- From: Brad Neuberg <bkn3@columbia.edu>
- Date: Fri, 22 Apr 2005 16:13:14 -0700
Do you have an idea of what the threat model might be? I.e. who is attacking, why are they attacking, and how will they usually be attacking. Brad At 12:27 PM 4/22/2005, Ian Hickson wrote: >On Fri, 22 Apr 2005, Brad Neuberg wrote: > > > > In fact, we should do a security, phishing, and annoyance scan (blink > > tag anyone?) over the WHAT-WG draft itself sometime, forming a threat > > model before so we know what potential attackers would actually be > > trying to do. > >Yes, this would (naturally) be a good idea. I encourage anyone who has the >time to do this regularly. > >(Of course, I'm thinking carefully about security whenever adding features >to the draft, so hopefully there won't be any! But there always are...) > >-- >Ian Hickson U+1047E )\._.,--....,'``. fL >http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. >Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.' Brad Neuberg, bkn3 at columbia.edu Senior Software Engineer, Rojo Networks Weblog: http://www.codinginparadise.org ===================================================================== Check out Rojo, an RSS and Atom news aggregator that I work on. Visit http://rojo.com for more info. Feel free to ask me for an invite! Rojo is Hiring! If you're interested in RSS, Weblogs, Social Networking, Java, Open Source, etc... then come work with us at Rojo. If you recommend someone and we hire them you'll get a free iPod! See http://www.rojonetworks.com/JobsAtRojo.html.
Received on Friday, 22 April 2005 16:13:14 UTC