On 15/09/17 20:25, Ted Hardie wrote: > > This set of questions is pretty different from the ones you get with > "function over different paths", because the locus of control moves from > the mostly-trusted browser to the mostly not trusted downloaded application. FWIW, I share Ted's concerns about origins. Regardless of what approaches are taken, the effects of this need to be well understood I think. I don't object to the WG being chartered though but would suggest that there be a mention in the charter that the WG needs to document the consequences, including the dangers, of caching and re-use of DNS answers for likely implementations. I'd be even happier if the resulting spec had a bunch of MUST NOT statements about that, if such statements were likely to be effective. S.
Attachment:
signature.asc
Description: OpenPGP digital signature