Re: ISSUE-16 (ArtB): AC: Add some rationale to the Introduction [Access Control]

On Thu, 20 Sep 2007 15:40:08 +0200, Anne van Kesteren <annevk@opera.com>  
wrote:
> I've added some rationale to the introduction. But I haven't yet  
> indicated how an implementation could potentially become less secure. I  
> suppose we could point out that naive implementations (and  
> specifications defining how to interact with this spec) will do all  
> kinds of information leakage such as port scanning because progress  
> events are dispatched etc. and that people should be cautious with that.  
> Hmm.

I made this a bit more clear in the security considerations section.


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>

Received on Thursday, 20 September 2007 14:25:01 UTC