On 21/5/05 4:30 PM, "Bob Wyman" <[EMAIL PROTECTED]> wrote:
>> I think the WG basically decided to punt on the DOS scenario. -Tim > I believe you are correct in describing the WG's unfortunate > disposition towards this issue. (Naturally, I object...) In any case, given > that a significant DOS attack has been identified -- yet not addressed -- I > think it would be both wise and appropriate to provide text in a Security > Concerns section that describes the vulnerability of systems that rely on > Atom documents to this particular attack. +1 to putting something into Security Concerns. I'm inclined to think the DOS problem is peculiar to super-aggregators - if any of the publishers of the feeds I've individually subscribed to and actively monitor/read were to wake up one day and decide to be a bad actor, I'm sure to notice something wacky and take action (excoriate them on a blog, unsubscribe, etc). In addition to the DOS problem, I believe there are other issues inimical to super-aggregators, especially those that re-publish. Mostly to do with tracking provenance, enveloping and attribution of mid-stream meta-data or meta-content, and so on. It deserves a deeper treatment, but not in the Atom 1.0 core spec. e.