W3C

W3C Invites Implementations of Mixed Content

W3C and the Web Application Security Working Group invite implementation of “Mixed Content,” a specification that aims to improve web security by describing how a user agent should handle fetching of content loaded in a mixed security context. Specifically, it provides recommendations for the handling of content fetched over unencrypted or unauthenticated connections in the context of an encrypted and authenticated document. The WebAppSec WG, part of the Security Activity, welcomes comments on its public mailing list.