Re: ACM Queue article on Web Security

Right!  I was not talking about browser policy.  I was talking about 
data access policies in the Web.
See Tim's article: 
http://news.zdnet.co.uk/security/0,1000000189,39626896,00.htm
All the best, Ashok


David Orchard wrote:
> I don't understand what you mean that the thinking seems to be moving
> away from policy enforcement.  Seems to me that browsers are doing
> more policy enforcement with the addition of the W3C cross origin
> resource sharing. http://www.w3.org/TR/2009/WD-cors-20090317/
>
> That is indeed in the browser, but it is about security of web resources.
>
> Cheers,
> Dave
>
> On Thu, Apr 2, 2009 at 4:23 PM, ashok malhotra
> <ashok.malhotra@oracle.com> wrote:
>   
>> See, also, Tim on security on the Semantic Web
>> http://news.zdnet.co.uk/security/0,1000000189,39626896,00.htm
>>
>> The article you pointed to, Noah, was about security on the browser while
>> this is
>> about security on the Web and we may do well by distinguishing them because
>> the issues are
>> different.
>>
>> On the Web, the thinking seems to be moving away from policy enforcement,
>> which has proved to be challenging, to access transparency or policy
>> accountability.
>>
>> All the best, Ashok
>>
>>
>> noah_mendelsohn@us.ibm.com wrote:
>>     
>>> FYI: ACMQueue has an article [1] on Web security, which is one of the
>>> areas the TAG has considered [2] diving into more deeply.  The article is at
>>> a survey level, but may be of interest anyway.
>>>
>>> Noah
>>>
>>> [1] http://queue.acm.org/detail.cfm?id=1516164
>>> [2] http://www.w3.org/2001/tag/2009/03/priorities_e.jpg
>>> [3]  http://www.w3.org/2001/tag/2009/03/05-whiteboard-priorities.txt
>>>
>>> --------------------------------------
>>> Noah Mendelsohn IBM Corporation
>>> One Rogers Street
>>> Cambridge, MA 02142
>>> 1-617-693-4036
>>> --------------------------------------
>>>
>>>
>>>
>>>
>>>
>>>
>>>       
>>

Received on Thursday, 2 April 2009 23:55:19 UTC