Re: tomorrow's agenda (and initial open ISSUES summary.. ) [ISSUE-19]


On 26 Jul 2010, at 14:12, Axel Polleres wrote:


> =======================================================================
> ISSUE-19
> Security issues on SPARQL/UPdate
> The current section in the draft
> is still fairly empty. 
> Do the editors think they have sufficient information to draft this section?
> Did we collect relevant issues already in one place?
> I would like to keep this OPEN until we have a reasonable draft for this section.

By listing security issues in this section, I'm afraid that we will miss some and will had lots of discussions on which ones to / not to add (DOS, Authentication, Insertions, Malicious data, spam, etc. - while some are also related to the protocol)
Actually, I'd rather list none but have a single sentence saying "the specification does not address security concerns related to SPARQL/Update and that implementers and users MUST be aware of security concerns when allowing SPARQL/Update on their dataset".


Dr. Alexandre Passant
Digital Enterprise Research Institute
National University of Ireland, Galway
:me owl:sameAs <> .

Received on Tuesday, 27 July 2010 12:01:49 UTC