Hi all, <hat="individual">
just a quick update on the status of the informational X-Frame-Options draft. First, let me thank everyone for the great reviews and feedback and apologize for not posting the revised draft earlier. Was a little bit occupied with other work items and also wanted to give enough time to thoroughly incorporate all your feedback. I am very grateful for your reviews and feedback and went through all the emails and incorporated every bit of review feedback you gave me (in some cases I received feedback from more than one person on an individual paragraph in which case I chose the proposals that seemed the best fit to me). The revision includes the WGLC feedback from Adam, Alexey, Barry, Brad, Dave, Jeff, Julian, Mark, Peter and Yoav. And I think it significantly improved the quality of the draft which was before the WGLC still with a few typos and not clearly to understand sentences. I hope the revision does not reflect a good improvement. Personally, I do not think this update made any major changes to the draft, especially as it is only documenting what is out there anyway. So whether we want to re-initiate a second WGLC or submit this to the IESG for LC, will be up to you and my co-chair Yoav and potentially Alexey (if he still volunteering to play I-D shepherd for this doc). Best regards, Tobias On 26/02/13 03:04, [email protected] wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Web Security Working Group of the IETF. > > Title : HTTP Header Field X-Frame-Options > Author(s) : David Ross > Tobias Gondrom > Filename : draft-ietf-websec-x-frame-options-02.txt > Pages : 11 > Date : 2013-02-25 > > Abstract: > To improve the protection of web applications against Clickjacking, > this specification describes the X-Frame-Options HTTP response header > field that declares a policy communicated from the server to the > client browser on whether the browser may display the transmitted > content in frames that are part of other web pages. This > informational document serves to document the existing use and > specification of this X-Frame-Options HTTP response header field. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options > > There's also a htmlized version available at: > http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-02 > > A diff from the previous version is available at: > http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-x-frame-options-02 > > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > websec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/websec _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
