OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Excellent IETF BCP on XML

[ Lists Home | Date Index | Thread Index ]

Miles Sabin wrote:

> But my point still stands. It isn't just clients executing retrieved
> "active" content that represents a risk: flaws in the clients
> implementation of the base protocol can be just as dangerous. 

True, but true also of any other protocol all the way down to IP or 
Ethernet. Let's just say that HTTP GET is as safe as it is possible for 
a network operation to be.

> So how much do you trust the implementations of the network clients 
> you use? Do you trust them enough to have a process feed them 
> arbitrary  URIs for dereferencing while left unattended?

Google and Alta Vista do, with no apparent ill effects.

  Paul Prescod


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS