websec Discussion Archive - Date Index

[Prev Page] [Next Page] [Thread Index] [IETF Mailing List Directory] [websec List Information]

Feb 22 2012

Re: [websec] I-D Action: draft-nir-websec-extended-origin-00.txt, Manger, James H

Feb 20 2012

Re: [websec] Frame-Options header and intermediate frames, David Ross

Feb 18 2012

Re: [websec] Frame-Options header and intermediate frames, Giorgio Maone
Re: [websec] Frame-Options header and intermediate frames, Adam Barth
[websec] Frame-Options header and intermediate frames, David Ross

Feb 16 2012

[websec] Outstanding Issues on draft-ietf-websec-key-pinning-01, Tom Ritter

Feb 10 2012

Re: [websec] wrt IDN processing-related security considerations for draft-ietf-websec-strict-transport-sec, =JeffH

Feb 02 2012

[websec] Fwd: I-D Action: draft-nir-websec-extended-origin-00.txt, Yoav Nir

Feb 01 2012

Re: [websec] #36: HSTS: fixup references, =JeffH
Re: [websec] #36: HSTS: fixup references, Alexey Melnikov
Re: [websec] #36: HSTS: fixup references, =JeffH

Jan 31 2012

Re: [websec] #33: HSTS: quoted-string grammar in (extension) directives ?, websec issue tracker
[websec] STS ABNF, was: new rev: draft-ietf-websec-strict-transport-sec-04, Julian Reschke
Re: [websec] proposed workflow for trac issue tickets (HSTS), Alexey Melnikov

Jan 27 2012

[websec] proposed workflow for trac issue tickets (HSTS), =JeffH
[websec] new rev: draft-ietf-websec-strict-transport-sec-04, =JeffH
[websec] I-D Action: draft-ietf-websec-strict-transport-sec-04.txt, internet-drafts

Jan 25 2012

Re: [websec] wrt IDN processing-related security considerations for draft-ietf-websec-strict-transport-sec, Pete Resnick
[websec] #36: HSTS: fixup references, websec issue tracker
Re: [websec] #33: HSTS: quoted-string grammar in (extension) directives ?, websec issue tracker

Jan 20 2012

Re: [websec] Strict-Transport-Security syntax redux, Bjoern Hoehrmann
[websec] #35: HSTS spec could be more clear about UA behavior behind proxies, websec issue tracker
[websec] TheRightKey at ietf.org -- next gen broad user-facing internet trust infrastructure discussion, =JeffH

Jan 17 2012

Re: [websec] preparing for Paris, Tobias Gondrom

Jan 17 2012

Re: [websec] Minor feedback on draft-ietf-websec-mime-sniff-03, Willy Tarreau
Re: [websec] Minor feedback on draft-ietf-websec-mime-sniff-03, Ian Hickson
Re: [websec] preparing for Paris, Yoav Nir
[websec] preparing for Paris, Peter Saint-Andre

Jan 16 2012

Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Julian Reschke
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Julian Reschke
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Manger, James H
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Marsh Ray
Re: [websec] #34: HSTS cache manipulation and misuse by server enabled by wildcard cert, =JeffH
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), =JeffH

Jan 15 2012

Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Adam Barth
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Julian Reschke
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Julian Reschke
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Adam Barth
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Julian Reschke
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux), Adam Barth
Re: [websec] Minor feedback on draft-ietf-websec-mime-sniff-03, Willy Tarreau
Re: [websec] Minor feedback on draft-ietf-websec-mime-sniff-03, Willy Tarreau
Re: [websec] Minor feedback on draft-ietf-websec-mime-sniff-03, Adam Barth
Re: [websec] Minor feedback on draft-ietf-websec-mime-sniff-03, Julian Reschke
Re: [websec] Minor feedback on draft-ietf-websec-mime-sniff-03, Adam Barth
Re: [websec] Minor feedback on draft-ietf-websec-mime-sniff-03, Willy Tarreau
Re: [websec] Minor feedback on draft-ietf-websec-mime-sniff-03, Adam Barth
[websec] Minor feedback on draft-ietf-websec-mime-sniff-03, Willy Tarreau
Re: [websec] #34: HSTS cache manipulation and misuse by server enabled by wildcard cert, Adam Barth
Re: [websec] #34: HSTS cache manipulation and misuse by server enabled by wildcard cert, Yoav Nir
[websec] #34: HSTS cache manipulation and misuse by server enabled by wildcard cert, websec issue tracker

