[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
RE: [xml-dev] The <any/> element: bane of security or savior of versioning?
- From: "Michael Kay" <mike@saxonica.com>
- To: "'Costello, Roger L.'" <costello@mitre.org>,<xml-dev@lists.xml.org>
- Date: Fri, 19 Oct 2007 13:17:54 +0100
> From a security perspective the <any/> element represents a
> high risk and should be avoided if possible.
Why? This sounds as crazy as banning .xml attachments (or .zip attachments)
as a security risk.
If you want to stop people communicating, then regulating the markup that's
used isn't going to achieve the aim.
If you want to stop recipients of information doing bad things, then control
the recipients.
Michael Kay
http://www.saxonica.com/
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
