- From: Nick Kew <nick@webthing.com>
- Date: Tue, 18 Mar 2003 00:16:26 +0000 (GMT)
- To: David Woolley <david@djwhome.demon.co.uk>
- cc: w3c-wai-ig@w3.org
On Mon, 17 Mar 2003, David Woolley wrote: > it recently. However, there is another issue here in that forging > a User Agent in order to access a banking system could be considered > fraud, Erm, the HTTP spec is very clear about NOT relying on user agent strings. If you get round their so-called security by faking one, how is anyone going to make a case that the fault is with anyone other than the idiots who ignored the spec in the first place? > noted that earlier versions of Lynx SSL don't authenticate the web site, > making them vulnerable to man in the middle attacks. ISTR the same is true of several browsers, including not least MSIE. > Faking may also violate trademarks and/or copyrights and does result in > Lynx being under-recorded as as source of web accesses. Stats are a lost cause, when so many users of highly-capable minority browsers like Opera and Konqueror take the line of least resistance. > I am not a lawyer; this is not legal advice. Ditto. -- Nick Kew
Received on Monday, 17 March 2003 19:16:35 UTC