Re: Questions about draft-abarth-mime-sniff-00

On Mon, Apr 6, 2009 at 1:07 PM, Lisa Dusseault
<lisa.dusseault@messagingarchitects.com> wrote:
> That makes more sense now.  It might be nice to specifically mention that
> the threat model assumes that the server can lie about Content-Type anyway,
> and in the security considerations warn that a server might trick clients
> into handling one content type as another if the client isn't careful.

Thanks.  I've added this note to the draft.  Let me know if you'd like
more exposition here.

Adam

Received on Saturday, 30 May 2009 22:57:13 UTC