websec  

Messages by Thread

• • Re: [websec] Same Origins and email Adam Barth
  • Re: [websec] Same Origins and email Murray S. Kucherawy
  • Re: [websec] Same Origins and email =JeffH
  • Re: [websec] Same Origins and email Adam Barth
• [websec] RFC 6454 on The Web Origin Concept rfc-editor
  • Re: [websec] RFC 6454 on The Web Origin Concept =JeffH
  • Re: [websec] RFC 6454 on The Web Origin Concept Peter Saint-Andre
  • Re: [websec] RFC 6454 on The Web Origin Concept Thomas Roessler
• [websec] Feedback on draft-ietf-websec-key-pinning-01 davidillsley
  • [websec] A few comments on draft-ietf-websec-key-pinning Paul Hoffman
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Stephen Farrell
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Yoav Nir
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Paul Hoffman
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Yoav Nir
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Paul Hoffman
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Marsh Ray
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Yoav Nir
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Tony Hansen
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Yoav Nir
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Marsh Ray
  • Re: [websec] A few comments on draft-ietf-websec-key-pinning Yoav Nir
  • Re: [websec] Feedback on draft-ietf-websec-key-pinning-01 Chris Palmer
  • Re: [websec] Feedback on draft-ietf-websec-key-pinning-01 David Illsley
• [websec] Key pinning for DSA keys with inherited domain params Manger, James H
  • Re: [websec] Key pinning for DSA keys with inherited domain params Adam Langley
  • Re: [websec] Key pinning for DSA keys with inherited domain params Chris Palmer
  • Re: [websec] Key pinning for DSA keys with inherited domain params Chris Palmer
  • Re: [websec] Key pinning for DSA keys with inherited domain params Yoav Nir
  • Re: [websec] Key pinning for DSA keys with inherited domain params Phillip Hallam-Baker
  • Re: [websec] Key pinning for DSA keys with inherited domain params Adam Langley
  • Re: [websec] Key pinning for DSA keys with inherited domain params Phillip Hallam-Baker
• [websec] I-D Action: draft-ietf-websec-key-pinning-01.txt internet-drafts
• [websec] Comments on draft-ietf-websec-key-pinning-00 Manger, James H
  • Re: [websec] Comments on draft-ietf-websec-key-pinning-00 Chris Palmer
• [websec] I-D Action: draft-ietf-websec-key-pinning-00.txt internet-drafts
• [websec] W3C Web Cryptography Working Group Charter Peter Saint-Andre
  • Re: [websec] [apps-discuss] W3C Web Cryptography Working Group Charter Bjoern Hoehrmann
• [websec] mimesniff feedback, part 2 Philip Jägenstedt
  • Re: [websec] mimesniff feedback, part 2 Adam Barth
  • Re: [websec] mimesniff feedback, part 2 Julian Reschke
  • Re: [websec] mimesniff feedback, part 2 Adam Barth
  • Re: [websec] mimesniff feedback, part 2 Larry Masinter
  • Re: [websec] mimesniff feedback, part 2 Peter Saint-Andre
  • Re: [websec] mimesniff feedback, part 2 Larry Masinter
  • Re: [websec] mimesniff feedback, part 2 Adam Barth
  • Re: [websec] mimesniff feedback, part 2 Tobias Gondrom
• [websec] mimesniff feedback Philip Jägenstedt
  • Re: [websec] mimesniff feedback Adam Barth
• [websec] Define cross-origin Anne van Kesteren
  • Re: [websec] Define cross-origin Julian Reschke
  • Re: [websec] Define cross-origin Tobias Gondrom
  • Re: [websec] Define cross-origin Larry Masinter
  • Re: [websec] Define cross-origin Adam Barth
  • Re: [websec] Define cross-origin Larry Masinter
  • Re: [websec] Define cross-origin Adam Barth
• [websec] Brief comments on draft-evans-palmer-key-pinning Martin Thomson
• [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document =JeffH
  • Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document Adam Barth
  • Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document Martin Thomson
• [websec] WEBSEC session recording available Meetecho IETF support
• [websec] Regarding HSTS issue #4 Yoav Nir
  • Re: [websec] Regarding HSTS issue #4 Alexey Melnikov
  • Re: [websec] Regarding HSTS issue #4 Yoav Nir
• [websec] Fwd: [Asrg] Phishing and domain reputation Peter Saint-Andre
• [websec] Reasons why DANE does not meet all Security Policy Needs Phillip Hallam-Baker
• [websec] pinning specs Peter Saint-Andre
  • Re: [websec] pinning specs Chris Palmer
  • Re: [websec] pinning specs Peter Saint-Andre
  • [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document Alexey Melnikov
  • Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document Adam Barth
  • Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document Yoav Nir
  • Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document Tom Ritter
  • Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document Phillip Hallam-Baker
  • Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document Alexey Melnikov
• [websec] Meetecho support for WEBSEC WG meeting session Meetecho IETF support
• [websec] #31: HSTS: mention case insesitivity in prose for "max-age" and "includeSubDomains" websec issue tracker
  • Re: [websec] #31: HSTS: mention case insesitivity in prose for "max-age" and "includeSubDomains" websec issue tracker
• [websec] #30: HSTS: add an informational reference to RFC 4732: Denial-of-Service Considerations websec issue tracker
  • Re: [websec] #30: HSTS: add an informational reference to RFC 4732: Denial-of-Service Considerations websec issue tracker
• [websec] #29: HSTS: dismbiguate "mixed content" term & provide reference websec issue tracker
  • Re: [websec] #29: HSTS: dismbiguate "mixed content" term & provide reference websec issue tracker
• [websec] #28: HSTS spec unclear about the denotation of "HSTS policy" websec issue tracker
  • Re: [websec] #28: HSTS spec unclear about the denotation of "HSTS policy" websec issue tracker
• [websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and broken websec issue tracker
  • Re: [websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and broken websec issue tracker
  • Re: [websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and broken websec issue tracker
  • Re: [websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and broken websec issue tracker
• [websec] #26: reference IDNA2008 as well as IDNA2003 websec issue tracker
  • Re: [websec] #26: reference IDNA2008 as well as IDNA2003 websec issue tracker
• [websec] meeting slides Tobias Gondrom
  • Re: [websec] meeting slides Peter Saint-Andre
• [websec] Testsuite for MIME sniffing Alexey Melnikov
• [websec] Fwd: New Version Notification for draft-evans-palmer-key-pinning-00.txt Chris Palmer
• [websec] New draft of HTTP header-based public key pinning Chris Palmer
  • Re: [websec] New draft of HTTP header-based public key pinning Tom Ritter
  • Re: [websec] New draft of HTTP header-based public key pinning Chris Palmer
  • Re: [websec] New draft of HTTP header-based public key pinning Steingruebl, Andy
  • Re: [websec] New draft of HTTP header-based public key pinning Chris Evans
  • Re: [websec] New draft of HTTP header-based public key pinning Adam Barth
  • Re: [websec] New draft of HTTP header-based public key pinning Steingruebl, Andy
  • Re: [websec] New draft of HTTP header-based public key pinning Adam Barth
  • Re: [websec] New draft of HTTP header-based public key pinning Paul Hoffman
  • Re: [websec] New draft of HTTP header-based public key pinning Adam Barth
  • Re: [websec] New draft of HTTP header-based public key pinning Julian Reschke
  • Re: [websec] New draft of HTTP header-based public key pinning Chris Palmer
  • Re: [websec] New draft of HTTP header-based public key pinning Julian Reschke
  • Re: [websec] New draft of HTTP header-based public key pinning Chris Palmer
  • Re: [websec] New draft of HTTP header-based public key pinning Julian Reschke
  • Re: [websec] New draft of HTTP header-based public key pinning Chris Palmer
  • Re: [websec] New draft of HTTP header-based public key pinning Ryan Sleevi
  • Re: [websec] New draft of HTTP header-based public key pinning Chris Palmer
  • Re: [websec] New draft of HTTP header-based public key pinning Yoav Nir
• [websec] fyi: draft-ietf-websec-strict-transport-sec-03 =JeffH
• [websec] I-D Action: draft-ietf-websec-strict-transport-sec-03.txt internet-drafts
• [websec] An alternative approach to Security Policy Phillip Hallam-Baker
• [websec] Sniffing test suite? Larry Masinter
• [websec] reminder: Internet Draft final submission cut-off by 2011-10-31 (Monday) at 17:00 PT Tobias Gondrom
• [websec] Strict-Transport-Security syntax redux =JeffH
  • Re: [websec] Strict-Transport-Security syntax redux Julian Reschke
  • Re: [websec] Strict-Transport-Security syntax redux Bjoern Hoehrmann
  • Re: [websec] Strict-Transport-Security syntax redux Adam Barth
• Re: [websec] [decade] URIs for DECADE -- Named Information URI Scheme Phillip Hallam-Baker
• [websec] #25: what, if any, sniffing for fonts is required? websec issue tracker
  • Re: [websec] #25: what, if any, sniffing for fonts is required? Peter Saint-Andre
• [websec] Issue 17: Registry for magic numbers Adam Barth
  • Re: [websec] Issue 17: Registry for magic numbers Anne van Kesteren
  • Re: [websec] Issue 17: Registry for magic numbers Adam Barth
  • Re: [websec] Issue 17: Registry for magic numbers Tobias Gondrom
  • Re: [websec] Issue 17: Registry for magic numbers Martin J. Dürst
  • Re: [websec] Issue 17: Registry for magic numbers Adam Barth
  • Re: [websec] Issue 17: Registry for magic numbers Tobias Gondrom
  • Re: [websec] Issue 17: Registry for magic numbers Adam Barth
  • Re: [websec] Issue 17: Registry for magic numbers Larry Masinter
  • Re: [websec] Issue 17: Registry for magic numbers Adam Barth
  • Re: [websec] Issue 17: Registry for magic numbers Larry Masinter
  • Re: [websec] Issue 17: Registry for magic numbers Adam Barth
• [websec] MIME sniffing test suite? Is there one? Larry Masinter
• [websec] #24: ensure XML packaging is in scope websec issue tracker
• [websec] #23: spec should mention proposed "nosniff" headers in HTTP even if not adopting them websec issue tracker
• [websec] #22: content-type sniffing should include charset sniffing websec issue tracker
  • Re: [websec] #22: content-type sniffing should include charset sniffing Tobias Gondrom
  • Re: [websec] #22: content-type sniffing should include charset sniffing Adam Barth
  • Re: [websec] #22: content-type sniffing should include charset sniffing Larry Masinter
  • Re: [websec] #22: content-type sniffing should include charset sniffing Adam Barth
  • Re: [websec] #22: content-type sniffing should include charset sniffing Larry Masinter
  • Re: [websec] #22: content-type sniffing should include charset sniffing Adam Barth
  • Re: [websec] #22: content-type sniffing should include charset sniffing Martin J. Dürst
  • Re: [websec] #22: content-type sniffing should include charset sniffing Larry Masinter
  • Re: [websec] #22: content-type sniffing should include charset sniffing Tobias Gondrom
  • Re: [websec] #22: content-type sniffing should include charset sniffing Anne van Kesteren
  • Re: [websec] #22: content-type sniffing should include charset sniffing Larry Masinter
  • Re: [websec] #22: content-type sniffing should include charset sniffing Adam Barth
