- From: Anne van Kesteren <annevk@opera.com>
- Date: Thu, 20 Sep 2007 15:40:08 +0200
- To: "WAF WG (public)" <public-appformats@w3.org>
On Tue, 04 Sep 2007 15:39:24 +0200, Web Application Formats Working Group Issue Tracker <sysbot+tracker@w3.org> wrote: > ISSUE-16 (ArtB): AC: Add some rationale to the Introduction [Access > Control] > > http://www.w3.org/2005/06/tracker/waf/issues/ > > Raised by: Arthur Barstow > On product: Access Control > > Raised by: TAG (via Stuart Williams) > See: > http://lists.w3.org/Archives/Public/public-appformats/2007Aug/0025.html I've added some rationale to the introduction. But I haven't yet indicated how an implementation could potentially become less secure. I suppose we could point out that naive implementations (and specifications defining how to interact with this spec) will do all kinds of information leakage such as port scanning because progress events are dispatched etc. and that people should be cautious with that. Hmm. -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
Received on Thursday, 20 September 2007 13:40:19 UTC