[
Lists Home |
Date Index |
Thread Index
]
Yep. However, since packets are sniffable?
I'm trying to envision how many ways it can
be abused, for example, alteration en route
to a target that believes what it is getting
is safe to dereference. Yes, they would be
nuts not to check the value, but do they
always. Gotta be paranoid given the stakes
and the times. This isn't 1993.
I have this nervous feeling that in the
80/20, think small, dare to do less, philosophies,
the URzedEverywhere implications aren't
completely thought through and we have entered
a historical timeframe where they have to be.
len
-----Original Message-----
From: Miles Sabin [mailto:miles@milessabin.com]
Bullard, Claude L (Len) wrote,
> So the issue is for the protocol designer to explicitly say ... what?
Don't dereference it unless you need to and your trust it. Same as any
other URI.
|