xml-dev - Re: [xml-dev] Why XML for Messaging?

Re: [xml-dev] Why XML for Messaging?

[ Lists Home | Date Index | Thread Index ]

To: Vladimir Gapeyev <vgapeyev@seas.upenn.edu>
Subject: Re: [xml-dev] Why XML for Messaging?
From: Paul Downey <paul.downey@whatfettle.com>
Date: Thu, 2 Jun 2005 00:22:55 +0200
Cc: "Bullard, Claude L (Len)" <len.bullard@intergraph.com>,xml-dev@lists.xml.org
In-reply-to: <Pine.GSO.4.58.0506011222170.10040@blue.seas.upenn.edu>
References: <15725CF6AFE2F34DB8A5B4770B7334EE07206FA3@hq1.pcmail.ingr.com> <Pine.GSO.4.58.0506011222170.10040@blue.seas.upenn.edu>

On 1 Jun 2005, at 18:59, Vladimir Gapeyev wrote:
>
> There is comfort in receiving only data, without anything executable 
> ---
> for security reasons, if not anything else (data can be inspected for
> absence of harm, code has to be trusted; even sandboxing does not help 
> if
> the code is expected to produce side effects that are not easy to roll
> back).  However, people in universities do work on solving the security
> side of the problem --- "proof-carrying code" (PCC) is one relevant
> keyword.

iirc, Google Suggest is interesting in that it returns a string of 
Javascript which is then executed. i guess the Google page trusts the 
Google service, we all trust Google (they're famously not evil) and it 
all works inside a sandbox (a browser) so is fairly safe.

Paul

--
http://blog.whatfettle.com

References:
- Why XML for Messaging?
  - From: "Bullard, Claude L (Len)" <len.bullard@intergraph.com>
- Re: [xml-dev] Why XML for Messaging?
  - From: Vladimir Gapeyev <vgapeyev@seas.upenn.edu>

Prev by Date: RE: [xml-dev] Why XML for Messaging?
Next by Date: Re: [xml-dev] Why XML for Messaging?
Previous by thread: Re: [xml-dev] Why XML for Messaging?
Next by thread: Re: [xml-dev] Why XML for Messaging?
Index(es):
- Date
- Thread