W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 2005


From: <bugzilla@soe.ucsc.edu>
Date: Wed, 14 Dec 2005 11:37:29 -0800
Message-Id: <200512141937.jBEJbTBN025427@ietf.cse.ucsc.edu>
To: w3c-dist-auth@w3.org


ejw@cs.ucsc.edu changed:

           What    |Removed                     |Added
         AssignedTo|joe-bugzilla@cursive.net    |lisa@osafoundation.org

------- Additional Comments From ejw@cs.ucsc.edu  2005-12-14 11:37 -------
Discussed during the 12/14/2005 teleconference.

Consensus on the call is to add an implementation note stating that servers
should be aware that a copy depth infinity of /A/ into /A/B/ can lead to
infinite recursion if not handled. Servers that handle this incorrectly might
find that this can be used as a denial of service attack on the server.

Assigning to Lisa to add text to the specification on this.

------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
Received on Wednesday, 14 December 2005 19:38:24 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:01:34 UTC