Jan 14 2012

Jan 11 2012

Re: [websec] scope of mimesniff: roles vs. contexts vs. delivery channels, Tobias Gondrom

Jan 11 2012

Re: [websec] scope of mimesniff: roles vs. contexts vs. delivery channels, Bjoern Hoehrmann
[websec] scope of mimesniff: roles vs. contexts vs. delivery channels, Larry Masinter

Jan 09 2012

Re: [websec] Is sniffing a heuristic? (was Re: more on sniffing), SM
Re: [websec] Is sniffing a heuristic? (was Re: more on sniffing), Gervase Markham
Re: [websec] mimesniff feedback, part 2, Tobias Gondrom
Re: [websec] Strict-Transport-Security syntax redux, Paul Hoffman
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Bjoern Hoehrmann
[websec] When is sniffing heuristic?, Larry Masinter

Jan 08 2012

Re: [websec] Is sniffing a heuristic? (was Re: more on sniffing), Bjoern Hoehrmann
[websec] Is sniffing a heuristic? (was Re: more on sniffing), Adam Barth
Re: [websec] more on sniffing, Adam Barth
Re: [websec] mimesniff feedback, part 2, Adam Barth
[websec] more on sniffing, Larry Masinter
Re: [websec] mimesniff feedback, part 2, Larry Masinter

Jan 05 2012

Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Anne van Kesteren
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Anne van Kesteren
Re: [websec] Strict-Transport-Security syntax redux, Paul Hoffman
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Anne van Kesteren
Re: [websec] Strict-Transport-Security syntax redux, Tobias Gondrom

Jan 04 2012

Jan 03 2012

Re: [websec] default value for max-age ?, Julian Reschke
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux), Adam Barth
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux), Julian Reschke
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux), Julian Reschke
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux), Yoav Nir
Re: [websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and broken, websec issue tracker
[websec] #33: HSTS: quoted-string grammar in (extension) directives ?, websec issue tracker
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux), Adam Barth
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux), Chris Palmer

Jan 02 2012

[websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux), =JeffH

Dec 30 2011

Re: [websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and broken, websec issue tracker

Dec 30 2011

Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Roy T. Fielding
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, =JeffH

Dec 29 2011

Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
[websec] draft-ietf-websec-strict-transport-sec-03 reference nits, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke

Dec 28 2011

[websec] #32: HSTS: explain some practical implications of includeSubDomains directive, websec issue tracker

Dec 22 2011

[websec] wrt IDN processing-related security considerations for draft-ietf-websec-strict-transport-sec, =JeffH

Dec 17 2011

[websec] Minutes for the WebSec meeting in Taipei, Alexey Melnikov

Dec 16 2011

Re: [websec] Key pinning for DSA keys with inherited domain params, Phillip Hallam-Baker

Dec 15 2011

Re: [websec] FYI: related drafts on securing TSL and certificates, Adam Langley
Re: [websec] FYI: related drafts on securing TSL and certificates, Chris Palmer
[websec] FYI: related drafts on securing TSL and certificates, Tobias Gondrom

Dec 13 2011

Re: [websec] X-Requested-With header field, Tobias Gondrom

Dec 13 2011

Re: [websec] X-Requested-With header field, Peter Saint-Andre
Re: [websec] Key pinning for DSA keys with inherited domain params, Adam Langley
Re: [websec] Key pinning for DSA keys with inherited domain params, Phillip Hallam-Baker
[websec] X-Requested-With header field, Julian Reschke
Re: [websec] Test of XHR in HTML mail, Gervase Markham
Re: [websec] Key pinning for DSA keys with inherited domain params, Yoav Nir
Re: [websec] Key pinning for DSA keys with inherited domain params, Chris Palmer
Re: [websec] Key pinning for DSA keys with inherited domain params, Chris Palmer

