XML.orgXML.org
FOCUS AREAS |XML-DEV |XML.org DAILY NEWSLINK |REGISTRY |RESOURCES |ABOUT
OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Re: [xml-dev] Trust and control (as Re: [xml-dev] Here's how to processXML documents written in German)

On 31/01/13 17:47, Liam R E Quin wrote:
> On Thu, 2013-01-31 at 07:16 -0500, Simon St.Laurent wrote:
>> Somewhere along the line programmers learned that only completely
>> perfect messages should be accepted.
> The difficulty has always been two-fold.
>
> First, that you have to allow for every variation in the software, as
> you don't want software to crash or allow execution of arbitrary code
> accidentally (vulnerabilities). It's interesting to note that the
> widespread adoption of Intel's 808x little-endian architecture greatly
> increased vulnerability to stack attacks.
>
> Second, that error correction is difficult.
>
> Error correction that varies from program to program means
> interoperability is limited to the subset of data that gets treated the
> same way everywhere. This is what, for example, HTML 5 is about (partly)
> - documenting that subset for Web browsers, and trying to broaden it by
> having the browsers all use the same parsing and error correction
> techniques for new content.

That's rather sage Liam.
I think it picks up Simons response in fact. All he is suggesting is 
moving the error checking
from the code into the processing chain, no different, just at a 
different level.

In general I'm with you on the chains though, if that's what validation 
is seen as.

DaveP






[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS