W3C home > Mailing lists > Public > www-tag@w3.org > March 2013

Re: Revisiting Authoritative Metadata (was: The failure of Appendix C as a transition technique)

From: Robin Berjon <robin@w3.org>
Date: Fri, 01 Mar 2013 10:45:32 +0100
Message-ID: <513078BC.40207@w3.org>
To: Bjoern Hoehrmann <derhoermi@gmx.net>
CC: "www-tag@w3.org List" <www-tag@w3.org>
On 01/03/2013 03:04 , Bjoern Hoehrmann wrote:
> * Robin Berjon wrote:
>> I would support the TAG revisiting the topic of Authoritative Metadata,
>> but with a view on pointing out that it is an architectural antipattern.
>> Information that is essential and authoritative about the processing of
>> a payload should be part of the payload and not external to it. Anything
>> else is brittle and leads to breakage.
>
> That may be desired. Content Security Policies for instance are meant to
> "break" some code injection attacks against generated payloads. They are
> essential and authoritative, and putting them into payloads would defeat
> their purpose to a considerable extent

Indeed, but the difference here is that CSP is metadata attached to a 
resource, whereas the content type really describes the representation.

I think that may provide a useful operative distinction for improving 
this finding.

-- 
Robin Berjon - http://berjon.com/ - @robinberjon
Received on Friday, 1 March 2013 09:45:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 1 March 2013 09:45:41 GMT