Dec 12 2011

Re: [websec] Feedback on draft-ietf-websec-key-pinning-01, David Illsley
Re: [websec] Same Origins and email, Adam Barth
Re: [websec] Same Origins and email, Adam Barth
Re: [websec] Same Origins and email, =JeffH
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Yoav Nir
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Marsh Ray
Re: [websec] Test of XHR in HTML mail, Richard L. Barnes
Re: [websec] Test of XHR in HTML mail, Richard L. Barnes
[websec] Test of XHR in HTML mail, Richard Barnes
Re: [websec] Same Origins and email, Adam Barth
Re: [websec] Same Origins and email, Murray S. Kucherawy
Re: [websec] Feedback on draft-ietf-websec-key-pinning-01, Chris Palmer
Re: [websec] Same Origins and email, Murray S. Kucherawy
Re: [websec] Same Origins and email, Adam Barth
Re: [websec] RFC 6454 on The Web Origin Concept, Thomas Roessler
Re: [websec] Same Origins and email, Yoav Nir
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Yoav Nir
Re: [websec] RFC 6454 on The Web Origin Concept, Peter Saint-Andre
Re: [websec] RFC 6454 on The Web Origin Concept, =JeffH
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Tony Hansen
Re: [websec] Same Origins and email, Murray S. Kucherawy
Re: [websec] Same Origins and email, Adam Barth
[websec] Same Origins and email, Murray S. Kucherawy
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Yoav Nir
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Paul Hoffman
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Marsh Ray
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Yoav Nir
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Paul Hoffman
Re: [websec] Key pinning for DSA keys with inherited domain params, Adam Langley
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Yoav Nir
Re: [websec] A few comments on draft-ietf-websec-key-pinning, Stephen Farrell
[websec] A few comments on draft-ietf-websec-key-pinning, Paul Hoffman

Dec 11 2011

[websec] RFC 6454 on The Web Origin Concept, rfc-editor
[websec] Feedback on draft-ietf-websec-key-pinning-01, davidillsley

Dec 10 2011

[websec] Key pinning for DSA keys with inherited domain params, Manger, James H

Dec 09 2011

[websec] I-D Action: draft-ietf-websec-key-pinning-01.txt, internet-drafts
Re: [websec] Comments on draft-ietf-websec-key-pinning-00, Chris Palmer

Dec 04 2011

Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document, Alexey Melnikov

Nov 29 2011

[websec] Comments on draft-ietf-websec-key-pinning-00, Manger, James H
[websec] I-D Action: draft-ietf-websec-key-pinning-00.txt, internet-drafts

Nov 29 2011

Re: [websec] mimesniff feedback, part 2, Peter Saint-Andre

Nov 27 2011

Re: [websec] Define cross-origin, Adam Barth
Re: [websec] Define cross-origin, Larry Masinter
Re: [websec] Define cross-origin, Adam Barth
Re: [websec] Define cross-origin, Larry Masinter
Re: [websec] mimesniff feedback, part 2, Larry Masinter

Nov 26 2011

Re: [websec] mimesniff feedback, part 2, Adam Barth
Re: [websec] [apps-discuss] W3C Web Cryptography Working Group Charter, Bjoern Hoehrmann
[websec] W3C Web Cryptography Working Group Charter, Peter Saint-Andre
Re: [websec] mimesniff feedback, part 2, Julian Reschke
Re: [websec] mimesniff feedback, part 2, Adam Barth
Re: [websec] mimesniff feedback, Adam Barth

Nov 25 2011

[websec] mimesniff feedback, part 2, Philip JÃgenstedt
[websec] mimesniff feedback, Philip JÃgenstedt

Nov 23 2011

Re: [websec] Define cross-origin, Tobias Gondrom
Re: [websec] Define cross-origin, Julian Reschke
[websec] Define cross-origin, Anne van Kesteren

Nov 22 2011

Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document, Martin Thomson
[websec] Brief comments on draft-evans-palmer-key-pinning, Martin Thomson
Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document, Adam Barth
[websec] Acceptance of draft-evans-palmer-key-pinning as a WG document, =JeffH

Nov 21 2011

[websec] WEBSEC session recording available, Meetecho IETF support
Re: [websec] Regarding HSTS issue #4, Yoav Nir
Re: [websec] Regarding HSTS issue #4, Alexey Melnikov

Nov 17 2011

Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document, Phillip Hallam-Baker
Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document, Tom Ritter
Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document, Yoav Nir
Re: [websec] Acceptance of draft-evans-palmer-key-pinning as a WG document, Adam Barth
[websec] Acceptance of draft-evans-palmer-key-pinning as a WG document, Alexey Melnikov
[websec] Regarding HSTS issue #4, Yoav Nir

Nov 16 2011

[websec] Fwd: [Asrg] Phishing and domain reputation, Peter Saint-Andre
[websec] Reasons why DANE does not meet all Security Policy Needs, Phillip Hallam-Baker

