W3C home > Mailing lists > Public > public-webapi@w3.org > September 2006

Re: [selectors-api] Security Considerations and stability

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 19 Sep 2006 10:55:06 -0000
To: "Ian Hickson" <ian@hixie.ch>
Cc: "Web APIs WG (public)" <public-webapi@w3.org>
Message-ID: <op.tf27cyvz64w2qv@id-c0020.emi.ac.ma>

On Sat, 05 Aug 2006 05:55:11 -0000, Ian Hickson <ian@hixie.ch> wrote:
> Given the sheer cost of getting security wrong, I'd rather that the
> security be right up there, and that the security-free implementations be
> non-conformant, than have the implementors not read the security section
> and therefore get it wrong. (Implementors read as little of the spec as
> they can get away with. In many cases, they read none of it and rely
> purely on the testcases. It sucks, but it's the way it is.)

I tend to agree, but I don't think this is very relevant for the  
specification at hand. Selectors API is a very simple and small  
specification and the security issues being pointed out in the separate  
section are hopefully widely known already. And if they're not it's not  
just Selectors API that's affected.


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
Received on Tuesday, 19 September 2006 10:55:58 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:55 GMT