OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a

[ Lists Home | Date Index | Thread Index ]

> If the answer is, experts disagree, there is liability and a 
> real problem to be solved somewhere.  That there are costs 
> is assumed.

So far, the only XML-specific risks I've heard about are various attacks 
on Unicode[1].  I think most security people assume that the bad guys 
know what they're looking for (except perhaps Carnivore :), so it 
doesn't matter if the data is XML, ASCII, or private extension fields in 
EDI.

 > XML posits that we all drive the same car and
> so will be equally liable.

Not really; it's more like specifying standard positions for the 
steering wheel, gas pedal, etc.  As I said:  knowing where to look.
	/r$

[1] http://www.counterpane.com/crypto-gram-0007.html#9





 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS