Inline.... > -----Original Message----- > From: Jonas Sicking [mailto:[EMAIL PROTECTED] > Sent: Friday, June 13, 2008 3:28 PM > To: Sunava Dutta > Cc: Arthur Barstow; Marc Silbey; [email protected]; > [EMAIL PROTECTED]; Eric Lawrence; Chris Wilson; David Ross; Mark > Shlimovich (SWI); Doug Stamper; Zhenbin Xu > Subject: Re: Seeking earlier feedback from MS [Was: IE Team's Proposal > for Cross Site Requests] > > Sunava Dutta wrote: > > Inline... > > > >> -----Original Message----- > >> From: Jonas Sicking [mailto:[EMAIL PROTECTED] > >> Sent: Friday, June 13, 2008 1:53 PM > >> To: Sunava Dutta > >> Cc: Arthur Barstow; Marc Silbey; [email protected]; > >> [EMAIL PROTECTED]; [EMAIL PROTECTED] WG (public); public- > >> [EMAIL PROTECTED]; Eric Lawrence; Chris Wilson; David Ross; Mark > >> Shlimovich (SWI); Doug Stamper; Zhenbin Xu > >> Subject: Re: Seeking earlier feedback from MS [Was: IE Team's > Proposal > >> for Cross Site Requests] > >> > >> Sunava Dutta wrote: > >>> Woo hooo, my first mail to the new webapps alias! -:) > >>> > >>> Thanks for waiting for us to get feedback in from people across > MSFT. > >> As promised, here is the whitepaper on client side cross domain > >> security articulating the security principles and challenges (high > >> level and specifics ) of the current CS-XHR draft. > >>> I've also addressed the questions members raised in the FAQ. > >> Thanks Sunava, I look forward to reading this once it is available > in > >> an > >> acceptable license. > >> > >> However, I would further hope that you are able to discuss the > feedback > >> that are sure to be raised? As with your initial feedback, much of > the > >> results of these discussions will also require research and so it is > >> good if we can get as much done before the face to face as possible. > > > > [Sunava Dutta] We're kind of heads down in our development cycle with > IE8 and the F2F is the first opportunity to discuss this at length. > Personally, I have other urgent pending standards related items in HTML > 5.0 and Web Apps that I'll be having to attend to. (I wish our AJAX > team here was bigger!) > > So is that a 'no'? That would be very unfortunate as it just means that > we won't be that much further along after the F2F then we are now as > far > as taking microsofts input into account :([Sunava Dutta]
[Sunava Dutta] Sorry Jonas, but I really don't know what else you want me to say. In case you have forgotten, our conversation a few weeks back (You, Arun, Window, EricLaw [MSFT], Chris [MSFT] and I) on teleconference on CS-XHR and XDR as you yourself said was very informative for Mozilla on articulating why we have security concerns with CS-XHR and reasons why we are shipping XDR. At least Mozilla should have a good understanding of our concerns although no doubt the paper will expand on that. Meanwhile, yes 2 weeks is short and I look forward to spending that time moving forward my other numerous commitments before we further discuss this. > > / Jonas
