| http://www.w3.org/ns/prov#value | - I believe security concerns trump all others, and my analysis is that Microsoft's security team made the right calls with the XDR proposal, taking the conservative approach where no headers, cookies or other credentials are transmitted to other domains, and the policy enforcement point (PEP) is assumed to be on the server.
|
