[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
Re: [xml-dev] Trust and control (as Re: [xml-dev] Here's how to processXML documents written in German)
- From: davep <davep@dpawson.co.uk>
- To: xml-dev@lists.xml.org
- Date: Fri, 01 Feb 2013 06:44:29 +0000
On 31/01/13 17:47, Liam R E Quin wrote:
> On Thu, 2013-01-31 at 07:16 -0500, Simon St.Laurent wrote:
>> Somewhere along the line programmers learned that only completely
>> perfect messages should be accepted.
> The difficulty has always been two-fold.
>
> First, that you have to allow for every variation in the software, as
> you don't want software to crash or allow execution of arbitrary code
> accidentally (vulnerabilities). It's interesting to note that the
> widespread adoption of Intel's 808x little-endian architecture greatly
> increased vulnerability to stack attacks.
>
> Second, that error correction is difficult.
>
> Error correction that varies from program to program means
> interoperability is limited to the subset of data that gets treated the
> same way everywhere. This is what, for example, HTML 5 is about (partly)
> - documenting that subset for Web browsers, and trying to broaden it by
> having the browsers all use the same parsing and error correction
> techniques for new content.
That's rather sage Liam.
I think it picks up Simons response in fact. All he is suggesting is
moving the error checking
from the code into the processing chain, no different, just at a
different level.
In general I'm with you on the chains though, if that's what validation
is seen as.
DaveP
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
