xml-dev - Re: [xml-dev] Excellent IETF BCP on XML

Re: [xml-dev] Excellent IETF BCP on XML

[ Lists Home | Date Index | Thread Index ]

To: Miles Sabin <miles@milessabin.com>
Subject: Re: [xml-dev] Excellent IETF BCP on XML
From: Paul Prescod <paul@prescod.net>
Date: Mon, 16 Dec 2002 05:03:30 -0800
Cc: XML Dev <xml-dev@lists.xml.org>
In-reply-to: <B885BEDCB3664E4AB1C72F1D85CB29F8040EF7D9@RED-MSG-10.redmond.corp.microsoft.com>
References: <B885BEDCB3664E4AB1C72F1D85CB29F8040EF7D9@RED-MSG-10.redmond.corp.microsoft.com> <200212130851.37443.miles@milessabin.com> <3DFD2FB6.1070804@prescod.net> <200212160902.26956.miles@milessabin.com>
User-agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-US; rv:1.2b) Gecko/20021016

Miles Sabin wrote:

>
> But my point still stands. It isn't just clients executing retrieved
> "active" content that represents a risk: flaws in the clients
> implementation of the base protocol can be just as dangerous. 

True, but true also of any other protocol all the way down to IP or 
Ethernet. Let's just say that HTTP GET is as safe as it is possible for 
a network operation to be.

> So how much do you trust the implementations of the network clients 
> you use? Do you trust them enough to have a process feed them 
> arbitrary  URIs for dereferencing while left unattended?

Google and Alta Vista do, with no apparent ill effects.

  Paul Prescod

Follow-Ups:
- Re: [xml-dev] Excellent IETF BCP on XML
  - From: Miles Sabin <miles@milessabin.com>

References:
- Re: [xml-dev] Excellent IETF BCP on XML
  - From: Miles Sabin <miles@milessabin.com>
- Re: [xml-dev] Excellent IETF BCP on XML
  - From: Paul Prescod <paul@prescod.net>
- Re: [xml-dev] Excellent IETF BCP on XML
  - From: Miles Sabin <miles@milessabin.com>

Prev by Date: Re: [xml-dev] Re: W3C Schema substitution-group question - the files
Next by Date: Re: [xml-dev] XML2002 Conference in Baltimore?
Previous by thread: Re: [xml-dev] Excellent IETF BCP on XML
Next by thread: Re: [xml-dev] Excellent IETF BCP on XML
Index(es):
- Date
- Thread