Last Call: <draft-ietf-websec-origin-04.txt> (The Web Origin Concept) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The IESG has received a request from the Web Security WG (websec) to
consider the following document:
- 'The Web Origin Concept'
  <draft-ietf-websec-origin-04.txt> as a Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2011-09-06. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


   This document defines the concept of an "origin", which is often used
   as the scope of authority or privilege by user agents.  Typically,
   user agents isolate content retrieved from different origins to
   prevent malicious web site operators from interfering with the
   operation of benign web sites.  In addition to outlining the
   principles that underlie the concept of origin, this document defines
   how to determine the origin of a URI, how to serialize an origin into
   a string, and an HTTP header, named "Origin", that indicates which
   origins are associated with an HTTP request.




The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-websec-origin/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-websec-origin/


No IPR declarations have been submitted directly on this I-D.


_______________________________________________
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce


[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux