W3C home > Mailing lists > Public > public-html@w3.org > August 2007

Re: [HDP] Secure by design

From: Joshue O Connor <joshue.oconnor@cfit.ie>
Date: Thu, 23 Aug 2007 10:56:30 +0100
Message-ID: <46CD59CE.2070405@cfit.ie>
To: Robert Burns <rob@robburns.com>
Cc: Lachlan Hunt <lachlan.hunt@lachy.id.au>, public-html <public-html@w3.org>

> The security that the Secure By Design principle is referring to is
about protecting the user and their system from hostile content
>producers.  For example, preventing cross-domain scripting attacks,
restricting access to a users file system, etc.

As Rob says, that then needs to made clear. I didn't glean this at all
from the current wording of the principle. Having said that, at a higher
layer, in terms of user interface security, my comments are still relevant.

Received on Thursday, 23 August 2007 09:56:43 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 29 October 2015 10:15:25 UTC