Re: Excellent IETF BCP on XML

Cart

XML Editor - Download a Free Trial >

See What's New >

Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

To: XML Dev <xml-dev@l...>
Subject: Re: Excellent IETF BCP on XML
From: "Simon St.Laurent" <simonstl@s...>
Date: Fri, 22 Nov 2002 15:41:44 -0500
In-reply-to: <200211222035.26496.miles@m...>

miles@m... (Miles Sabin) writes:
>> So is RDDL now a security risk?
>
>Potentially ... yes.
>
>How many times have we discussed the external entity thing on this list 
>now? Any of the issues with them apply equally here.

Given that RDDL itself contains further links to resources, this
probably needs some kind of direct addressing; "security" doesn't appear
in the current spec.

>And in fact David Megginson warned about the dangers of automagically 
>dereferencing namespace URIs long before RDDL came along,
>
>  http://lists.xml.org/archives/xml-dev/200101/msg00057.html

David's been way ahead of most on these issues.
-- 
Simon St.Laurent
Ring around the content, a pocket full of brackets
Errors, errors, all fall down!
http://simonstl.com -- http://monasticxml.org

References:
- Re: Excellent IETF BCP on XML
  - From: Miles Sabin <miles@m...>

Prev by Date: RE: Excellent IETF BCP on XML
Next by Date: RE: Excellent IETF BCP on XML
Previous by thread: Re: Excellent IETF BCP on XML
Next by thread: RE: Excellent IETF BCP on XML
Index(es):
- Date
- Thread

XML Editor - Download a 15 Day Free Trial Now >

See What's New in Stylus Studio >

Buy Stylus Studio - XML Editor - Now >