OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Wrapping Scripted Media in RSS: Secure?

[ Lists Home | Date Index | Thread Index ]

Robert Koberg wrote:

> The problem is not with 'inherent insecurities of script languages 
> inside content', it is with whoever maintains the server system. In 
> other words, I think you are looking at the wrong culprit.


Indeed.  But new technologies, or new uses of existing tech, often 
present unforseeable risks.  We've always stressed that RSS isn't the 
place for 'active content' that would require scripting. Precisely 
because of past experience with abusing embedded content (ask me about 
beaming newton notes sometime!)

Not because it's not a cool idea but because the extant tools don't do a 
very good job of warding off the inevitable foolishness it'd bring.  It 
was more a stop-gap against the advertising nitwits wanting to graft 
pop-up ads than anything else.   No sense in having the emerging concept 
wrecked by allowing that rabble to bring along the same mess they've 
made of browsers. 

Having scripted content seems like a fine idea, just not one that's 
welcome in RSS at this point in time.  I don't see the prevailing 
opinion changing anytime soon either.

As for 3D worlds inside of RSS that'd only be dependent upon a tool 
supporting the inclusion of that sort of content.  Which would be best 
served by being embedded as it's own modular element.  Not as a 
bastardization of an existing element type.  Make a module, promote it's 
use and get a client to understand it.  The last being the hardest, of 
course.

-Bill Kearney
Syndic8.com






 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS