[Bug 125] COPY_INTO_YOURSELF_CLARIFY from bugzilla@soe.ucsc.edu on 2005-12-14 (w3c-dist-auth@w3.org from October to December 2005)

From: <bugzilla@soe.ucsc.edu>
Date: Wed, 14 Dec 2005 11:37:29 -0800
To: w3c-dist-auth@w3.org
Message-Id: <200512141937.jBEJbTBN025427@ietf.cse.ucsc.edu>

http://ietf.cse.ucsc.edu:8080/bugzilla/show_bug.cgi?id=125

ejw@cs.ucsc.edu changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         AssignedTo|joe-bugzilla@cursive.net    |lisa@osafoundation.org



------- Additional Comments From ejw@cs.ucsc.edu  2005-12-14 11:37 -------
Discussed during the 12/14/2005 teleconference.

Consensus on the call is to add an implementation note stating that servers
should be aware that a copy depth infinity of /A/ into /A/B/ can lead to
infinite recursion if not handled. Servers that handle this incorrectly might
find that this can be used as a denial of service attack on the server.

Assigning to Lisa to add text to the specification on this.



------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

Received on Wednesday, 14 December 2005 19:38:24 UTC