Nov 15 2011

Re: [websec] pinning specs, Peter Saint-Andre
Re: [websec] pinning specs, Chris Palmer
Re: [websec] meeting slides, Peter Saint-Andre
[websec] pinning specs, Peter Saint-Andre
[websec] Meetecho support for WEBSEC WG meeting session, Meetecho IETF support
[websec] hodges-ietf-82-websec-HSTS-Status, =JeffH
[websec] #31: HSTS: mention case insesitivity in prose for "max-age" and "includeSubDomains", websec issue tracker
[websec] #30: HSTS: add an informational reference to RFC 4732: Denial-of-Service Considerations, websec issue tracker
[websec] #29: HSTS: dismbiguate "mixed content" term & provide reference, websec issue tracker
[websec] #28: HSTS spec unclear about the denotation of "HSTS policy", websec issue tracker
[websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and broken, websec issue tracker
[websec] #26: reference IDNA2008 as well as IDNA2003, websec issue tracker
[websec] meeting slides, Tobias Gondrom
Re: [websec] #17: Use the "magic numbers" in the media type IANA registry instead of an explicit table, websec issue tracker
Re: [websec] #16: lack of explanatory text and no justifications for the normative language, websec issue tracker
[websec] Testsuite for MIME sniffing, Alexey Melnikov

Nov 14 2011

[websec] Fwd: New Version Notification for draft-evans-palmer-key-pinning-00.txt, Chris Palmer

Nov 10 2011

Re: [websec] New draft of HTTP header-based public key pinning, Chris Palmer

Nov 09 2011

Re: [websec] New draft of HTTP header-based public key pinning, Ryan Sleevi
Re: [websec] New draft of HTTP header-based public key pinning, Chris Palmer
Re: [websec] New draft of HTTP header-based public key pinning, Julian Reschke
Re: [websec] New draft of HTTP header-based public key pinning, Chris Palmer
Re: [websec] New draft of HTTP header-based public key pinning, Julian Reschke
Re: [websec] New draft of HTTP header-based public key pinning, Chris Palmer
Re: [websec] New draft of HTTP header-based public key pinning, Adam Barth
Re: [websec] font sniffing, Adam Barth
Re: [websec] New draft of HTTP header-based public key pinning, Paul Hoffman
Re: [websec] font sniffing, Peter Saint-Andre
Re: [websec] font sniffing, Peter Saint-Andre
Re: [websec] font sniffing, Anne van Kesteren
Re: [websec] font sniffing, Peter Saint-Andre
Re: [websec] font sniffing, Adam Barth
Re: [websec] font sniffing, Peter Saint-Andre
Re: [websec] New draft of HTTP header-based public key pinning, Adam Barth
Re: [websec] New draft of HTTP header-based public key pinning, Steingruebl, Andy
Re: [websec] New draft of HTTP header-based public key pinning, Adam Barth
Re: [websec] New draft of HTTP header-based public key pinning, Julian Reschke
Re: [websec] New draft of HTTP header-based public key pinning, Yoav Nir
Re: [websec] New draft of HTTP header-based public key pinning, Chris Evans
Re: [websec] New draft of HTTP header-based public key pinning, Steingruebl, Andy
Re: [websec] New draft of HTTP header-based public key pinning, Chris Palmer
Re: [websec] New draft of HTTP header-based public key pinning, Tom Ritter

Nov 08 2011

[websec] New draft of HTTP header-based public key pinning, Chris Palmer

Oct 31 2011

[websec] fyi: draft-ietf-websec-strict-transport-sec-03, =JeffH
[websec] I-D Action: draft-ietf-websec-strict-transport-sec-03.txt, internet-drafts

Oct 30 2011

Re: [websec] Strict-Transport-Security syntax redux, Phillip Hallam-Baker

Oct 29 2011

Re: [websec] Strict-Transport-Security syntax redux, Bjoern Hoehrmann
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Phillip Hallam-Baker
[websec] An alternative approach to Security Policy, Phillip Hallam-Baker
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth
Re: [websec] Strict-Transport-Security syntax redux, =JeffH
Re: [websec] Strict-Transport-Security syntax redux, =JeffH

Oct 28 2011

[websec] Sniffing test suite?, Larry Masinter
[websec] reminder: Internet Draft final submission cut-off by 2011-10-31 (Monday) at 17:00 PT, Tobias Gondrom
Re: [websec] Strict-Transport-Security syntax redux, Adam Barth

