RE: [xml-dev] Features of XML Languages that Increase Complexity?

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

From: "Costello, Roger L." <costello@mitre.org>
To: "xml-dev@lists.xml.org" <xml-dev@lists.xml.org>
Date: Sun, 14 Apr 2013 16:08:35 +0000

Hey Simon,

    Roger, are you working for the permanently paranoid?  
    Is the only communication to be allow safe communications?

Well, yes, of course. Safe communications _and_ safe applications. 

    Treat all systems as compromised ... There is no such thing
    as 'secure' any more. [1]

I reckon there's not much point in creating an awesome XML language if its complexity exposes input-processing applications to widespread vulnerabilities.

More to the point: 

    Science to engineers: some problems are not solvable, do not
    set yourself up to solve them. [2]

/Roger

[1] Deborah Plunkett, NSA Information Assurance Directorate

[2] http://www.cs.dartmouth.edu/~sergey/langsec/insecurity-theory-28c3.pdf

Follow-Ups:
- Re: [xml-dev] Features of XML Languages that Increase Complexity?
  - From: "Simon St.Laurent" <simonstl@simonstl.com>

References:
- Features of XML Languages that Increase Complexity?
  - From: "Costello, Roger L." <costello@mitre.org>
- Re: [xml-dev] Features of XML Languages that Increase Complexity?
  - From: "Simon St.Laurent" <simonstl@simonstl.com>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]