OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   RE: [xml-dev] Excellent IETF BCP on XML

[ Lists Home | Date Index | Thread Index ]

I must have overestimated this reply:

Re: TB16 Re: Comments on arch doc draft  
Author: Tim Bray <tbray@textuality.com>, 
Date: Tue, 02 Jul 2002 14:47:55 -0700 List: Public/www-tag 

I have to hope those that should are thinking 
clearly about the security issues associated 
with the use of URIs as names and their ubiquity 
throughout XML.   We've been around this issue 
many times and the insistence that dereferenceable 
strings be used rather than purposefully non-dereferenceable 
names always outweighs the security concerns.  
Certainly, one pleads for common sense and competence, 
but installations often break jobs and duties up among 
different individuals and groups, and that means 
competence is averaged at best.  In such a situation, guidelines 
must be explicit and the processes for applying them, 
well executed and well checked.

Safe doesn't mean "Secure" and that should be made clear.

len

-----Original Message-----
From: Tim Bray [mailto:tbray@textuality.com]

Bullard, Claude L (Len) wrote:

> Tim Bray assured us on the www-tag list that
> the namespace UR:/URI in no way is a security issue
> and cited his experience with security agencies
> of the US Government.   I gotta believe they
> thought about this.  In effect, the protocol
> designer has to specify what is to be done
> via automagic dereferencing as URIs are always
> dereferenceable.

I don't believe this for a second and hope I didn't say that.  Should 
something like RDDL take off it would provide a convient place for 
black-hats to point to subversive code that does nasty stuff.

Note that dereferencing a URI via GET is in principle and as far as I 
can tell in practice safe, assuming you protect against infinitely-large 
resource representations.  Acting on the data you get carries risk that 
is in principle and in practice unbounded and requires all sorts of 
trust infrastructure -Tim




 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS