W3C home > Mailing lists > Public > public-webapi@w3.org > May 2007

Re: requirements for a network spec

From: Charles McCathieNevile <chaals@opera.com>
Date: Thu, 31 May 2007 17:34:04 +0200
To: "Jonas Sicking" <jonas@sicking.cc>, "Web APIs WG" <public-webapi@w3.org>
Message-ID: <op.ts66u2amwxe0ny@pc052.coreteam.oslo.opera.com>

On Thu, 31 May 2007 02:24:43 +0200, Jonas Sicking <jonas@sicking.cc> wrote:

> chaals@opera.com wrote:
>>  Hi folks,
>>  we need to figure out what is really needed.
>
> A big requirement is security. It must not be possible to connect to an  
> arbitrary port on the server and send anything, unless the server has  
> explicitly stated that it allows so using some sort of white-listing  
> mechanism.

Yes. (Sorry, sent before I finished writing the mail). We need to clarify  
what normal security restrictions will be (so authors don't get surprised  
when they don't work) and why (so user agent developers understand why  
they should "very carefully consider" implementing these requirements...).

The second requirement, I think, is a socket interface.

Any more?

cheers

Chaals

-- 
   Charles McCathieNevile, Opera Software: Standards Group
   hablo español  -  je parle français  -  jeg lærer norsk
chaals@opera.com  Catch up: Speed Dial  http://opera.com
Received on Thursday, 31 May 2007 15:34:43 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:18:57 GMT