- From: Paul McMillan <paul@mcmillan.ws>
- Date: Tue, 30 Aug 2011 15:58:56 -0700
- To: "Hill, Brad" <bhill@paypal-inc.com>
- Cc: "public-web-security@w3.org" <public-web-security@w3.org>
> This isn’t a new idea, but I am curious to hear the opinions on the topic > from the readers on this list. How important is this kind of attack to real > world applications? Are real world web applications stable and well-defined > enough to be identified in a more granular way? It depends on the scale of your application. There is a wide swath of real-world applications that will benefit greatly from this level of granularity. Companies that provide one main service on a single domain will benefit greatly. Open source projects deployed by amateurs will benefit greatly if this can be rolled out cleanly. There are some organizations which will have trouble fitting their infrastructure into this model.
Received on Wednesday, 31 August 2011 16:00:14 UTC