- From: Eric J. Bowman <eric@bisonsystems.net>
- Date: Sat, 2 Oct 2010 18:44:10 -0600
- To: Adam Barth <w3c@adambarth.com>
- Cc: Julian Reschke <julian.reschke@gmx.de>, Bjoern Hoehrmann <derhoermi@gmx.net>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Adam Barth wrote: > > As far as I can tell, your entire message is beating up on a strawman. > I haven't proposed any of the things you're shooting down. > I'm shooting down the notion of standardizing nonconformant syntax, which isn't a strawman if it's exactly what you proposed: > > >> > >> Given that browsers are going to interpret nonconformant syntax, > >> I'd rather live in a world in which they all did it the same way. > >> That world is more predictable, which is better for security, and > >> easier for new entrants to the market because those new entrants > >> don't need to reverse engineer existing implementations. Fewer > >> barriers to entry means more competition, which means users get a > >> better browser product. > >> > Because your rationales are strawmen -- you can't prove a negative, i.e. state that any interpretation of nonconformant syntax is more secure than ignoring it; or that in order to be competitive, browsers must interpret nonconformant syntax. It seems to me that it would be a lower barrier of entry to only interpret conformant syntax, and that the reduced complexity would result in a better product. That's just dueling opinions, you have failed to provide a technical argument in support of standardizing how nonconformant syntax is to be parsed. -Eric
Received on Sunday, 3 October 2010 00:44:57 UTC