On 5/6/15 20:32, Ehsan Akhgari wrote:
If this falls under the definition of a "new
feature," and if it's going to be released after the embargo date, then
the security properties of clipboard manipulation don't really enter
into the evaluation.
I admit that I didn't real the entire HTTP deprecation plan thread
because of the length and the tone of some of the participants, so
perhaps I missed this, but reading
<https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/>
seems to suggest that there is going to be a date and criteria for
what new features mean, but I see no mention of what that date is, or
what the definition of new features is.
That's why there were two predicates qualifying the statement.
My point is that the answer to Jonas' question may -- and I'll emphasize
"may" -- turn on an overarching strategic security policy, rather than
the security properties of the feature itself.
--
Adam Roach
Principal Platform Engineer
a...@mozilla.com
+1 650 903 0800 x863
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
