- From: Arthur Barstow <art.barstow@nokia.com>
- Date: Mon, 24 Sep 2007 07:14:44 -0400
- To: Anne van Kesteren <annevk@opera.com>, Stuart Williams <skw@hp.com>
- Cc: public-appformats@w3.org
Stuart - FYI, Anne added text to the latest Editor's Draft of the Enabling Read Access for Web Resources to address comments you submitted on 29 August. This Draft is available at: <http://dev.w3.org/2006/waf/access-control/> Regards, AB Begin forwarded message: > Resent-From: public-appformats@w3.org > From: "ext Anne van Kesteren" <annevk@opera.com> > Date: September 20, 2007 9:40:08 AM EDT > To: "WAF WG (public)" <public-appformats@w3.org> > Subject: Re: ISSUE-16 (ArtB): AC: Add some rationale to the > Introduction [Access Control] > > > On Tue, 04 Sep 2007 15:39:24 +0200, Web Application Formats Working > Group Issue Tracker <sysbot+tracker@w3.org> wrote: >> ISSUE-16 (ArtB): AC: Add some rationale to the Introduction >> [Access Control] >> >> http://www.w3.org/2005/06/tracker/waf/issues/ >> >> Raised by: Arthur Barstow >> On product: Access Control >> >> Raised by: TAG (via Stuart Williams) >> See: http://lists.w3.org/Archives/Public/public-appformats/2007Aug/ >> 0025.html > > I've added some rationale to the introduction. But I haven't yet > indicated how an implementation could potentially become less > secure. I suppose we could point out that naive implementations > (and specifications defining how to interact with this spec) will > do all kinds of information leakage such as port scanning because > progress events are dispatched etc. and that people should be > cautious with that. Hmm. > > > -- > Anne van Kesteren > <http://annevankesteren.nl/> > <http://www.opera.com/> >
Received on Monday, 24 September 2007 11:15:28 UTC