- From: <matt.garrish@gmail.com>
- Date: Tue, 17 Jan 2023 20:11:19 -0400
- To: "'Liam R. E. Quin'" <liam@fromoldbooks.org>, "'John Foliot'" <john@foliot.ca>, <public-epub3@w3.org>, <public-publishingcg@w3.org>, <epub-higher-education@lists.daisy.org>
> A URL in a long-lived document can have the problem that the original owner stopped paying for it and it now serves malware or phishing pages. So there can be security implications. Yes, absolutely, and we do briefly mention this issue in the threat model section[1] in the EPUB 3.3 spec (under linking to external resources), although we're not able to offer great solutions for it. Anything that requires passing through the vendor/publisher to get to the destination then brings in privacy issues, as Leonard has already alluded to. And assumes they're still around and their domain hasn't been taken over... [1] https://www.w3.org/TR/epub-33/#epub-threat-model Matt -----Original Message----- From: Liam R. E. Quin <liam@fromoldbooks.org> Sent: January 17, 2023 5:32 PM To: John Foliot <john@foliot.ca>; public-epub3@w3.org; public-publishingcg@w3.org; epub-higher-education@lists.daisy.org Subject: Re: Seeking *opinions* as part of a larger research issue. A URL in a long-lived document can have the problem that the original owner stopped paying for it and it now serves malware or phishing pages. So there can be security implications. These can be avoided by using example.org, but if there's significance in the text of the URL that likely doesn't work. Yes, they should be marked up as code, not as links, as there's no expectation of traversing them and they are not expressing a link relationship between the context in which they are embedded and the resource they may or may not represent. So to some extent i think this follows from Web architecture and probably the HTML spec. liam -- Liam Quin, https://www.delightfulcomputing.com/ Available for XML/Document/Information Architecture/XSLT/ XSL/XQuery/Web/Text Processing/A11Y training, work & consulting. Barefoot Web-slave, antique illustrations: http://www.fromoldbooks.org
Received on Wednesday, 18 January 2023 00:11:34 UTC