W3C home > Mailing lists > Public > public-webapi@w3.org > July 2006

Re: [selectors-api] Security Considerations and stability

From: Ian Hickson <ian@hixie.ch>
Date: Thu, 27 Jul 2006 01:17:45 +0000 (UTC)
To: Karl Dubost <karl@w3.org>
Cc: public-webapi@w3.org
Message-ID: <Pine.LNX.4.62.0607270104360.2816@dhalsim.dreamhost.com>
On Thu, 27 Jul 2006, Karl Dubost wrote:
> Le 27 juil. 06 à 07:08, Ian Hickson a écrit :
> > On Wed, 26 Jul 2006 karl@w3.org wrote:
> > > 
> > > What is hostile content?
> > 
> > Content that attempts to subvert the implementation.
> 
> Then say it. I think it will help.

I'll leave that up to the editor, but frankly IMHO "hostile content" is a 
perfectly well understandable phrase that says exactly what it means.


> > > How do you test the "remain stable" assertion?
> > 
> > Spot checking, mostly, though this is an area that has a number of 
> > domain experts and, indeed, a community dedicated to finding such 
> > issues.
> 
> Note that we were more than happy to see a security section.

Personally I think that having a separate security section is a bad way of 
designing a spec, since it doesn't encourage you to think of security the 
whole time -- it's better, IMHO, to have security right at the core of the 
specification text. But again, I'll leave that up to the editor.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 27 July 2006 01:18:04 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:55 GMT