- From: Kendall Clark <kendall@monkeyfist.com>
- Date: Tue, 17 Jan 2006 16:29:42 -0500
- To: Graham Klyne <GK@ninebynine.org>
- Cc: public-rdf-dawg-comments@w3.org
On Sep 16, 2005, at 9:31 AM, Graham Klyne wrote: > I would probably focus any such suggestions on security mechanisms, > and leave the policy specification/decision mechanisms to be > application-dependent. The latest editor's draft of the protocol spec removes all privacy policy discussion. Is that responsive to yr comments about over- prescriptivity? >>> Also on the subject of security considerations, I think it would >>> be worth mentioning the problems of spoofed server responses, and >>> suggesting use of mechanisms that allow the client to >>> authenticate the SPARQL query server and/or results. It also >>> occurs to me that the query processor may need to be able to >>> relay authenticating information from a back-end or 3rd-party >>> information source. >> Okay, spoofing servers (especially via IRI hacks) also seems worth >> mentioning. It also includes language about IRI spoofing. Thanks for yr comments, Graham. Cheers, Kendall Clark
Received on Tuesday, 17 January 2006 21:30:09 UTC