ACTION-280: (with John K) to enumerate some CSRF scenarios discussed in Jun in Cambridge

(with John K) to enumerate some CSRF scenarios discussed in Jun in Cambridge

State:
closed
Person:
John Kemp
Due on:
March 20, 2011
Created on:
June 23, 2009
Associated Product:
Web Application Architecture
Related emails:
  1. There will be no TAG teleconference tomorrow, 29 March 2012 (from nrm@arcanedomain.com on 2012-03-28)
  2. Re: Preliminary TAG F2F Agenda ready for review (from jeni@jenitennison.com on 2012-03-22)
  3. Preliminary TAG F2F Agenda ready for review (from nrm@arcanedomain.com on 2012-03-21)
  4. Minutes for September 29 Telecon (from Daniel.Appelquist@vodafone.com on 2011-10-04)
  5. Agenda for TAG F2F meeting: 13-15 September 2011 (from nrm@arcanedomain.com on 2011-09-05)
  6. Very preliminary agenda and required reading for 13-15 Sept. 2011 TAG F2F now available (from nrm@arcanedomain.com on 2011-08-30)
  7. Stable agenda for TAG F2F of 8-10 February 2011 (from nrm@arcanedomain.com on 2011-02-05)
  8. Preliminary version of the Agenda for the TAG F2F Meeting of 8-10 February 2011 (from nrm@arcanedomain.com on 2011-01-30)
  9. Minutes of the TAG F2F of 19-21 October 2010 are now ready for review (from nrm@arcanedomain.com on 2010-10-30)
  10. Telcon minutes: 2010-09-23 (from ht@inf.ed.ac.uk (Henry S. Thompson) on 2010-09-27)
  11. Draft minutes of TAG F2F of 7-9 June 2010 (from nrm@arcanedomain.com on 2010-06-16)
  12. Agenda for TAG F2F Meeting 7-9 June 2010 (from nrm@arcanedomain.com on 2010-06-01)
  13. Preparation for this week's TAG teleconference: F2F Agenda Preparation (from nrm@arcanedomain.com on 2010-05-19)
  14. Tag Members: Please review your open actions ASAP as input to F2F agenda (from noah_mendelsohn@us.ibm.com on 2010-03-10)
  15. Re: Agenda and required reading for the 8-10 December 2009 TAG F2F (from noah_mendelsohn@us.ibm.com on 2009-12-07)
  16. Re: Agenda and required reading for the 8-10 December 2009 TAG F2F (from noah_mendelsohn@us.ibm.com on 2009-12-03)
  17. Agenda and required reading for the 8-10 December 2009 TAG F2F (from noah_mendelsohn@us.ibm.com on 2009-12-02)
  18. agenda for TAG meeting 8-10 Dec (from connolly@w3.org on 2009-11-25)
  19. Re: post-ftf clean-up of my actions (from jar@creativecommons.org on 2009-10-02)
  20. Re: post-ftf clean-up of my actions (from connolly@w3.org on 2009-10-01)
  21. Re: post-ftf clean-up of my actions (from noah_mendelsohn@us.ibm.com on 2009-10-01)
  22. post-ftf clean-up of my actions (from connolly@w3.org on 2009-10-01)
  23. Approved minutes of TAG teleconference of 23 July 2009 (from noah_mendelsohn@us.ibm.com on 2009-08-12)
  24. Text-only version of TAG F2F minutes of 23 June 2009 (from noah_mendelsohn@us.ibm.com on 2009-08-10)
  25. Draft minutes from July 23 Telcon (from ashok.malhotra@oracle.com on 2009-07-27)
  26. Agenda for TAG teleconference of 23 July 2009 (from noah_mendelsohn@us.ibm.com on 2009-07-21)

Related notes:

[DanC]: no longer seems timely

1 Oct 2009, 19:03:41

<jar> not sure that ACTION-280 should be dropped. discussion of cross-origin may be dormant but it will explode when there's a transition request.

Dan Connolly, 1 Oct 2009, 19:27:36

this task is still behind too many others

Dan Connolly, 16 Oct 2009, 19:19:47

let's see if this fits between now and the Dec f2f

Dan Connolly, 9 Nov 2009, 19:00:04

hope to work on origin and CSRF in the context of speaks_for stuff (ACTION-349)

Dan Connolly, 17 Dec 2009, 20:33:04

I guess I should put this back on the/a front burner.
who else is working on the security parts of web apps?

Dan Connolly, 22 Apr 2010, 16:58:09

who else is writing on security in web apps? when is their stuff expected/due?

Dan Connolly, 4 May 2010, 18:33:56

maybe along with the metadata in uri / capability blog item

Dan Connolly, 20 May 2010, 16:57:23

I've clearly been overly optimistic about my estimates recently.

Dan Connolly, 4 Jun 2010, 21:58:01

Likely be done with ACTION-417

Noah Mendelsohn, 23 Sep 2010, 18:07:21

Display change log.


Tim Berners-Lee <timbl@w3.org>, Peter Linss <w3c@linss.com>, Daniel Appelquist <appelquist@gmail.com>, Chairs, Yves Lafon <ylafon@w3.org>, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: index.php,v 1.325 2014-09-10 21:42:02 ted Exp $