- From: Tobie Langel <tobie@w3.org>
- Date: Fri, 18 Oct 2013 11:01:25 +0200
- To: Mete Balcı <Mete.Balci@pozitron.com>
- Cc: Dominique Hazael-Massieux <dom@w3.org>, Bruce Lawson <bruce@brucelawson.co.uk>, "public-web-mobile@w3.org" <public-web-mobile@w3.org>
On Friday, October 18, 2013 at 10:50 AM, Mete Balcı wrote: > Although I completely agree with your comments about (2), the regulatory bodies even sometimes request this (obfustcation) as a level of protection/security. I've actually read the opposite (e.g. NIST recommends against security by obscurity[1]). Pointers to actual body of law that make obfuscation a requirement would be useful. --tobie --- [1]: http://csrc.nist.gov/publications/nistpubs/800-123/SP800-123.pdf
Received on Friday, 18 October 2013 09:00:24 UTC