Re: [selectors-api] Security Considerations and stability

On Thu, 27 Jul 2006, Karl Dubost wrote:
> Le 27 juil. 06 à 07:08, Ian Hickson a écrit :
> > On Wed, 26 Jul 2006 karl@w3.org wrote:
> > > 
> > > What is hostile content?
> > 
> > Content that attempts to subvert the implementation.
> 
> Then say it. I think it will help.

I'll leave that up to the editor, but frankly IMHO "hostile content" is a 
perfectly well understandable phrase that says exactly what it means.


> > > How do you test the "remain stable" assertion?
> > 
> > Spot checking, mostly, though this is an area that has a number of 
> > domain experts and, indeed, a community dedicated to finding such 
> > issues.
> 
> Note that we were more than happy to see a security section.

Personally I think that having a separate security section is a bad way of 
designing a spec, since it doesn't encourage you to think of security the 
whole time -- it's better, IMHO, to have security right at the core of the 
specification text. But again, I'll leave that up to the editor.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Thursday, 27 July 2006 01:18:04 UTC