W3C home > Mailing lists > Public > www-xml-linking-comments@w3.org > January to March 2006

Re: XLink 1.1: Security Considerations

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Mon, 23 Jan 2006 21:46:01 +0100
To: Norman Walsh <Norman.Walsh@Sun.COM>
Cc: www-xml-linking-comments@w3.org
Message-ID: <ulfat1lo5nln49u4kqu4ltudgqj0rbrope@hive.bjoern.hoehrmann.de>

* Norman Walsh wrote:
>/ Bjoern Hoehrmann <derhoermi@gmx.net> was heard to say:
>| No, RFC 1738 is obviously very outdated, I would instead expect that the
>| security considerations of RFC 3987 apply, a clear description on which
>| considerations are out of scope, which are in scope, implications of
>| user agents implementing e.g. XLink and XHTML where the same link might
>| go to multiple destinations, probably that UTR #36 applies, that XLink
>| in XML documents is subject to the security considerations of XML and
>| XML media types where applicable, and so on, depending on what is con-
>| sidered in scope and out of scope. It might of course be possible that
>| some of the items above are considered out of scope, but certainly not
>| all of them.
>While the WG recognizes that adding more detailed information about
>security considerations would be valuable, it does not consider such
>additions to be within the narrow scope of its charter for XLink 1.1.
>Consequently, the WG does not expect to make any changes with respect
>to security considerations for XLink 1.1.

That's a pity; do you think it'd be best if I register formal objection
to this response so the issue can be looked at by the Director? Maybe
there is a way for the XML Core Working Group to make the changes it'd
like to make here and it's just been missed so far? I'd imagine there is
always some room in charters to make a good specification, even if not
all relevant details are explicitly mentioned.
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Monday, 23 January 2006 20:45:16 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:25 UTC