Hey Joris,
This isn't really the place to discuss new web platform features.
https://discourse.wicg.io/ might be a better starting place.
https://whatwg.org/faq#adding-new-features might also help in getting
a handle on what it takes to add new features to the web platform.
Kind regards,
Anne
On Tue, Mar 24, 2015 at 8:52 PM, Kathleen Wilson kwil...@mozilla.com wrote:
... which includes local-parts of admin, ...
Perhaps better as which are limited to or some such? Includes makes
it sound non-exhaustive.
--
https://annevankesteren.nl/
___
On Fri, Mar 20, 2015 at 11:48 PM, Peter Kurrasch fhw...@gmail.com wrote:
I do still think it would be a good idea to get the word out so that
concerned admins can fix their sites before things suddenly stop working.
If they use the developer edition of Firefox they'll discover this in
time. I
On Wed, Oct 29, 2014 at 10:02 PM, Dean Coclin dean.j.coc...@verizon.net wrote:
But many people do in fact look at the security indicators. If that
statement were true, why do fraudsters bother to get SSL certs (mostly DV)
for their phishing websites?
Given that Organization is not a
On Fri, Oct 31, 2014 at 11:22 AM, Moudrick M. Dadashov m...@ssc.lt wrote:
The document below proposes a generic syntax for unique identification of
natural/legal Subjects (see Section 5):
On Mon, Oct 20, 2014 at 6:47 PM, Gregory Szorc gregory.sz...@gmail.com wrote:
Quite frankly, I don't care what that messaging around use is as long as it
is coming straight from Mozilla. Even if the conclusion is you probably
shouldn't use this CA bundle, I think adding a link to but here is
On Mon, Oct 20, 2014 at 4:10 AM, Gregory Szorc g...@mozilla.com wrote:
b is a somewhat gnarly-looking Perl script that downloads certdata.txt
from http://hg.mozilla.org/ or http://mxr.mozilla.org/ (more non-HTTPS
URLS!) (hostname depends on which version / instruction you are looking at),
and
On Mon, Sep 22, 2014 at 10:52 PM, Chris Palmer pal...@google.com wrote:
Quite so. My point in this thread was: If we are going to change the
definition of what an origin is, the most security-meaningful change
would be to tie cryptographic identities to origins, rather than
anything else; and,
On Tue, Sep 23, 2014 at 8:08 PM, fhw...@gmail.com wrote:
I'm sure blocking such http requests would break some sites but has anyone
performed research or analysis into how big the problem is? Is there a user
option to force them to be blocked?
Download Firefox Nightly, browse the web, and
On Mon, Sep 22, 2014 at 1:47 PM, fhw...@gmail.com wrote:
To the larger discussion, I have 2 questions: 1) what is the specific message
you'd like to convey to the user beyond what the simple lock icon provides.
2) What action do you intend the user to take based on seeing the new
On Fri, Sep 19, 2014 at 2:04 PM, Hubert Kario hka...@redhat.com wrote:
AFAIK, images do not trigger mixed content
In Firefox Nightly they do at least.
What are the issues?
the vast majority of sites use external resources, CDNs, external APIs,
google script hosting for popular libraries,
On Fri, Sep 19, 2014 at 7:54 PM, Chris Palmer pal...@google.com wrote:
My point is that UI indicators should reflect the reality of actual
technical security boundaries. Unless we actually create a boundary,
we shouldn't show that we have.
So why do you show special UI for EV?
The hair I'd
On Thu, Sep 18, 2014 at 8:23 PM, Chris Palmer pal...@google.com wrote:
Please keep in mind that the origin is the security boundary on the
web, and is defined as being (scheme, host, port).
And optional additional data:
https://html.spec.whatwg.org/multipage/browsers.html#origin
Assuming we
13 matches
Mail list logo