W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 2005

[Bug 125] COPY_INTO_YOURSELF_CLARIFY

From: <bugzilla@soe.ucsc.edu>
Date: Wed, 14 Dec 2005 11:37:29 -0800
Message-Id: <200512141937.jBEJbTBN025427@ietf.cse.ucsc.edu>
To: w3c-dist-auth@w3.org

http://ietf.cse.ucsc.edu:8080/bugzilla/show_bug.cgi?id=125

ejw@cs.ucsc.edu changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         AssignedTo|joe-bugzilla@cursive.net    |lisa@osafoundation.org



------- Additional Comments From ejw@cs.ucsc.edu  2005-12-14 11:37 -------
Discussed during the 12/14/2005 teleconference.

Consensus on the call is to add an implementation note stating that servers
should be aware that a copy depth infinity of /A/ into /A/B/ can lead to
infinite recursion if not handled. Servers that handle this incorrectly might
find that this can be used as a denial of service attack on the server.

Assigning to Lisa to add text to the specification on this.



------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
Received on Wednesday, 14 December 2005 19:38:24 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:11 GMT