 2009, Doug Schepers wrote:
On Wed, Nov 11, 2009 at 7:23 PM, Maciej Stachowiak m...@apple.com wrote:
On Nov 11, 2009, at 3:57 PM, Eric Uhrhane wrote:
On Wed, Nov 11, 2009 at 12:44 AM, Maciej Stachowiak m...@apple.com wrote:
On Nov 11, 2009, at 12:36 AM, Arve Bersvendsen wrote:
On Wed, 11 Nov 2009 02:47:50 +0100,
Anne van Kesteren wrote:
I don't see a reason why we should call the member urn. URL is much more
consistent with other parts of the Web platform and works just as well.
I thought we agreed on this previously so I'm just mentioning it here
since it seems to have changed again.
URN seems to
21 matches
Mail list logo
