W3C home > Mailing lists > Public > public-powderwg@w3.org > July 2007

Re: Aligning grouping of resources in POWDER and WAF Access Control.

From: Jonas Sicking <jonas@sicking.cc>
Date: Wed, 25 Jul 2007 21:40:13 -0700
Message-ID: <46A825AD.7000405@sicking.cc>
To: Anne van Kesteren <annevk@opera.com>
CC: Phil Archer <parcher@icra.org>, public-appformats@w3.org, Public POWDER <public-powderwg@w3.org>

Jonas Sicking wrote:
> 
> Anne van Kesteren wrote:
>> On Mon, 23 Jul 2007 20:29:42 +0200, Jonas Sicking <jonas@sicking.cc> 
>> wrote:
>>>>  OK, forget the ? notation. Your examples are very clear and we seem 
>>>> in full alignment that <foo.com> includes sub domains but 
>>>> <*.foo.com> wouldn't include foo.com itself.
>>>
>>> Sounds great. What do other people think of switching to this syntax? 
>>> The difference from the current spec would be to change
>>
>> The only slightly confusing thing is that <http://foo.com> also 
>> matches <http://bar.foo.com> but I suppose that's ok.
> 
> Yeah, I agree, but given all other alternatives I think this is better. 
> If for example someone does
> 
> CAC: allow <*> exclude <http://evil.com>
> 
> is most likely useless since the owners of very.evil.com are the same 
> ones as evil.com. So it's not unlikely that the rule can be easily 
> circumvented.
> 
> It's not ideal, but it's the least bad suggestion yet IMHO.

Sorry if the above is confusing. What I meant was that the above bad 
scenario can happen unless we let http://evil.com match all subdomains 
as well.

/ Jonas
Received on Thursday, 26 July 2007 04:41:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:42:11 GMT