[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] RE: Excellent IETF BCP on XML
Tim Bray assured us on the www-tag list that the namespace UR:/URI in no way is a security issue and cited his experience with security agencies of the US Government. I gotta believe they thought about this. In effect, the protocol designer has to specify what is to be done via automagic dereferencing as URIs are always dereferenceable. len From: Miles Sabin [mailto:miles@m...] Simon St.Laurent wrote, > So is RDDL now a security risk? Potentially ... yes. How many times have we discussed the external entity thing on this list now? Any of the issues with them apply equally here. And in fact David Megginson warned about the dangers of automagically dereferencing namespace URIs long before RDDL came along,
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|