• [websec] #21: sniffing of text/html shouldn't override polyglot label of application/xhtml+xml websec issue tracker
  • Re: [websec] #21: sniffing of text/html shouldn't override polyglot label of application/xhtml+xml Philip Gladstone
  • Re: [websec] #21: sniffing of text/html shouldn't override polyglot label of application/xhtml+xml Larry Masinter
  • Re: [websec] #21: sniffing of text/html shouldn't override polyglot label of application/xhtml+xml Philip Gladstone
  • Re: [websec] #21: sniffing of text/html shouldn't override polyglot label of application/xhtml+xml Adam Barth
• [websec] #20: Sniffing should be "opt in" on a case-by-case basis websec issue tracker
  • Re: [websec] #20: Sniffing should be "opt in" on a case-by-case basis Tobias Gondrom
  • Re: [websec] #20: Sniffing should be "opt in" on a case-by-case basis Larry Masinter
  • Re: [websec] #20: Sniffing should be "opt in" on a case-by-case basis Adam Barth
• [websec] #19: Do not sniff PDF websec issue tracker
  • Re: [websec] #19: Do not sniff PDF Tobias Gondrom
  • Re: [websec] #19: Do not sniff PDF Larry Masinter
  • Re: [websec] #19: Do not sniff PDF Adam Barth
  • Re: [websec] #19: Do not sniff PDF Tobias Gondrom
  • Re: [websec] #19: Do not sniff PDF Julian Reschke
• [websec] #18: Describe use of file extension in sniffing from "file:" and "ftp:" URIs websec issue tracker
• [websec] #17: Use the "magic numbers" in the media type IANA registry instead of an explicit table websec issue tracker
  • Re: [websec] #17: Use the "magic numbers" in the media type IANA registry instead of an explicit table websec issue tracker
• [websec] Are all the issues filed? (was: Re: Using IETF Tracker for issues on MIME sniffing?) Adam Barth
  • Re: [websec] Are all the issues filed? (was: Re: Using IETF Tracker for issues on MIME sniffing?) Larry Masinter
  • [websec] font sniffing - Re: Are all the issues filed? (was: Re: Using IETF Tracker for issues on MIME sniffing?) Tobias Gondrom
  • Re: [websec] font sniffing - Re: Are all the issues filed? (was: Re: Using IETF Tracker for issues on MIME sniffing?) Adam Barth
  • Re: [websec] font sniffing Anne van Kesteren
  • Re: [websec] font sniffing Tobias Gondrom
  • Re: [websec] font sniffing Anne van Kesteren
  • Re: [websec] font sniffing Tobias Gondrom
  • Re: [websec] font sniffing Anne van Kesteren
  • Re: [websec] font sniffing Larry Masinter
  • Re: [websec] font sniffing Martin J. Dürst
  • Re: [websec] font sniffing Martin J. Dürst
  • Re: [websec] font sniffing Anne van Kesteren
  • Re: [websec] font sniffing Martin J. Dürst
  • Re: [websec] font sniffing Tobias Gondrom
  • Re: [websec] font sniffing Peter Saint-Andre
  • Re: [websec] font sniffing Adam Barth
  • Re: [websec] font sniffing Peter Saint-Andre
  • Re: [websec] font sniffing Anne van Kesteren
  • Re: [websec] font sniffing Peter Saint-Andre
  • Re: [websec] font sniffing Peter Saint-Andre
  • Re: [websec] font sniffing Adam Barth
• [websec] #16: lack of explanatory text and no justifications for the normative language websec issue tracker
  • Re: [websec] #16: lack of explanatory text and no justifications for the normative language websec issue tracker
  • Re: [websec] #16: lack of explanatory text and no justifications for the normative language Tobias Gondrom
  • Re: [websec] #16: lack of explanatory text and no justifications for the normative language websec issue tracker
• [websec] #15: Clarify scope of web sniffing websec issue tracker
  • Re: [websec] #15: Clarify scope of MIME sniffing (was: Clarify scope of web sniffing) websec issue tracker
  • Re: [websec] #15: Clarify scope of web sniffing Tobias Gondrom
  • Re: [websec] #15: Clarify scope of MIME sniffing websec issue tracker

• Earlier messages
• Later messages