can be reordered, dropped, etc.
>
> On Wed, Dec 2, 2015 at 3:54 PM, Richard Barnes
> wrote:
>
>>
>>
>> On Wed, Dec 2, 2015 at 9:36 AM, Florian Bösch wrote:
>>
>>> 1) Encryption between Alice and Bob by means of an asymmetric
>>> public/private
On Wed, Dec 2, 2015 at 9:36 AM, Florian Bösch wrote:
> 1) Encryption between Alice and Bob by means of an asymmetric
> public/private key exchange protocol cannot be secure if both also exchange
> the keys and none has a method to verify the keys they got are the correct
> ones. Chuck who might c
27;t meet the security criteria laid out in the Mixed Content
spec.
https://w3c.github.io/webappsec-mixed-content/#intro
>
> Le 01/12/2015 00:08, Richard Barnes a écrit :
> > On Mon, Nov 30, 2015 at 5:52 PM, Aymeric Vitte > <mailto:vitteayme...@gmail.com>> wrote:
>
you're
secure against any attacker besides the website. And if you don't trust
that site, there's an identity layer that can provide additional
authentication.
https://w3c.github.io/webrtc-pc/#sec.identity-proxy
--Richard
>
> Le 30/11/2015 22:45, Richard Barnes a écrit
> illogical,
> > if you use wss then you expect it to work as such (ie fail with
> > self-signed certificates for example), if you use ws (what terrible
> > things can happen with ws exactly? ws can't access the DOM or
> whatever)
> > then you
On the one hand, I like the idea of giving developers and users better
information about why things are failing.
On the other hand, it seems unpleasant to make every API that is so
restricted accommodate a "failing because of non-privileged context"
modality, which they will undoubtedly do in diff
Since we're talking about a binary distinction (privileged vs.
unprivileged), presumably you could just make two snapshots?
On Fri, Apr 17, 2015 at 3:38 AM, Elliott Sprehn
wrote:
> It's preferable not to do that for us because you can then create a static
> heap snapshot at compile time and memc