W3C home > Mailing lists > Public > public-rdf-dawg-comments@w3.org > January 2006

[OK?] Re: Comments on SPARQL protocol document

From: Kendall Clark <kendall@monkeyfist.com>
Date: Tue, 17 Jan 2006 16:29:42 -0500
Message-Id: <B028EA70-AB6C-4A69-A7A1-8E7C84B82A5B@monkeyfist.com>
Cc: public-rdf-dawg-comments@w3.org
To: Graham Klyne <GK@ninebynine.org>


On Sep 16, 2005, at 9:31 AM, Graham Klyne wrote:
> I would probably focus any such suggestions on security mechanisms,  
> and leave the policy specification/decision mechanisms to be  
> application-dependent.

The latest editor's draft of the protocol spec removes all privacy  
policy discussion. Is that responsive to yr comments about over- 
prescriptivity?

>>> Also on the subject of security considerations, I think it would  
>>> be worth mentioning the problems of spoofed server responses, and  
>>> suggesting use of mechanisms that allow the client to  
>>> authenticate the SPARQL query server and/or results.  It also  
>>> occurs to me that the query processor may need to be able to  
>>> relay authenticating information from a back-end or 3rd-party  
>>> information source.
>> Okay, spoofing servers (especially via IRI hacks) also seems worth  
>> mentioning.

It also includes language about IRI spoofing.

Thanks for yr comments, Graham.

Cheers,
Kendall Clark
Received on Tuesday, 17 January 2006 21:30:09 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:14:50 GMT