OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Why XML for Messaging?

[ Lists Home | Date Index | Thread Index ]

On 1 Jun 2005, at 18:59, Vladimir Gapeyev wrote:
> There is comfort in receiving only data, without anything executable 
> ---
> for security reasons, if not anything else (data can be inspected for
> absence of harm, code has to be trusted; even sandboxing does not help 
> if
> the code is expected to produce side effects that are not easy to roll
> back).  However, people in universities do work on solving the security
> side of the problem --- "proof-carrying code" (PCC) is one relevant
> keyword.

iirc, Google Suggest is interesting in that it returns a string of 
Javascript which is then executed. i guess the Google page trusts the 
Google service, we all trust Google (they're famously not evil) and it 
all works inside a sandbox (a browser) so is fairly safe.




News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS