Cart
|
[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] XML is Mobile Code? [was: Defining an XML vocabulary: specify syntax, s
Hi Folks,
It just occurred to me ...
We have determined that XML has two primary roles:
1. Encode behavior (instructions)
2. Encode data
[Len, what does it mean to "encode script nodes?"]
In its first role (encoding behavior), XML is mobile code. For
example, the XSLT vocabulary is an encoding of a certain behavior (i.e.
an encoding of a certain set of instructions), and when you transport
an XSLT document across the Internet, you are transporting code.
When you transport, say, JavaScript code across the Internet, you know
the extent of the security implications since JavaScript is a bounded
syntax with bounded capabilities (and a bounded set of security
problems).
But XML is unbounded, and the types of behavior that may be encoded in
XML is unbounded. Thus, there is no way, in general, to assess the
extent of the security implications for arbitrary XML documents.
Yikes!
I am surely missing something. Please tell me where my thinking errs.
/Roger
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] |
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! 
Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
|||||||||
