W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2008

Re: security impact of dropping charset default

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 23 Jan 2008 18:17:22 +0100
Message-ID: <479776A2.90105@gmx.de>
To: David Morris <dwm@xpasc.com>
CC: ietf-http-wg@w3.org

David Morris wrote:
> It seems to me that if there is a known security exposure for applications
> built on HTTP, then the httpbis document should at the minimum note the
> issue and provide a reference to the details. Seems like appropriate
> content for the security section.

My understanding was that that security risk is not specific to content 
transported over HTTP at all -- so I'd rather not talk about it in 
*this* document.

BR, Julian
Received on Wednesday, 23 January 2008 17:17:37 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:36 GMT