W3C home > Mailing lists > Public > public-webappsec@w3.org > February 2015

Re: WebAppSec re-charter status

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Fri, 13 Feb 2015 12:18:59 +0100
To: Brad Hill <hillbrad@gmail.com>
Cc: David Ross <drx@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <t3nrdat0h3ngsks0u03qjkj2i8erk52h0l@hive.bjoern.hoehrmann.de>
* Brad Hill wrote:
>On Thu Feb 12 2015 at 5:16:07 PM Bjoern Hoehrmann <derhoermi@gmx.net> wrote:
>> If "EPR" is redundant with existing features, why is it being proposed?

>I don't think EPR is more important than preserving linking on the web, but
>I don't think it's useless, either.  I guess I feel like the things driving
>each are different.  If sites think that deep linking is economically
>harmful to them, they are already motivated to  aggressively deploy
>existing tools and techniques to attack it.  Adding a slightly cheaper way
>to accomplish some of the same goals won't change the outcomes much for
>that population.

That does not really answer my question. It seems to me the argument is,
paraphrasing, "existing entry point regulation features work great, so
adding more should not be a concern; but we should add more of them be-
cause the existing features do not work so great after all".
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
D-10243 Berlin · PGP Pub. KeyID: 0xA4357E78 · http://www.bjoernsworld.de
 Available for hire in Berlin (early 2015)  · http://www.websitedev.de/ 
Received on Friday, 13 February 2015 11:19:31 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:10 UTC