Oct 27 2011

Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
[websec] Strict-Transport-Security syntax redux, =JeffH

Oct 26 2011

Re: [websec] #25: what, if any, sniffing for fonts is required?, Peter Saint-Andre
Re: [websec] [decade] URIs for DECADE -- Named Information URI Scheme, Phillip Hallam-Baker
Re: [websec] Issue 17: Registry for magic numbers, Adam Barth
Re: [websec] Issue 17: Registry for magic numbers, Larry Masinter
Re: [websec] Issue 17: Registry for magic numbers, Adam Barth
Re: [websec] Issue 17: Registry for magic numbers, Larry Masinter
Re: [websec] Issue 17: Registry for magic numbers, Adam Barth
Re: [websec] Issue 17: Registry for magic numbers, Tobias Gondrom

Oct 25 2011

[websec] #25: what, if any, sniffing for fonts is required?, websec issue tracker
Re: [websec] font sniffing, Tobias Gondrom
Re: [websec] font sniffing, "Martin J. DÃrst"
Re: [websec] Issue 17: Registry for magic numbers, Adam Barth
Re: [websec] Issue 17: Registry for magic numbers, Tobias Gondrom
Re: [websec] Issue 17: Registry for magic numbers, "Martin J. DÃrst"
Re: [websec] font sniffing, Anne van Kesteren
Re: [websec] Issue 17: Registry for magic numbers, Adam Barth
Re: [websec] Issue 17: Registry for magic numbers, Anne van Kesteren
[websec] Issue 17: Registry for magic numbers, Adam Barth
Re: [websec] font sniffing, "Martin J. DÃrst"
Re: [websec] font sniffing, "Martin J. DÃrst"

Oct 24 2011

Re: [websec] #21: sniffing of text/html shouldn't override polyglot label of application/xhtml+xml, Adam Barth
Re: [websec] #21: sniffing of text/html shouldn't override polyglot label of application/xhtml+xml, Philip Gladstone
Re: [websec] font sniffing, Larry Masinter
Re: [websec] #21: sniffing of text/html shouldn't override polyglot label of application/xhtml+xml, Larry Masinter
Re: [websec] #21: sniffing of text/html shouldn't override polyglot label of application/xhtml+xml, Philip Gladstone
Re: [websec] font sniffing, Anne van Kesteren
Re: [websec] font sniffing, Tobias Gondrom
Re: [websec] #22: content-type sniffing should include charset sniffing, Anne van Kesteren
Re: [websec] font sniffing, Anne van Kesteren
Re: [websec] font sniffing, Tobias Gondrom
Re: [websec] font sniffing, Anne van Kesteren
Re: [websec] #16: lack of explanatory text and no justifications for the normative language, Tobias Gondrom
Re: [websec] #19: Do not sniff PDF, Julian Reschke
Re: [websec] #19: Do not sniff PDF, Tobias Gondrom
Re: [websec] #22: content-type sniffing should include charset sniffing, Tobias Gondrom
Re: [websec] #22: content-type sniffing should include charset sniffing, Larry Masinter
Re: [websec] #22: content-type sniffing should include charset sniffing, "Martin J. DÃrst"
[websec] MIME sniffing test suite? Is there one?, Larry Masinter
Re: [websec] #22: content-type sniffing should include charset sniffing, Adam Barth
Re: [websec] #22: content-type sniffing should include charset sniffing, Larry Masinter
Re: [websec] #22: content-type sniffing should include charset sniffing, Adam Barth
Re: [websec] #22: content-type sniffing should include charset sniffing, Larry Masinter
Re: [websec] #22: content-type sniffing should include charset sniffing, Adam Barth
Re: [websec] #22: content-type sniffing should include charset sniffing, Larry Masinter
Re: [websec] #20: Sniffing should be "opt in" on a case-by-case basis, Adam Barth
Re: [websec] #22: content-type sniffing should include charset sniffing, Adam Barth
Re: [websec] #20: Sniffing should be "opt in" on a case-by-case basis, Larry Masinter
Re: [websec] #19: Do not sniff PDF, Adam Barth
Re: [websec] #22: content-type sniffing should include charset sniffing, Tobias Gondrom
Re: [websec] font sniffing - Re: Are all the issues filed? (was: Re: Using IETF Tracker for issues on MIME sniffing?), Adam Barth
Re: [websec] #19: Do not sniff PDF, Larry Masinter
[websec] font sniffing - Re: Are all the issues filed? (was: Re: Using IETF Tracker for issues on MIME sniffing?), Tobias Gondrom
Re: [websec] #20: Sniffing should be "opt in" on a case-by-case basis, Tobias Gondrom
Re: [websec] #19: Do not sniff PDF, Tobias Gondrom
Re: [websec] Are all the issues filed? (was: Re: Using IETF Tracker for issues on MIME sniffing?), Larry Masinter
[websec] #24: ensure XML packaging is in scope, websec issue tracker
[websec] #23: spec should mention proposed "nosniff" headers in HTTP even if not adopting them, websec issue tracker

