- From: Uche Ogbuji <uche@ogbuji.net>
- Date: Tue, 11 Sep 2012 07:25:11 -0600
- To: public-microxml@w3.org
Received on Tuesday, 11 September 2012 13:25:45 UTC
MicroXML happens to close some of the more notorious security holes associated with XML: the billion laughs attack from external entity processing and CDATA injection. Is it worth making a statement in the spec that we believe its simplifications also improve security in dealing with MicroXML on networks? The idea of a MicroXML RFC has come up and in that case we'd have to make some sort of statement on security, anyway. -- Uche Ogbuji http://uche.ogbuji.net Founding Partner, Zepheira http://zepheira.com http://wearekin.org http://www.thenervousbreakdown.com/author/uogbuji/ http://copia.ogbuji.net http://www.linkedin.com/in/ucheogbuji http://twitter.com/uogbuji
Received on Tuesday, 11 September 2012 13:25:45 UTC