W3C home > Mailing lists > Public > www-tag@w3.org > January 2012

The Science of Insecurity

From: Henry Story <henry.story@bblfish.net>
Date: Fri, 6 Jan 2012 18:05:05 +0100
Message-Id: <9DD418D0-476D-406F-9696-3E6CF0E8F093@bblfish.net>
To: "www-tag@w3.org List" <www-tag@w3.org>
At the recent Chaos Communication Congress in Berlin, there was a very interesting presentation entitled
"The Science of Insecurity" which can be seen online http://www.youtube.com/watch?v=3kEfedtQVOY

This may not be news for people in the security space, and it may be better and more elegantly explained 
elsewhere. But it seems to have some interesting repercussions on web architecture.

For one it does make the case for simplicity and clarity (non-ambiguity) of languages and protocols.
This is what is said here
But the video gives a security perspective on this, which could be very useful.

This the raises the question as to how each of the elements of the web stack fit the requirements
given in the talk. So how complex are the languages produces by the w3c exactly? Which ones are turing complete? [1] Which ones not? 

Perhaps bringing out some of these aspects more clearly would help clarify why simplicity is important, in a way that appeals to education don't do so well. 


[1] Apparently html5+css3 is turning complete for example

Social Web Architect
Received on Friday, 6 January 2012 17:05:37 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:56:42 UTC