Oct 23 2011

[websec] #22: content-type sniffing should include charset sniffing, websec issue tracker
[websec] #21: sniffing of text/html shouldn't override polyglot label of application/xhtml+xml, websec issue tracker
[websec] #20: Sniffing should be "opt in" on a case-by-case basis, websec issue tracker
[websec] #19: Do not sniff PDF, websec issue tracker
[websec] #18: Describe use of file extension in sniffing from "file:" and "ftp:" URIs, websec issue tracker
[websec] #17: Use the "magic numbers" in the media type IANA registry instead of an explicit table, websec issue tracker

Oct 22 2011

[websec] Are all the issues filed? (was: Re: Using IETF Tracker for issues on MIME sniffing?), Adam Barth
Re: [websec] #16: lack of explanatory text and no justifications for the normative language, websec issue tracker
Re: [websec] #15: Clarify scope of MIME sniffing, websec issue tracker

Oct 21 2011

Re: [websec] Review of draft-evans-palmer-hsts-pinning-00, Chris Palmer

Oct 19 2011

[websec] #16: lack of explanatory text and no justifications for the normative language, websec issue tracker
Re: [websec] #15: Clarify scope of web sniffing, Tobias Gondrom

Oct 18 2011

Re: [websec] Using IETF Tracker for issues on MIME sniffing?, Tobias Gondrom
Re: [websec] wrt "breaking pins" aka "un-pinning" (breakv, breakc directives; draft-evans-palmer-hsts-pinning-00), Phillip Hallam-Baker

Oct 17 2011

Re: [websec] wrt "breaking pins" aka "un-pinning" (breakv, breakc directives; draft-evans-palmer-hsts-pinning-00), Marsh Ray
Re: [websec] wrt "breaking pins" aka "un-pinning" (breakv, breakc directives; draft-evans-palmer-hsts-pinning-00), Chris Palmer
Re: [websec] wrt "breaking pins" aka "un-pinning" (breakv, breakc directives; draft-evans-palmer-hsts-pinning-00), =JeffH
Re: [websec] separate pinning header (was: Pinning and beyond...), Chris Palmer
Re: [websec] #15: Clarify scope of MIME sniffing (was: Clarify scope of web sniffing), websec issue tracker
[websec] #15: Clarify scope of web sniffing, websec issue tracker
Re: [websec] wrt "breaking pins" aka "un-pinning" (breakv, breakc directives; draft-evans-palmer-hsts-pinning-00), Chris Palmer
Re: [websec] Using IETF Tracker for issues on MIME sniffing?, Peter Saint-Andre
[websec] websec meeting in Taipei, Tobias Gondrom
Re: [websec] wrt "breaking pins" aka "un-pinning" (breakv, breakc directives; draft-evans-palmer-hsts-pinning-00), Trevor Perrin

Oct 15 2011

Re: [websec] separate pinning header (was: Pinning and beyond...), Phillip Hallam-Baker

Oct 15 2011

Re: [websec] Using IETF Tracker for issues on MIME sniffing?, Adam Barth
[websec] Using IETF Tracker for issues on MIME sniffing?, Larry Masinter
Re: [websec] Review of draft-evans-palmer-hsts-pinning-00, Tom Ritter
Re: [websec] separate pinning header (was: Pinning and beyond...), Tom Ritter

Oct 14 2011

Oct 08 2011

Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] Strict-Transport-Security syntax redux, Julian Reschke
Re: [websec] [decade] Digest: Adventures in encoding, Phillip Hallam-Baker

Oct 07 2011

Re: [websec] [decade] Digest: Adventures in encoding, Giorgio Maone
Re: [websec] [decade] Digest: Adventures in encoding, Julian Reschke
Re: [websec] [decade] Digest: Adventures in encoding, Phillip Hallam-Baker
Re: [websec] [decade] Digest: Adventures in encoding, Stephen Farrell
Re: [websec] [decade] Digest: Adventures in encoding, Phillip Hallam-Baker
Re: [websec] [decade] Digest: Adventures in encoding, Phillip Hallam-Baker
Re: [websec] [decade] Digest: Adventures in encoding, Stephen Farrell
Re: [websec] [decade] Digest: Adventures in encoding, "Martin J. DÃrst"
Re: [websec] [decade] Digest: Adventures in encoding, Stephen Farrell
[websec] Digest: Adventures in encoding, Phillip Hallam-Baker

Oct 06 2011

Re: [websec] Strict-Transport-Security syntax redux, =JeffH

Oct 05 2011

[websec] Protocol Action: 'The Web Origin Concept' to Proposed Standard (draft-ietf-websec-origin-06.txt), The IESG
Re: [websec] [decade] Updated, updated DIGEST spec, Phillip Hallam-Baker
Re: [websec] I-D Action: draft-ietf-websec-origin-05.txt, Julian Reschke
Re: [websec] [decade] Updated, updated DIGEST spec, Rahman, Akbar

Oct 04 2011

Re: [websec] Updated, updated DIGEST spec, Phillip Hallam-Baker
[websec] Updated, updated DIGEST spec, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest Scheme URI: .well-known, Phillip Hallam-Baker
Re: [websec] Updated Digest Scheme URI: truncated digests, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Julian Reschke
Re: [websec] Updated Digest Scheme URI: truncated digests, Thomson, Martin
Re: [websec] Digest Scheme URI: .well-known, Thomson, Martin
Re: [websec] Updated Digest Scheme URI: truncated digests, Manger, James H
Re: [websec] Digest Scheme URI: .well-known, Manger, James H
Re: [websec] Digest Scheme URI: .well-known, Phillip Hallam-Baker
[websec] Digest Scheme URI: .well-known, Thomson, Martin
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, "Martin J. DÃrst"
Re: [websec] Digest URI scheme, "Martin J. DÃrst"
Re: [websec] Digest URI scheme, Phillip Hallam-Baker

Oct 03 2011

Re: [websec] Digest URI scheme, Bjoern Hoehrmann
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Bjoern Hoehrmann
[websec] Updated Digest Scheme URI, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Bjoern Hoehrmann
Re: [websec] Digest URI scheme, Bjoern Hoehrmann
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Paul Hoffman
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Paul Hoffman
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Paul Hoffman
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Julian Reschke
Re: [websec] I-D Action: draft-ietf-websec-origin-05.txt, Julian Reschke
Re: [websec] Digest URI scheme, "Martin J. DÃrst"
[websec] I-D Action: draft-ietf-websec-origin-06.txt, internet-drafts
Re: [websec] Digest URI scheme, "Martin J. DÃrst"
Re: [websec] I-D Action: draft-ietf-websec-origin-05.txt, Adam Barth
Re: [websec] I-D Action: draft-ietf-websec-origin-05.txt, "Martin J. DÃrst"

Oct 02 2011

Re: [websec] Digest URI scheme, Tobias Gondrom
Re: [websec] I-D Action: draft-ietf-websec-origin-05.txt, Adam Barth
Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Bjoern Hoehrmann
Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Tobias Gondrom
[websec] Strict-Transport-Security syntax redux, Ryan Sleevi

Oct 01 2011

Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Phillip Hallam-Baker
Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Adam Barth
Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, "Martin J. DÃrst"

Sep 30 2011

[websec] fyi: IDN processing-related security considerations for draft-ietf-websec-strict-transport-sec, =JeffH
Re: [websec] Digest URI scheme, stephen . farrell
Re: [websec] Digest URI scheme, Phillip Hallam-Baker

Sep 29 2011

Re: [websec] Digest URI scheme, stephen . farrell
Re: [websec] Digest URI scheme, Tobias Gondrom
Re: [websec] Digest URI scheme, Paul Hoffman
[websec] Content type (was: Re: Digest URI scheme), Paul Hoffman
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] Digest URI scheme, Phillip Hallam-Baker
Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Adam Barth
Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, "Martin J. DÃrst"

Sep 28 2011

Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Adam Barth
Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Tobias Gondrom
Re: [websec] websec meeting in Taipei - topics?, Tobias Gondrom
Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Adam Barth
Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Tobias Gondrom
Re: [websec] Pinning and beyond Was: Next rev of HSTS certificate pinning draft, Tobias Gondrom
Re: [websec] Digest URI scheme, Tobias Gondrom
Re: [websec] Digest URI scheme, "Martin J. DÃrst"
Re: [websec] Digest URI scheme, Gervase Markham
Re: [websec] Strict-Transport-Security syntax, Julian Reschke
Re: [websec] Digest URI scheme, Bjoern Hoehrmann
Re: [websec] Digest URI scheme, Bjoern Hoehrmann
Re: [websec] Digest URI scheme, Manger, James H
Re: [websec] Digest URI scheme, Paul Hoffman

Sep 27 2011

Re: [websec] Strict-Transport-Security syntax, =JeffH
Re: [websec] Strict-Transport-Security syntax, Phillip Hallam-Baker
[websec] Digest URI scheme, Phillip Hallam-Baker

Sep 25 2011

Re: [websec] Strict-Transport-Security syntax, Julian Reschke

Sep 24 2011

Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Alexey Melnikov
Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt, Julian Reschke

Sep 23 2011

Sep 22 2011

[websec] I-D Action: draft-ietf-websec-origin-05.txt, internet-drafts
[websec] HSTS certificate pinning draft is now in the tracker, Chris Palmer
Re: [websec] Pinning and beyond Was: Next rev of HSTS certificate pinning draft, Phillip Hallam-Baker
Re: [websec] Pinning and beyond Was: Next rev of HSTS certificate pinning draft, Paul Hoffman
Re: [websec] Pinning and beyond Was: Next rev of HSTS certificate pinning draft, Gervase Markham
Re: [websec] Next rev of HSTS certificate pinning draft, SM

Sep 21 2011

[websec] Pinning and beyond Was: Next rev of HSTS certificate pinning draft, Phillip Hallam-Baker
Re: [websec] Next rev of HSTS certificate pinning draft, Yoav Nir
Re: [websec] Next rev of HSTS certificate pinning draft, Chris Palmer
Re: [websec] Next rev of HSTS certificate pinning draft, Chris Palmer
Re: [websec] Next rev of HSTS certificate pinning draft, Chris Palmer

Sep 20 2011

Re: [websec] Next rev of HSTS certificate pinning draft, Phillip Hallam-Baker
Re: [websec] Next rev of HSTS certificate pinning draft, SM
Re: [websec] Next rev of HSTS certificate pinning draft, Yoav Nir
[websec] Next rev of HSTS certificate pinning draft, Chris Palmer

Sep 19 2011

[websec] fyi: host-meta approved as RFC, =JeffH

Sep 14 2011

[websec] #14: Effective Request URI definition issues, websec issue tracker
Re: [websec] Strict-Transport-Security syntax, =JeffH
Re: [websec] effective request URI def, was: I-D Action: draft-ietf-websec-strict-transport-sec-02.txt, =JeffH
Re: [websec] websec meeting in Taipei - topics?, Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS, Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS, Daniel Kahn Gillmor
Re: [websec] Certificate Pinning via HSTS, Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS, Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS, Daniel Kahn Gillmor
Re: [websec] Certificate Pinning via HSTS, Daniel Kahn Gillmor
Re: [websec] Certificate Pinning via HSTS, Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS, Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS, Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS, Daniel Kahn Gillmor
Re: [websec] Certificate Pinning via HSTS (.txt version), Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS (.txt version), Yoav Nir
Re: [websec] Certificate Pinning via HSTS (.txt version), Chris Palmer

Sep 13 2011

Re: [websec] Certificate Pinning via HSTS (.txt version), SM
[websec] websec meeting in Taipei - topics?, Tobias Gondrom
Re: [websec] Certificate Pinning via HSTS (.txt version), davidillsley
Re: [websec] Certificate Pinning via HSTS (.txt version), Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS (.txt version), Marsh Ray
Re: [websec] Certificate Pinning via HSTS, Chris Palmer
Re: [websec] Certificate Pinning via HSTS, Chris Palmer
Re: [websec] Certificate Pinning via HSTS, Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS (.txt version), davidillsley
Re: [websec] Certificate Pinning via HSTS (.txt version), Phillip Hallam-Baker
Re: [websec] Certificate Pinning via HSTS (.txt version), Chris Palmer

Mail converted by MHonArc