- From: Paul Grosso <pgrosso@arbortext.com>
- Date: Mon, 25 Nov 2002 16:55:01 -0600
- To: <www-tag@w3.org>
[Deleting all extra mailing addresses--please do likewise!] At 23:24 2002 11 25 +0100, Julian Reschke wrote: >Automatic resolution of external entities clearly is a security risk -- so >there SHOULD be a way for XML based protocols to explicitly forbid this. External entities are not central to the current issue which is really about subsetting XML. Note that the "standalone" declaration [1] allows one to say that there are no references to external entities. Note that [2] is all about internal entities. paul [1] http://www.w3.org/TR/REC-xml#sec-rmd [2] http://www.w3.org/XML/Core/2002/10/charents-20021023
Received on Monday, 25 November 2002 17:55:46 UTC