The IETF Security Area thanks ITU-T study group 17 for the opportunity to
comment on the proposed new work item, X.websec-5. There are numerous related
activities to this work, including the work of the following IETF working
groups in the Applications and Security areas:
· Web Security (websec)
· Web Authorization Protocol (oauth)
· Transport Layer Security (tls)
We bring to your attention RFC-6454 "The Web Origin Concept",
draft-ietf-websec-frame-options, as well as
draft-ietf-websec-x-frame-options, each of which looks at improving overall
web security of which mashups are classed.
In addition, we are aware of a considerable amount of effort in this area in
As always, we welcome participation in discussions about IETF protocols
through our mailing lists, email@example.com, firstname.lastname@example.org, and email@example.com.