On Tue, 04 Sep 2007 15:39:24 +0200, Web Application Formats Working Group
Issue Tracker <[EMAIL PROTECTED]> wrote:
ISSUE-16 (ArtB): AC: Add some rationale to the Introduction [Access
Control]
http://www.w3.org/2005/06/tracker/waf/issues/
Raised by: Arthur Barstow
On product: Access Control
Raised by: TAG (via Stuart Williams)
See:
http://lists.w3.org/Archives/Public/public-appformats/2007Aug/0025.html
I've added some rationale to the introduction. But I haven't yet indicated
how an implementation could potentially become less secure. I suppose we
could point out that naive implementations (and specifications defining
how to interact with this spec) will do all kinds of information leakage
such as port scanning because progress events are dispatched etc. and that
people should be cautious with that. Hmm.
--
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
