-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 7/29/13 11:37 AM, The IESG wrote: > > The IESG has received a request from the Web Security WG (websec) > to consider the following document: - 'HTTP Header Field > X-Frame-Options' <draft-ietf-websec-x-frame-options-07.txt> as > Informational RFC Section 1 states: This specification provides informational documentation about the current use and definition of the X-Frame-Options HTTP header field. Given that the "X-" construction is deprecated [RFC6648], the X -Frame-Options header field will in the future be replaced by the Frame-Options directive in the Content Security Policy Version 1.1 [CSP-1-1]. IMO, RFC 6648 does not necessitate deprecating the X-Frame-Options header field in favor of the Frame-Options header field, since RFC 6648 is not retroactive. We might want to make the relationship clearer here. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJR9nTUAAoJEOoGpJErxa2p+j0QAIh/eaMB0hj8C0YwFphmDE6w bBnOaqLAEtb1A269cx9Uzx0+gjnQz+9PI0wvrev08kKWR4DFNxXNKAGC8rxJx6T/ dXcB3WjwDAg7iinoL+LRcP5ionE9519gU6V65Ff4IpkBpFiY2KhkC6FKV1AgeH7C EIIpjHNH2dzeDQSBkYY1WGk5xDcXwoo+isUhF8TXhSf9mwY0NrUD2zO3UDDiAf// ZTWbAH1vvMl4BDduq1bSt0Yt0H4gBtOOjeo86N0EsfHNoPPSOmHQ/4aX18rGa7/A 7ddk5GXFRmaLR6zLXCrOIWc+RSe5rIHOKk1Im2OC/S7D/t1zaDhRROLIekMGZafa ySOo2dih/tQav7uAkdzDQr1HQ9LRRkzx5EnIdrbrVJGIPuDnOfvZ2ddE+7LDLQB7 SiZdacYVAKa3whaDiY4i2JVduv/2LyHG+JUhMDtD+J8PYSf4gPLRC4l8XqneIri7 9X+3UIW+I34c9mopbzwD+UiB+gPaHcBGKE3+LEBPJM1/+sUh7uM0Pm5SaU9NvXP1 VlR8H9cnvjf7DBm/p+cZ/hQiy78f/Zox/zRobeVlZUoW/+o4jqunYJA0EBNqHSKp 4hm2fBWMfQZZdVhYymHGY8+uhhKGp6U/fqJ95J6fwtlQhvo+O3MwzGywhHFFsgJV fVAvCigEvz3XX+RfaVJq =VZfS -----END PGP SIGNATURE-----