IE Team's Proposal for Cross Site Requests

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
122 messages Options
1 ... 4567
Reply | Threaded
Open this post in threaded view
|

Re: Seeking earlier feedback from MS [Was: IE Team's Proposal for Cross Site Requests]

Jonas Sicking-2

Sunava Dutta wrote:
> Woo hooo, my first mail to the new webapps alias! -:)
>
> Thanks for waiting for us to get feedback in from people across MSFT. As promised, here is the whitepaper on client side cross domain security articulating the security principles and challenges (high level and specifics ) of the current CS-XHR draft.
> I've also addressed the questions members raised in the FAQ.

Thanks Sunava, I look forward to reading this once it is available in an
acceptable license.

However, I would further hope that you are able to discuss the feedback
that are sure to be raised? As with your initial feedback, much of the
results of these discussions will also require research and so it is
good if we can get as much done before the face to face as possible.

> As Jonas and Art mention, in order to provide the opportunity for members to research and usefully discuss the contents and other issues, lets talk about our concerns among other items F2F in the first week of July.

Yes, though I do want to point out that there are many other issues too
to discuss at the F2F other than microsofts feedback.

Speaking of which, do we have an agenda yet for the F2F meeting?

> Look forward to hosting the members here in Redmond.

Looking forward to seeing you there!

Best Regards,
Jonas Sicking

Reply | Threaded
Open this post in threaded view
|

Re: Need PDF of MS' input [Was Re: Seeking earlier feedback from MS]

Arthur Barstow
In reply to this post by Sunava Dutta

Sunava - please, just send us (=public-webapps) the PDF you uploaded  
to msdn.

-Regards, Art Barstow

On Jun 13, 2008, at 1:48 PM, ext Sunava Dutta wrote:

> Yes, we're working on this as we speak. I'll send out a copy once  
> it's ready.
>
>> -----Original Message-----
>> From: [hidden email] [mailto:public-webapps-
>> [hidden email]] On Behalf Of Arthur Barstow
>> Sent: Thursday, June 12, 2008 3:46 AM
>> To: Sunava Dutta
>> Cc: Marc Silbey; public-webapps; [hidden email] WG (public);
>> public-appformats; Eric Lawrence; Chris Wilson; David Ross; Mark
>> Shlimovich (SWI); Doug Stamper; Zhenbin Xu; Michael Champion
>> Subject: Need PDF of MS' input [Was Re: Seeking earlier feedback from
>> MS]
>>
>>
>> Sunava - as requested by several members of the WG, please send a PDF
>> version of this document directly to the public-webapps mail list.
>>
>> -Thanks, Art Barstow
>>
>>
>> On Jun 11, 2008, at 11:36 PM, ext Sunava Dutta wrote:
>>
>>> Try this link instead: http://code.msdn.microsoft.com/xdsecuritywp
>>>
>>>
>>> ________________________________________
>>> From: Sunava Dutta
>>> Sent: Wednesday, June 11, 2008 8:24 PM
>>> To: Sunava Dutta; Arthur Barstow; ext Jonas Sicking; Marc Silbey;
>>> [hidden email]
>>> Cc: [hidden email]; [hidden email] WG (public); public-
>>> [hidden email]; Eric Lawrence; Chris Wilson; David Ross; Mark
>>> Shlimovich (SWI); Doug Stamper; Zhenbin Xu
>>> Subject: RE: Seeking earlier feedback from MS [Was: IE Team's
>>> Proposal for  Cross Site Requests]
>>>
>>> Woo hooo, my first mail to the new webapps alias! -:)
>>>
>>> Thanks for waiting for us to get feedback in from people across
>>> MSFT. As promised, here is the whitepaper on client side cross
>>> domain security articulating the security principles and challenges
>>> (high level and specifics ) of the current CS-XHR draft.
>>> I've also addressed the questions members raised in the FAQ.
>>>
>>> As Jonas and Art mention, in order to provide the opportunity for
>>> members to research and usefully discuss the contents and other
>>> issues, lets talk about our concerns among other items F2F in the
>>> first week of July.
>>>
>>> https://mail.windows.microsoft.com/OWA/redir.aspx?
>>> C=7165bcd1f09048ac9fdcd34d2f9556b1&URL=http%3a%2f%
>>> 2fcode.msdn.microsoft.com%2fxdsecuritywp%2fRelease%
>>> 2fProjectReleases.aspx%3fReleaseId%3d1157
>>>
>>> Look forward to hosting the members here in Redmond.
>>>
>>>
>>> ________________________________________
>>> From: [hidden email] [[hidden email]]
>>> On Behalf Of Sunava Dutta [[hidden email]]
>>> Sent: Friday, June 06, 2008 2:54 PM
>>> To: Arthur Barstow; ext Jonas Sicking; Marc Silbey
>>> Cc: [hidden email]; [hidden email] WG (public); public-
>>> [hidden email]; Eric Lawrence; Chris Wilson; David Ross; Mark
>>> Shlimovich (SWI); Doug Stamper; Zhenbin Xu
>>> Subject: RE: Seeking earlier feedback from MS [Was: IE Team's
>>> Proposal for  Cross Site Requests]
>>>
>>> Art, Jonas,
>>> Just a quick update. We've put a lot of effort into the paper and
>>> the good news is we're nearly done. It's going through a final peer-
>>> review to make sure we've received feedback from experts in the
>>> company including our security gurus. (Yes, they do exist at MSFT -
>> :))
>>>
>>> I'll be sending out the paper on Tuesday evening or Wednesday the
>>> latest. Thanks for waiting.
>>>
>>>> -----Original Message-----
>>>> From: Arthur Barstow [mailto:[hidden email]]
>>>> Sent: Friday, May 16, 2008 5:06 AM
>>>> To: ext Jonas Sicking; Sunava Dutta
>>>> Cc: [hidden email]; [hidden email] WG (public); public-
>>>> [hidden email]; IE8 Core AJAX SWAT Team; Eric Lawrence; Chris
>>>> Wilson;
>>>> David Ross; Mark Shlimovich (SWI); Doug Stamper; Zhenbin Xu
>>>> Subject: Seeking earlier feedback from MS [Was: IE Team's Proposal
>>>> for
>>>> Cross Site Requests]
>>>>
>>>> Sunava - I tend to agree with Jonas re the timing of MS' response/
>>>> feedback.
>>>>
>>>> Given the f2f meeting is now about six weeks away, can you  
>>>> commit to
>>>> and deliver on an earlier deadline, no later than June 6?
>>>>
>>>> -Regards, Art Barstow


1 ... 4567